On Tue, Jun 04, 2013 at 04:38:42PM +0200, Dr. Stephen Henson wrote:
> > Note, to implement DANE, I using 1.0.0 or later only. So if with
> > 1.x.y there is a reasonable expectation that libcrypto versions
> > with the same SONAME don't vary in the offset of the "untrusted"
> > member in X509_STORE_CTX, that would be good to know.
>
> Well since 1.0.x have to be binary compatible the structure offset wont
> change.
> Due to the way X509_STORE_CTX is accessed it's can't really be modified at all
> for 1.0.x.
And the SONAME changes for 1.1.x, if the ABI is changed, right?
> > > Will there perhaps be a library feature that exposes the chain
> > > elements to the cert_verify_callback?
> >
> > Any feedback? Is it safe to access (read-only by cloning the chain)
> > ctx->untrusted?
>
> Yes it is. Due to the way ctx->untrusted is used it isn't safe to modify the
> contents of ctx->untrusted: it uses the supplied application chain pointer
> directly and modifying that could have unpredictable results.
I don't intend to change the chain referenced by "untrusted", I
only need read-only access to the original chain to create a new
untrusted chain with a subset of the original elements + some
additional elements. I can then use X509_STORE_CTX_set_chain()
to set ctx->untrusted to point to my new chain.
It sounds like this is not going to be a problem. The basic plan for the
cert_verify_callback is:
int cert_verify_callback(X509_STORE_CTX *ctx, void *appctx)
{
STACK_OF(X509) *myuntrusted = copy_and_prune_untrusted(appctx,
ctx->untrusted);
STACK_OF(X509) *mytrusted = trust_anchor_stack(appctx);
X509_STORE_CTX_set_chain(myuntrusted);
X509_STORE_CTX_trusted_stack(ctx, mytrusted);
return X509_verify_cert(ctx);
}
This validates the chain via a custom set of trusted roots and a
modified copy of the list untrusted certificates. The only thing
missing from the OpenSSL library to support this better is an
accessor function for "ctx->untrusted".
diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c
index afb6016..ed595d2 100644
--- a/crypto/x509/x509_vfy.c
+++ b/crypto/x509/x509_vfy.c
@@ -2103,6 +2103,11 @@ X509 *X509_STORE_CTX_get_current_cert(X509_STORE_CTX
*ctx)
return ctx->current_cert;
}
+STACK_OF(X509) *X509_STORE_CTX_get_untrusted(X509_STORE_CTX *ctx)
+ {
+ return ctx->untrusted;
+ }
+
STACK_OF(X509) *X509_STORE_CTX_get_chain(X509_STORE_CTX *ctx)
{
return ctx->chain;
The other thing that I noticed while performing RTFS, is that after
certificate verification completes, the chain reported by
SSL_get_peer_cert_chain() is the raw "untrusted" chain off the
wire, not the verified chain built by X509_verify_cert(). Is that
intentional?
--
Viktor.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
