Hi Michael,
I have not implemented a rehandshake but as I understand, it can be pretty
complicated. Searching for "OpenSSL rehandshake" on google pointed me to this
article (http://www.rtfm.com/openssl-examples/part2.pdf) by Eric Rescorla,
describing the rehandshake in detail. Hope this helps.
Ashish.
From: [email protected] [mailto:[email protected]]
On Behalf Of Michael Prinzinger
Sent: Wednesday, September 23, 2009 2:02 PM
To: [email protected]
Subject: Re: verify client certificate at a later point
Thank You Ashish for your answer!
On Wed, Sep 23, 2009 at 10:30 PM, Ashish Thapliyal
<[email protected]<mailto:[email protected]>> wrote:
I set the following for the global context which is used to create the
connection:
// Set the SSL certificate verify mode
SSL_CTX_set_verify(_globalContext, SSL_VERIFY_PEER, NULL);
Then the server requests the peer (i.e. the client) for a certificate during
the handshake, which the client can either ignore, or provide.
yes I want the client to provide a certificate. this also works, if I set the
globalContext like above
However at this point the server cannot yet verify the client's certificate.
So calling BIO_do_connect(BIO* client_socket) returns -1, because the client
certificate could not be verified.
The other option is to do a handshake without asking for a client certificate
first, then do a re-handshake and ask the client for a certificate when
required.
Yes this would work. Because later the server will get the client certificate
in a secure fashion.
So how can I redo the handshake? I do not want to close and open the connection
a new, just ask the client again for its certificate.
Do you know how to do that?
Thank You!
Michael
Ashish
______________________________________________________________________________________________________
Ashish V. Thapliyal, Security Architect, Citrix Online Division, 6500 Hollister
Ave, Goleta, CA 93117. V: +1 (805) 690 2908.
From: [email protected]<mailto:[email protected]>
[mailto:[email protected]<mailto:[email protected]>]
On Behalf Of Michael Prinzinger
Sent: Wednesday, September 23, 2009 1:05 PM
To: [email protected]<mailto:[email protected]>
Subject: verify client certificate at a later point
Dear OpenSSL group,
I have a somewhat curious setting (without CAs) about routing information along
several nodes:
[1] first an unkown client establishes a connection to a known server
thus I set
SSL_CTX_set_verify(this->ctx, SSL_VERIFY_NONE, NULL);
and let the client verify the servers certificate, like this
X509* x509 = SSL_get_peer_certificate(s);
CHECK(x509 != NULL);
//check certificate
long certVerifyResults = SSL_get_verify_result(s);
if(certVerifyResults != X509_V_OK)
throw SSLException("Error! Certificate could not be verified.\n);
//free x509
X509_free(x509);
[2] now a secure connection is established
on it the server receives data encrypted with the servers public key, so
only it can read it
in the data is information about the next node and the previous node
now the server knows the ssl certificate of the previous node and thus wants
to check it,
since the verify mode is still set to server only, we set it a new
SSL_CTX_set_verify(this->ctx, SSL_VERIFY_PEER |
SSL_VERIFY_FAIL_IF_NO_PEER_CERT, NULL);
[3] if the server now runs the code above
X509* x509 = SSL_get_peer_certificate(s);
CHECK(x509 != NULL);
//check certificate
long certVerifyResults = SSL_get_verify_result(s);
if(certVerifyResults != X509_V_OK)
throw SSLException("Error! Certificate could not be verified.\n);
//free x509
X509_free(x509);
x509 will be NULL.
This is probably because the handshake has already taken place. So there simply
is no client certificate.
Now I am trying to find a way around this problem, but failed so far.
It would be nice to either find a way that both certificates are exchanged
during handshae, but only the server one is verified at first
or to find a way to request a certificate from the client at a later point.
Has anyone an idea, how this could be achieved with the OpenSSL API?
Thank You Very Much!
Michael
