[openssl-users] Problems on authentication during TLS handshake

Tue Jan 8 07:43:47 UTC 2019

Hello everyone,

I’m new at OpenSSL programming and encountered a problem while build TLS connection. I’m working on a crypto chip ATECC508A. So the client private key is stored in the chip and no way to get it out. However during standard TLS handshake, I need to provide client private key by “SSL_CTX_use_private_key()” if server needs to identify the client. Because the server will give a “challenge” to client and client needs to encrypt it by client private key. Then the server will decode it by client public key and check if they match. For your reference: https://en.wikipedia.org/wiki/Transport_Layer_Security#TLS_handshake

I have written my sample client and server code. Everything works fine if I use my own test certificates: selft-signed CA and client cert signed by CA (this means I have the test client cert private key so that I could use SSL_CTX_use_private_key() to import it). 

The problem is here, in ATECC508A, I’m not able to provide private key directly but have API to sign any digests. So I wonder are there any ways to do some “modification” during handshake? I have tried following two ways:

1. Using OpenSSL Engine. I see that we could set our own algorithms inside engine to overwrite original methods. I think signing “challenge” is at EC_KEY_METHOD. So I write an EC_KEY_METHOD engine and load it successful. Besides I print “enter” and “leave” at the beginning and end of every function in EC_KEY_METHOD. When I do some tests using “ECDSA_sign”, I could see “enter” and “leave” printed from my sign_sig and sign function. However if I run TLS connection, nothing printed (except engine initialization log) and authentication failed (obviously). Those means my own sign and verify functions hasn’t been called.

2. Set callback in SSL or SLL_ctx? I have checked the source code of these two structures but not sure how to do that.

Those are what I tried and of course failed every try. :( So could anyone point me what should I do? Maybe I used wrong engine, missed some important callback or others?

Best Regards,

Jim

=========

I post my client test code for your reference:

#include <openssl/ssl.h>
#include <openssl/conf.h>
#include "openssl/eccx08_engine.h"
#include "openssl/eccx08_engine_internal.h"

int main()
{
    static ENGINE *ateccx08_engine;
    OpenSSL_add_all_algorithms();
    ERR_load_crypto_strings();

    PRINTF("ENGINE_load_dynamic");
    ENGINE_load_dynamic();

    printf("CONF_modules_load_file");
    if (!CONF_modules_load_file(NULL, NULL, CONF_MFLAGS_DEFAULT_SECTION))
    {
        printf("Config failed to load");
    }

    printf("ENGINE_by_id");
    ateccx08_engine = ENGINE_by_id("ateccx08");

    if (ateccx08_engine == NULL)
    {
        printf("Engine failed to load");
    }

    // after some initialization

    // load client-side cert and key, signed by intermediate cert
    SSL_CTX_use_certificate_file(m_ctx, ClientCertificateFileTest, SSL_FILETYPE_PEM);

    // no need anymore because no way to extract private key
    // SSL_CTX_use_PrivateKey_file(m_ctx, ClientPrivateKeyFileTest, SSL_FILETYPE_PEM);

    // load intermediate cert, signed by CA
     X509* chaincert = X509_new();
    BIO* bio_cert = BIO_new_file(SignerCertificateFileTest, "rb");
    PEM_read_bio_X509(bio_cert, &chaincert, NULL, NULL);
    SSL_CTX_add1_chain_cert(m_ctx, chaincert)

    m_ssl = SSL_new(m_ctx);

    // get_seocket is my own API
    m_sock = get_socket();

    SSL_set_fd(m_ssl, m_sock)

    // doing handshake and build connection, however no output from ECDSA sign algorithm
    auto r = SSL_connect(m_ssl);
}

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20190107/e9fd7627/attachment-0001.html>