![[Index]](../../../../../a_stock/btn_index_wt.gif){kind=small}
![[Spacer]](../../../../../a_stock/btn_spacer.gif){kind=small}
![[Previous]](../../../../../a_stock/btn_prev_wt.gif){kind=small}
![[Next]](../../../../../a_stock/btn_next_wt.gif){kind=small}
|
|
|
|
|
|
||
Certificate validation is a recursive process. It begins with the need to verify the signature on some data presented by an End Entity (EE). This involves checking that the key pair is actually owned by that EE. To do this the public signing key of that EE is acquired by getting its certificate. That certificate would have been signed by the EE's certification authority (CA), so the signature on the certificate can be verified by getting the CA's public signing key. In turn the CA's certificate maybe need verifying in which case the process is repeated until the process bottoms out when an entity which is already trusted is reached; that entity is usually self signed. This process is illustrated in the figure below:
Certificate chain
The set of certificates from an EE up to a trusted root CA certificate is called a certificate chain. Once a certificate chain has been constructed the EE's key pair at the start can validated.
|
|
A set of certificates, from the entity requesting authentication up to, but not including, one already trusted by the relying party.
Where these certificates come from is potentially a difficult problem if certificate management is expected to search for intermediate certificates in remote repositories; however for TLS at least servers are required to supply a complete, ordered set of certificates in the form of DER encoded ASN.1; so client code can just pass this into the certificate chain object.
Authentication cannot be done entirely by software: there must be a point at which the user confirms that they trust a particular entity. The validation algorithm can only ascertain that if the user trusts certificate X then they may also trust certificate Y. Certificates which the user trusts directly are called root certificates because they are the root of the validation chain. They are usually self-signed.
It is likely that different applications will have different
requirements about which certificates may be considered trust roots and for the
level of protection they require for trust roots. To this end, applications
will pass in a unique ID (TUid) which Certificate Management will
use to identify the application, and so work out which certificates can be
considered trusted for that application.
For additional flexibility, an overload is provided enabling clients to pass a set of root certificates directly into the validation function.
For more detailed discussion of the storage and management of root certificates see Root Certificate Management, Storage, and Client registration.
A set of OIDs, each of which represents a certification policy acceptable to the application. This enables client code to restrict the certificates that may occur in a valid certificate chain. Client code does not have to specify any preferred policies here. An empty set is interpreted as any policy.
|
|
The chain object parses the encoded set of certificates. The first certificate is considered to be the EE certificate, and subsequent certificates must each certify the preceding one. The chain object then searches the set of trusted root certificates for a certificate trusted by the client and whose subject name matches the issuer name in the last certificate in the decoded set. If two or more match, it will attempt to resolve this be comparing the authority key ID in the last certificate with the subject key ID in each candidate root. If this extension is not present, it will attempt to find a single root by signature verification. If no root is found validation will fail immediately with an error.
The certificate chain initialises the following state variables:
Validation Time: time for which validation is calculated. Initialised to the time supplied by client code.
Initial Policies: set of policy OIDs, initialised to the policies supplied by client code
Acceptable Policies: set of X.509 policy information objects, initially any policy
Mapped Policies: set of policy OIDs, initially empty
Excluded Subtrees: set of X.500 General Name objects, initially empty
Permitted Subtrees: set of X.500 General Name objects, initially any subtree
Max Path Length: integer representing the maximum path length. Initially the actual path length
Inhibit Policy Mapping: integer whose value is the number of certificates that may appear after the current one before policy mapping is no longer permitted. Initially the chain length
Require Explicit Policy: integer whose value is the number of certificates that may appear after the current one before an acceptable policy OID must appear in the certificate. Initially the chain length
Current Cert: integer whose value is the position of the current certificate in the chain. Initially the chain length -1
Validation of a certificate chain starts at the root and ends at the End Entity. It returns a result object which includes:
a single error value, which consists of a reason for the error
and an integer identifying which certificate the error is associated with. If
the reason is anything other than EValidatedOK then validation has
failed.
a set of warning values, each consisting of a reason for the warning and an integer identifying which certificate the warning is associated with.
a set of policies accepted in the course of validating the chain.
The reason the warnings are present is that it is sometimes impossible for Certificate Management to work out if an irregularity is an error or not, because it depends on the context of the certificate (e.g. the use to which its key will be put) which is only known by client code. Warnings give client code a chance to evaluate these irregularities.
For each certificate the actions described below are performed:
Signature Verification & Name Chaining
Each certificate must be signed by, and its subject name should be match the issuer name in, the certificate above it in the chain. The only exception is the root certificate, which, if it claims to be self signed (i.e. its subject and issuer names match) must really be self signed; otherwise its signature is not verified, but a warning is generated.
Validity Period Checking
For each certificate, the Validation Time must lie within the validity period in the certificate.
Extension Processing
Extensions can be marked critical; all critical extensions must be 'recognized and processed' or the certificate must be rejected. For some extensions it is either unclear what this means, or it clearly makes no sense, and in these cases a common response is to reject the certificate if the extension is marked critical. It is impossible to guarantee support for some extensions.
Revocation Checking
Additionally, for each certificate:
the Max Path Length, Inhibit Policy Mapping and Require Explicit Policy variables are decremented,
and Current Cert must be less than or equal to Max Path Length.
When validation is complete the Acceptable Policies variable will be copied into the set of policies in the result object.
|
Copyright ©2008 Symbian Software Ltd. |
|
![[Top]](../../../../../a_stock/arrow_up_2.gif){kind=icon}
![[Previous]](../../../../../a_stock/btn_prev.gif){kind=small}
![[Top]](../../../../../a_stock/btn_top.gif)
![[Next]](../../../../../a_stock/btn_next.gif){kind=small}