Yes, you should be throwing
TlsFatalAlert(AlertDescription.bad_certificate), but it does seem the
propagation of that to the caller could stand some improvement. The
error handling wasn't originally exception-based, so there are these
loose ends still. We're open to suggestions...
If you are looking for a short-term escape hatch, there is a UserObject
property on TlsClientContext (passed to the TlsClient via Init), so you
might be able to work with that?
Regards,
Pete Dettman
On 11/02/2013 10:56 AM, John Allberg wrote:
Hi!
I'm currently implementing a TLS client for some custom certificate
validation but don't understand how certificate validation errors is
supposed to propagate.
I've created a class, BcTlsClient, that inherits from
DefaultTlsClient. In the GetAuthentication method I supply another
class, BcTlsAuthentication, that implements the TlsAuthentication
interface.
I get the server certificate in the NotifyServerCertificate method and
I'm able to verify the certificate. For an untrusted CA it seems I
should throw new TlsFatalAlert(AlertDescription.bad_certificate), but
that is being caught in TlsProtocolHandler->SafeReadData and
propagated as IOException with message "/Internal TLS error, this
could be an attack/", which might not be the most informative message
when the certificate isn't trusted. J
How am I supposed to handle those problems, not trusted, expired and
so on?
Best regards,
John
