[openssl-users] Regarding SSL_VERIFY_PEER

john gloster glosterj9 at gmail.com
Thu May 4 05:49:29 UTC 2017

Hi Victor and Michael,

Thanks for your respective response.

I need to make sure the following validation happens.

   - subject field in one certificate matches with the issuer field in the
   subsequent certificate
   - no duplicate certificate in the chain
   - basicConstraints : for CA certificate CA must be set to TRUE

                                 pathLenConstraints – checking as per
RFC5280; I want to check even to see no CA with pathLen set 0 is Issuer of
another CA certificate

   - validity period check
   - revocation status check
   - keyUsage : Eg. to make sure *keyCertSign *indicator set for the CA
   certificates in the chain
   - Criticality check
   - Signature validation

As per RFC5280, subjectKeyIdentifier and authorityKeyIdentifier matching is
not required to be done by application.
Section <https://tools.ietf.org/html/rfc5280#section->.

“Applications are not required to verify that key identifiers match when

certification path validation.”

Is it possible to let me know what all from the BULLETED are validated at
OpenSSL level? We are using 1.0.2k

This helps in saving my time required for debugging.



On Wed, May 3, 2017 at 9:57 PM, Michael Wojcik <
Michael.Wojcik at microfocus.com> wrote:

> > From: openssl-users [mailto:openssl-users-bounces at openssl.org] On Behalf
> > Of Viktor Dukhovni
> > Sent: Wednesday, May 03, 2017 06:40
> >
> > For the full verification process see:
> >
> >
> > https://github.com/openssl/openssl/blob/f0ef20bf386b5c37ba5a4ce5c1de9a
> > 819bbeffb2/crypto/x509/x509_vfy.c#L208
> I haven't looked at x509_vfy.c in 1.1.0, but in the 1.0.x code it's fairly
> involved. When I implemented custom chain validation for a product, I
> stepped through the code under the debugger for a handful of different
> cases, to get a better idea of what it was doing. I recommend the exercise
> for anyone who wants to intervene in OpenSSL's chain validation.
> My custom validation code uses the OpenSSL validation callback, making
> some additional checks and allowing some exceptions, based on application
> configuration. I assume John is doing something similar, and not trying to
> implement chain validation from scratch. I definitely wouldn't recommend
> that, given the Byzantine complexity of X.509v3 PKI, unless you really must
> (e.g. because you want a non-hierarchical PKI topology).
> Michael Wojcik
> Distinguished Engineer, Micro Focus
> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20170504/c16712f7/attachment.html>

More information about the openssl-users mailing list