X509_get_pubkey() in OpenSSL 3.0?

Viktor Dukhovni openssl-users at dukhovni.org
Wed Nov 3 21:25:27 UTC 2021 

On Wed, Nov 03, 2021 at 08:32:43PM +0000, Jason Schultz wrote:

> To summarize, at application start time I read in all of the
> certificates in /etc/ssl/certs/ to a trusted store created with
> X509_STORE_new().
> 
> When getting ready to "start" a server (again, leaving a lot of
> specifics out to avoid getting bogged down in details), I'm doing the
> processing in the previous messages on this thread. Here are the API
> calls again, with the changes previously discussed:
> 
>     ctx = SSL_CTX_new_ex(non_fips_libctx, NULL, TLS_method());
>     SSL_CTX_use_PrivateKey_file(ctx,<keyfile>,SSL_FILETYPE_PEM);
>     SSL_CTX_use_certificate_file(ctx,<certfile>,SSL_FILETYPE_PEM);
>     SSL_CTX_check_private_key(ctx);
>     mycert = SSL_CTX_get0_certificate(ctx);
>     pkey = X509_get_pubkey(mycert);
> 
>  After that's done, I make several OpenSSL calls to get things set up the way I want:
> 
>         param = X509_VERIFY_PARAM_new();
>         X509_VERIFY_PARAM_set_flags(param, X509_V_FLAG_PARTIAL_CHAIN);
>         X509_STORE_set1_param(ssl_trusted_certs, param);
>         X509_VERIFY_PARAM_free(param);
> 
> I call these to treat intermediate certs as trust-anchors, so I can
> trust an intermediate certificate; ssl_trusted_certs is the
> aforementioned X509_STORE.

I am puzzled as to you working so hard (writing a bunch of low-level
trust-store and chain construction code) to construct at runtime, what
could be created statically at chain file construction time.  Especially
if you stick with best practice and keep certificate lifetimes
reasonably short (~90 days or less, not years).  The certificate chain
file constructed at the time the certificate is issued should work
unchanged for the lifetime of the certificate, and the server
applications can avoid having to execute any chain construction or
verification code.

Yes, you're asking somewhat "interesting" questions, in that, e.g., I am
not up to speed on all the changes in 3.0.0, and perhaps there are
indeed some issues around legacy SHA1 signatures, but I do suspect that
a more productive use of your time is likely to reconsider the decision
to work at such a low layer.  It may be wiser to find a way to "unask"
the question, i.e. make it moot, by avoiding rather than solving the
problem.

> I'm not clear on if the calls I've added to
> SSL_CTX_get0_certificate(ctx) and X509_get_pubkey(), the latter of
> which was being used before, are what's causing the problem. The
> OpenSSL error queue shows the following on the
> SSL_CTX_build_cert_chain() failure:
> 
> 00B741558E7F0000:error:0308010C:digital envelope routines:(unknown function):unsupported:crypto/evp/evp_fetch.c:346:Global default library context, Algorithm (SHA1 : 96), Properties (<null>)
> 00B741558E7F0000:error:03000072:digital envelope routines:(unknown function):decode error:crypto/x509/x_pubkey.c:444:
> 00B741558E7F0000:error:03000072:digital envelope routines:(unknown function):decode error:crypto/x509/x_pubkey.c:444:
> 00B741558E7F0000:error:0580006C:x509 certificate routines:(unknown function):unable to get certs public key:crypto/x509/x509_vfy.c:1986:
> 00B741558E7F0000:error:0A000086:SSL routines:(unknown function):certificate verify failed:ssl/ssl_cert.c:905:Verify error:unspecified certificate verification error

I haven't seen these before, your guess is as good as mine.

-- 
    Viktor.

More information about the openssl-users mailing list