[openssl.org #2768] Bug: internal_verify() hides errors from callbacks after X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE

Wed, 21 Mar 2012 02:27:40 -0700 

Hello,

    A verification callback registered with SSL_CTX_set_verify() gets
called for most validation errors, as expected. The callback always
returns "1" (keep validating) result so that it can see all errors.

However, after discovering X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE
error, OpenSSL internal_verify() stops calling the callback due to this
code in crypto/x509/x509_vfy.c:

> if (n <= 0)
>         {
>         ctx->error=X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE;
>         ctx->current_cert=xi;
>         ok=cb(0,ctx);
>         goto end;
>         }


while the usual error processing in internal_verify() looks like this:

> if (... error detected ...)
>         {
>         ctx->error=X509_V_ERR_...
>         ctx->current_cert=xi;
>         ok=(*cb)(0,ctx);
>         if (!ok) goto end;
>         }

Note the "if (!ok)" guard present in the "usual" error processing code.


If the special treatment of X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE
error is not a bug, then I think the SSL_CTX_set_verify() manual page
should be updated to adjust phrases like "If verify_callback returns 1,
the verification process is continued" and "All verification errors are
printed" because such phrases mislead: Verification process does not
continue after X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE and no other
errors are printed after that error.

If you do not consider the above behavior buggy, could you please
explain why it is a bad idea to continue verification after
509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE? What is so special about that
particular error?

If you do not consider the above behavior buggy, and my code needs to
detect _all_ certificate validation errors, even in the presence of
X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE, what is my best option? Roll
out my own complete verification function and set it with
SSL_CTX_set_cert_verify_callback()??

FWIW, I would really like to avoid duplicating (and be responsible for!)
so much OpenSSL functionality, of course. As the manual page says,
"Providing a complete verification procedure including certificate
purpose settings etc is a complex task."

The problem has been verified using OpenSSL v0.9.8k and v1.0.0e. The
code snippets above are from v1.0.0e. The problem is not platform-specific.


Thank you for OpenSSL,

Alex.

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [email protected]
Automated List Manager                           [email protected]

Reply via email to