[openssl-users] SSL_CTX_set_cert_verify_callback and certificate access

Thu Jan 10 02:54:30 UTC 2019

I'm working on an application using openssl, and I would like to set 
some things up for verification based upon information in the 
certificate.  Unfortunately, from what I can tell, there is no way to do 
this.  (Maybe it's not a good idea.  Not sure.)

What I would like to do is pull out some information from the 
certificate that is being verified, set/modify the verify store based 
upon that information (basically chose the CA based upon something in 
the certificate.  What I really need is X509_STORE_CTX_get_cert(), but 
that function does not exist, and there's no way to get ctx->cert from 
what I can tell.  It's not available with SSL_get_peer_certificate at 
the point where the cert verify call is done.

It would also be nice to be able to replace the verify store in the 
X509_STORE_CTX, or empty it, but I haven't looked too hard at that.

More details on what I am trying to do follow, in case you are interested...

I am the maintainer for ser2net, a program that allows network 
connections to connect to serial ports.  People have asked for login 
security, but I refuse to transmit passwords like this over the network 
in the clear.  But, in reality, people are logging in over this 
interface, and it has bothered me for a while.  So, I've been looking at 
adding security.  I have rewritten ser2net to split it into two parts: a 
library that does general-purpose stream I/O to handle all the 
connections and the serial ports, and the main handling and 
configuration.  The library (called gensio) is a layered system, so you 
have TCP/UCP/SCTP/stdio/serial/IPMIsol available as low-level 
interfaces.  Then you have filter layers on top, like SSL and telnet.  
So you can create an SCTP connection, put SSL on top of that, then put 
telnet on top of that, for instance.  I already have basic SSL support 
working.

My first inclination for a secure connection was to use ssh. However, 
ssh is not as well suited for this as I would have liked, and all the 
ssh libraries are tied to a file descriptor in ways that are not easily 
fixable, and thus can't be used on top of an abstract connection, which 
is what I need.  That was rather disappointing, as it would have been 
really nice to for users to just be able to ssh to ser2net.

So now I'm looking at doing something like what ssh does, but with 
openssl. Unfortunately, SSL has no concept of a userid and I would like 
to have it verify certificates from different stores based upon a 
userid.  I've come up with the following options:

 1. Send the userid in a lower layer filter so it is transmitted before
    ssl starts up.  This means the userid is not authenticated in any
    way, which seems like a bad idea.
 2. Set the userid in the certificate and use client authentication to
    authenticate the user logging in.  Set the username in the CN field
    of the certificate so it can't be changed, extract that and set the
    CA before verification.  This is what I'm currently trying to do,
    and I keep running into roadblocks.
 3. Create a filter layer that can sit on top of SSL that will basically
    do what SSL client authentication does, except it can get the userid
    as the first part of the data and then run the authentication from
    there.  This is definitely doable, and then the userid is
    transmitted encrypted (which seems nice) but it's duplicating some
    fairly complex code that would already be done for me by openssl.

I am afraid I am going to be stuck with option 3, which is not terrible, 
I suppose.  But does anyone have any ideas here?

Thanks,

-corey