On Wed, Sep 17, 2003, Mats Nilsson wrote: > Hi > > Using OpenSSL-0.9.7b. > > We are building an application where we want to have a flexible model > for certificate trust. In essence, we want to be able to say: > > CA0 (self signed) is explicitly trusted > CA1 (signed by CA0) is explicitly trusted > CA2 (signed by CA1) is neutral > Leaf cert 1 (signed by CA2) is explicitly distrusted > Leaf cert 2 (signed by CA2) is neutral > > Should we attempt to verify Leaf cert 1, this should fail immediately, > since it is explicitly distrusted. > Verification for Leaf cert 2 should proceed all the way up to CA1 before > a verdict can be delivered. CA0 validity should not be verified at all. > In other words, we would like to cut the verification short at CA1. > > In a more realistic example, we would like to mark the Leaf cert as > explicitly trusted, and verification should not consider checking the > root ca, regardless of its trust setting, revocation status etc. > > Why would we want to do this? Consider for instance a case where we > don't generally trust a particular CA, but we do trust a subset of its > issued leaf certificates. > > Anyway, leaf and CA certificates and our extra attributes are stored in > a database, and we have a custom X509_LOOKUP method to look them up. > During chain validation, these extra attributes are held in a cache > available through the X509_STORE ex_data member, and we can look them up > given the corresponding X509. > > I've tried to override the check_issued method, and faking a positive > response when reaching a certificate with an explicit (dis-)trust > attribute, but this approach fails somehow in other parts of the chain > verification and built-in trust verification. > > > My question boils down to this: > > What is the normal way to make a chain verification terminate at a > certificate that is not self-signed (even though there might be such > certificates present in an incoming S/MIME message that we are > verifying). > >
The trust settings are already present in OpenSSL 0.9.7 and later in the X509 structure. However the current verify code only takes note of them in the root CA. For S/MIME you have several options. You can disable its internal verifcation and do whatever you want instead for example. Steve. -- Dr Stephen N. Henson. Core developer of the OpenSSL project: http://www.openssl.org/ Freelance consultant see: http://www.drh-consultancy.demon.co.uk/ Email: [EMAIL PROTECTED], PGP key: via homepage. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
