Giters

h2o / picotls

TLS 1.3 implementation in C (master supports RFC8446 as well as draft-26, -27, -28)

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Verifying certificate purpose

twirtgen opened this issue · comments

commented

When establishing connection with a TLS server, I think X509_VERIFY_PARAM_set_purpose does not check the right purpose.

Currently, when picotls is used as a client, the line:

picotls/lib/openssl.c

Line 1235 in 80a2bbd

X509_VERIFY_PARAM_set_purpose(params, is_server ? X509_PURPOSE_SSL_SERVER : X509_PURPOSE_SSL_CLIENT);
checks if the key can be used to authenticate an SSL client.

However, as I understand it, they have to check X509_PURPOSE_SSL_SERVER instead, since the certificate has been sent by the server.

There were conversations about this in openssl/openssl#14199 (comment) (https://github.com/openssl/openssl/pull/14199/files#diff-c17351bdef7704fb7ac7fa0cf992ff9cf68167a1b66d7aa63670496c7af9a6a6R109) and in openssl/openssl#13965 (comment).

commented

Thank you for reporting the issue!