[openssl-users] (Probably) Silly Application Programming Question

Karl Denninger karl at denninger.net
Wed Jan 13 16:19:11 UTC 2016


Unfortunately I need a bit more than that.

I have two things I'm trying to accomplish, both in the context of
checking a client that is connecting to the server:

1. The OpenSSL code by default does not check the OCSP revocation
servers when validating a certificate, and I haven't found a "built in"
way to do that.  Thus, I need to pull out the OCSP responder location
from the certificate and check it myself.  In this particular
application the certificates all come from a private CA which has an
OCSP server associated with it, and if a certificate is revoked it's
important that it be immediately invalidated.  I also wish to have the
server operator be given the choice of either allowing the connection to
proceed if the OCSP server fails to respond (e.g. is offline
temporarily) or to drop the connection.

2. The server has both a "name" (which is usually a shorter version of
the hostname; a short "nickname" is nice from a user interface
perspective) it expects to connect and a password.  While I could simply
rely on the presentation of that from the client theft of that tuple
would allow any valid certificate-bearing client to impersonate a
different client. I can significantly harden against that risk by adding
the SAN hostname to the database of names and passwords; now to be
considered when the credential is presented the cert associated with
that peer has to contain a SAN extension containing the expected DNS
name as well.  Thus, if you manage to steal a set of login credentials
unless you *also* steal the certificate and key associated with it what
you managed to get your hands on is worthless.

I've got #2 working and am working on #1; it doesn't look all that awful
to implement.

On 1/13/2016 06:50, Michel wrote:
>
> Hi Karl,
>
>  
>
> I believe it could be helpful to have a look at the 509_check_host()
> and do_x509_check() source code in crypto\x509v3\v3_utl.c.
>
> Also, if you want to parse the SAN just for certificate validation, it
> is now easier to use :
>
> https://www.openssl.org/docs/manmaster/crypto/X509_VERIFY_PARAM_set_flags.html
>
>  
>
> Hope this helps,
>
>  
>
> Regards,
>
>  
>
> Michel.
>
>  
>
> *De :*openssl-users [mailto:openssl-users-bounces at openssl.org] *De la
> part de* Karl Denninger
> *Envoyé :* lundi 11 janvier 2016 04:08
> *À :* openssl-users at openssl.org
> *Objet :* Re: [openssl-users] (Probably) Silly Application Programming
> Question
>
>  
>
> Yeah, now I just have to figure out how to parse the X509 Extension
> data from the certificate to pull out the SubjectAltName
> information.... :-)
>
> There wouldn't be a snippet of code laying around somewhere that does
> that given a X509 cert as input would there?  It looks a bit arcane....
>
>  
>
>
>
> _______________________________________________
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

-- 
Karl Denninger
karl at denninger.net <mailto:karl at denninger.net>
/The Market Ticker/
/[S/MIME encrypted email preferred]/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20160113/9d1b32c3/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2996 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20160113/9d1b32c3/attachment.bin>


More information about the openssl-users mailing list