Hi Victor and Michael,
Thanks for your respective response.
I need to make sure the following validation happens.
- subject field in one certificate matches with the issuer field in the subsequent certificate
- no duplicate certificate in the chain
- basicConstraints : for CA certificate CA must be set to TRUE
pathLenConstraints – checking as per RFC5280; I want to check even to see no CA with pathLen set 0 is Issuer of another CA certificate
- validity period check
- revocation status check
- keyUsage : Eg. to make sure keyCertSign indicator set for the CA certificates in the chain
- Criticality check
- Signature validation
As per RFC5280, subjectKeyIdentifier and authorityKeyIdentifier matching is not required to be done by application.
Section 4.2.1.2.
“Applications are not required to verify that key identifiers match when performing
certification path validation.”
Is it possible to let me know what all from the BULLETED are validated at OpenSSL level? We are using 1.0.2k
This helps in saving my time required for debugging.
Thanks,
John
On Wed, May 3, 2017 at 9:57 PM, Michael Wojcik <Michael.Wojcik@xxxxxxxxxxxxxx> wrote:
> From: openssl-users [mailto:openssl-users-bounces@openssl.org ] On Behalf
> Of Viktor Dukhovni
> Sent: Wednesday, May 03, 2017 06:40
>
> For the full verification process see:
>
>
> https://github.com/openssl/openssl/blob/ f0ef20bf386b5c37ba5a4ce5c1de9a
> 819bbeffb2/crypto/x509/x509_vfy.c#L208 I haven't looked at x509_vfy.c in 1.1.0, but in the 1.0.x code it's fairly involved. When I implemented custom chain validation for a product, I stepped through the code under the debugger for a handful of different cases, to get a better idea of what it was doing. I recommend the exercise for anyone who wants to intervene in OpenSSL's chain validation.
My custom validation code uses the OpenSSL validation callback, making some additional checks and allowing some exceptions, based on application configuration. I assume John is doing something similar, and not trying to implement chain validation from scratch. I definitely wouldn't recommend that, given the Byzantine complexity of X.509v3 PKI, unless you really must (e.g. because you want a non-hierarchical PKI topology).
Michael Wojcik
Distinguished Engineer, Micro Focus
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
