[openssl-dev] OpenSSL version 1.1.0 pre release 2 published

Viktor Dukhovni openssl-users at dukhovni.org
Thu Jan 14 18:31:01 UTC 2016


On Thu, Jan 14, 2016 at 06:47:49PM +0200, Jouni Malinen wrote:

> Many of the negative test cases that verify that server certificate
> chain validation works by using mismatching trust roots (i.e., server
> certificate is not issued by any of the trusted CA certificates) are
> failing.

You should be able to test chains with "openssl verify(1)".  This
runs X509_verify_cert() in pretty much the same manner as with a
live TLS connection.

    # Trusted root set and matching purpose:
    $ openssl verify \
	-trusted rootcert.pem \
	-untrusted rootcert.pem -untrusted cacert.pem \
	-purpose sslserver eecert.pem; echo $?
	eecert.pem; excho $?
    eecert.pem: OK
    0

    # No trusted root
    $ openssl verify \
	-untrusted rootcert.pem -untrusted cacert.pem \
	-purpose sslserver eecert.pem; echo $?
    CN = Issuer CA
    error 20 at 1 depth lookup: unable to get local issuer certificate
    error eecert.pem: verification failed
    2

    # Wrong purpose
    $ openssl verify \
	-trusted rootcert.pem \
	-untrusted rootcert.pem -untrusted cacert.pem \
	-purpose sslclient eecert.pem; echo $?
    CN = example.com
    error 26 at 0 depth lookup: unsupported certificate purpose
    error eecert.pem: verification failed
    2

Instead of "-trusted" you can use "-CAfile" and/or "-CApath" as
usual, but "-trusted" gives more precise control, because then
*only* the certs in that file are trusted, otherwise the default
verify locations may also be in play.

It would be great if you could reproduce any failures outside of
EAP, just by checking the chain.

> OpenSSL allows the TLS handshake to be completed with the
> verify callback (set with SSL_set_verify(ssl, SSL_VERIFY_PEER, func))
> reports preverify_ok=1 and err=0 for the root CA and the server
> certificate even though the client side has not configured that root CA
> as trusted. 

Please send the chain, and the trust store certificates.  Are you
using CAfile/CApath/both?

> Is there really an intentional change in OpenSSL
> requiring something additional to be done to configure peer certificate
> validation to result in failure with the latest pre release?

No, but the implementation has changed considerably, for the better
in terms of code maintainability, but new issues are a possibility.

-- 
	Viktor.


More information about the openssl-dev mailing list