Regards to everyone I am writing a program for mutual SSL handshake in which client is also authenticated by its certificate.
I have setup an IIS Server which asks for certificate whenever any client connects to it. For this, I have done following things at the client end. 1. Defined a callback function and assigned it by using SSL_CTX_set_client_cert_cb. What I have done in client_cert_cb are as follows: a. Picking up a certificate from the system store. b. Reading its private key information. c. Assigning certificate and private key to the parameters passed in the callback i.e. X509 ** x509 and EVP_PKEY ** pkey. d. Returning 1 (to make ensure that the client has certificate and its private key). After this, I have observed following things: A. In OpenSSL 0.9.8, it application crashes after the callback. B. In OpenSSL 1.0.0g, it does not crash, however I have observed very strange thing that X509 **x509 and EVP_PKEY ** pkey both have same address. Assigning one corrupts other. And I am getting system error 183 (as indicated by the error SSL_ERROR_SYSCALL). This has puzzled me as OpenSSL have passed two separate parameters which are two different stack variables. If anyone have any idea what to do in client_cert_cb would be of great help. If anyone knows the reason that why it crashes would also be of great help. It would be nice if anyone can tell me why these two parameters have same addresses. However, it works very fine when SSL_use_certificate and SSL_use_Private_Key are called. But documentation as per my knowledge says that it even sends the certificate when it is not asked from the server. Does any one have more clear picture on it? If any other details (other than whole code), I will provide. I am using application on a Windows system. -- View this message in context: http://old.nabble.com/client_cert_cb-tp33707566p33707566.html Sent from the OpenSSL - User mailing list archive at Nabble.com.
