Hello, I am integrating OpenSSL X.509 functionality to an embedded system (first use will be for SSH authentication), which presents a unique set of problems. As I stated in an earlier post, certificate revocation checking will be performed by OCSP and not CRLs due to limited storage capacity.
My current implementation is up and running just fine. However due to distribution (I'm in a multi-slot chassis) and redundancy reasons I would like to move away from my flash based file system which is currently used to store my trusted and untrusted certificates (i.e., ca-bundle.crt and authorized_users2 files). Internally, I now store all of the certificates in pair of STACK_OF(X509) structures, one for trusted certs and one for untrusted. STACK_OF(X509) * my_trusted; /* Certs which would have been in ca-bundle.crt */ STACK_OF(X509) * my_untrusted; /* Certs which would have been in authorized_users2 */ Because I am removing the ca-bundle.crt and authorized_users2 files, my X509_STORE now has no way to load certificates. I get around this by supplying my certificate stacks each time I allocate a new X509_STORE_CTX: X509_STORE sshX509CACertStore; X509_STORE_CTX * pStoreCtx; ... pStoreCtx = X509_STORE_CTX_new(); X509_STORE_CTX_init (pStoreCtx, sshX509CACertStore, pX509, my_untrusted); X509_STORE_CTX_trusted_stack(pStoreCtx, my_trusted); .... This works fine and dandy until it comes time to verify the OCSP signing certificate. I pass my X509_STORE (which contains no cert lookup methods) and stack of trusted certs to OCSP_basic_verify() as follows: unsigned long flags = 0; i = OCSP_basic_verify(bs, my_trusted, sshX509CACertStore, flags); OCSP_basic_verify() correctly uses my "certs" to find the OCSP signing certificate's issuer, but then goes off and creates a brand new X509_STORE_CTX which can't access any of my certificates, trusted or untrusted. This causes the OCSP_basic_verify()'s subsequent call to X509_verify_cert() to fail. I have found 2 ways to "solve" this problem. First, I can bypass certificate verification altogether by setting the OCSP_TRUSTOTHER flag (and OCSP_NOINTERN as well for good measure). However, I am unsure if this is a "safe" thing to be doing. Do I lose any security by not verifying a trusted OCSP signing certificate? Second, I can remove the call to X509_STORE_CTX_trusted_stack() and instead manually feed my trusted certificates into the X509_STORE by calling X509_STORE_add_cert() each time a new certificate is added (via a command line interface - again, I am not using files for certificate storage). This adds the certificate to X509_STORE's trusted certificate cache, making them available to all X509_STORE_CTXs (including the one allocated by OCSP_basic_verify()). This raises a couple of questions: First, do I need to worry about certificates on the X509_STORE's certificate cache ever being "flushed"? Second, is there a way to remove an individual certificate from this cache, short of deleting the entire X509_STORE, allocating a new one, and then re-populating the cache? I have both the first and second implementations working, but don't know which is better or if I need to consider another option, such as defining a new X509_LOOKUP_METHOD for my memory based certificate storage. BTW, I'll be dealing with a relatively small set of trusted certificates and no CRLs, so blindly pushing all of my trusted certs onto the X509_STORE's cache shouldn't be an issue. Any guidance would be greatly appreciated. Sincerely, - Mike Siedzik Michael Siedzik | Firmware Engineer Enterasys Networks | A Siemens Enterprise Communications Company Email: msied...@enterasys.com *There is nothing more important than our customers.*