Setting Up CertStore for TLS Verification

Kreissl, Jochen Jochen.Kreissl at vector.com
Mon Jan 30 20:48:38 UTC 2023


Hi Viktor,

thabks for the quick reply.

> Is this context created just once, or once per (SSL *) connection?  Is the server single-threaded or multi-threaded?

I have a 1:1 relation of context and connection,  since it is used in a wrapper around a tcp socket to provide TLS support. When a new socket is created, a new ctx will be created and load the various configuration options, including PKI informationfrom an external API. Not optimal but easy.
Currently ST, but what are the caveats if I need to later go MT?

I have quickly rewritten my configuration steps to only set-up a CTX and then create an SSL upon the first call for do_handshake / send. But, it does.not seem to have solved (all?) of my issues. I still see a handshake (for now only server side auth with Verify_None) and the client fails to verify the server certificate. Need to investigate further, but wanted to reply to you before laying it off for the day.
Any tips on how to load / set the CA and leaf cert + chain are very welcome.

Greetings
Jochen

________________________________
Von: openssl-users <openssl-users-bounces at openssl.org> im Auftrag von openssl-users-request at openssl.org <openssl-users-request at openssl.org>
Gesendet: Montag, 30. Januar 2023, 13:00
An: openssl-users at openssl.org <openssl-users at openssl.org>
Betreff: openssl-users Digest, Vol 98, Issue 23

Send openssl-users mailing list submissions to
        openssl-users at openssl.org

To subscribe or unsubscribe via the World Wide Web, visit
        https://mta.openssl.org/mailman/listinfo/openssl-users
or, via email, send a message with subject or body 'help' to
        openssl-users-request at openssl.org

You can reach the person managing the list at
        openssl-users-owner at openssl.org

When replying, please edit your Subject line so it is more specific
than "Re: Contents of openssl-users digest..."


Today's Topics:

   1. Setting Up CertStore for TLS Verification (Kreissl, Jochen)
   2. Re: Setting Up CertStore for TLS Verification (Viktor Dukhovni)


----------------------------------------------------------------------

Message: 1
Date: Mon, 30 Jan 2023 04:00:13 +0000
From: "Kreissl, Jochen" <Jochen.Kreissl at vector.com>
To: "openssl-users at openssl.org" <openssl-users at openssl.org>
Subject: Setting Up CertStore for TLS Verification
Message-ID:
        <DB3PR0102MB3369CBFFFAC859A57C1E5F27FED39 at DB3PR0102MB3369.eurprd01.prod.exchangelabs.com>

Content-Type: text/plain; charset="windows-1252"

Hi,

I am facing some uncertainties regarding how to properly set up SSL_CTX & SSL structs, so that certificate based, (mutual) authentication works (TLS 1.3).

  *   Certificates are loaded via an external lib and I get them as binary ASN.1. After parsing them into proper openssl X509 structs, I load them into a X509_Store with X509_STORE_add_cert
  *   I use the SSL_CTX_set1_cert_store method to load the thus constructed store into an SSL_CTX
  *   I also use SSL_add_client_CA to add all CA/Roots names to the Server list of available Cas (to be sent to the Client when initiating mutual auth)
  *   I have set the Verify flag to Verify_Peer via SSL_set_verify
  *   An instance's chain cert are added via SSL_add1_chain_cert
  *   An instance's key and leaf cert are added via SSL_use_certificate and SSL_use_PrivateKey respectively

Q1: Is here anything I forget with regards to the general set-up of the verification process?
Q2: Assume the Verification Certificates are loaded into SSL_CTX after an SSL struct was already created from it. Will the SSL struct "know" of the Certificate Store and access it properly? Or would I have to create a new SSL struct from SSL_CTX in order for this configuration to take effect?

Thanks everyone
Jochen
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20230130/bd67e29b/attachment-0001.htm>

------------------------------

Message: 2
Date: Sun, 29 Jan 2023 23:50:03 -0500
From: Viktor Dukhovni <openssl-users at dukhovni.org>
To: openssl-users at openssl.org
Subject: Re: Setting Up CertStore for TLS Verification
Message-ID: <Y9dMe+5859tv6amI at straasha.imrryr.org>
Content-Type: text/plain; charset=us-ascii

On Mon, Jan 30, 2023 at 04:00:13AM +0000, Kreissl, Jochen wrote:

> I am facing some uncertainties regarding how to properly set up
> SSL_CTX & SSL structs, so that certificate based, (mutual)
> authentication works (TLS 1.3).
>
>   *   Certificates are loaded via an external lib and I get them as
>       binary ASN.1. After parsing them into proper openssl X509
>       structs, I load them into a X509_Store with X509_STORE_add_cert
>   *   I use the SSL_CTX_set1_cert_store method to load the thus
>       constructed store into an SSL_CTX

Is this context created just once, or once per (SSL *) connection?  Is
the server single-threaded or multi-threaded?

>   *   I also use SSL_add_client_CA to add all CA/Roots names to the
>       Server list of available Cas (to be sent to the Client when
>       initiating mutual auth)

Do the acceptable CA names vary from connection to connection?  If not,
and the SSL_CTX is shared, why not preload the CA list into the shared
context?

>   *   I have set the Verify flag to Verify_Peer via SSL_set_verify

This can be done last, after all other setup is complete.

>   *   An instance's chain cert are added via SSL_add1_chain_cert
>   *   An instance's key and leaf cert are added via
>       SSL_use_certificate and SSL_use_PrivateKey respectively

Do the key and certificate vary from (SSL *) connection to connection?
If not, why not preload the certificate and private key into the shared
SSL_CTX?

> Q1: Is here anything I forget with regards to the general set-up of
>     the verification process?

Are client certificates unconditionally required?  If so, and you want
to terminate handshakes with anonymous clients promptly, you'll also
want the SSL_VERIFY_FAIL_IF_NO_PEER_CERT flag in SSL_CTX_set_verify()
or SSL_set_verify().  With TLS 1.3, you can alternatively enable
post-handshake authentication by setting the SSL_VERIFY_POST_HANDSHAKE
flag.

> Q2: Assume the Verification Certificates are loaded into SSL_CTX after
>     an SSL struct was already created from it. Will the SSL struct
>     "know" of the Certificate Store and access it properly?

No, that's too late.  SSL connection operations expect the SSL_CTX
to be immutable (apart from its reference count), clone much of
the content, and shallow-copy the rest.  Why would you pre-create
the SSL connection handle???

>     Or would I have to create a new SSL struct from SSL_CTX in order
>     for this configuration to take effect?

A server typically handles more than connection at a time, and ends up
creating SSL connections on the fly, with the context already in place.
The use case for connection before context initialisation is unclear
(and in any case doesn't work).

--
    Viktor.


------------------------------

Subject: Digest Footer

_______________________________________________
openssl-users mailing list
openssl-users at openssl.org
https://mta.openssl.org/mailman/listinfo/openssl-users


------------------------------

End of openssl-users Digest, Vol 98, Issue 23
*********************************************


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20230130/9a47e2ad/attachment.htm>


More information about the openssl-users mailing list