openssl/gen_cert: mark evidence extension as non-critical

Mark evidence extensions as non-critical, since many TLS libraries (such as openssl or mbedtls) do not support extracting critical extensions. See: CCC-Attestation/interoperable-ra-tls#9 Signed-off-by: Kun Lai <[email protected]>
imlk0 · Feb 22, 2023 · 81db134 · 81db134
1 parent 670933a
commit 81db134
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 12 deletions.
diff --git a/src/crypto_wrappers/openssl/gen_cert.c b/src/crypto_wrappers/openssl/gen_cert.c
@@ -195,15 +195,15 @@ crypto_wrapper_err_t openssl_gen_cert(crypto_wrapper_ctx_t *ctx, rats_tls_cert_a
 	/* Add evidence extension */
 	if (cert_info->evidence_buffer_size) {
 		/* The DiceTaggedEvidence extension criticality flag SHOULD be marked critical. */
-		if (!x509_extension_add(cert, TCG_DICE_TAGGED_EVIDENCE_OID, true,
+		if (!x509_extension_add(cert, TCG_DICE_TAGGED_EVIDENCE_OID, false,
 					cert_info->evidence_buffer,
 					cert_info->evidence_buffer_size) != RATS_TLS_ERR_NONE)
 			goto err;
 	}
 
 	/* Add endorsements extension */
 	if (cert_info->endorsements_buffer_size) {
-		if (!x509_extension_add(cert, TCG_DICE_ENDORSEMENT_MANIFEST_OID, true,
+		if (!x509_extension_add(cert, TCG_DICE_ENDORSEMENT_MANIFEST_OID, false,
 					cert_info->endorsements_buffer,
 					cert_info->endorsements_buffer_size) != RATS_TLS_ERR_NONE)
 			goto err;

diff --git a/src/tls_wrappers/openssl/un_negotiate.c b/src/tls_wrappers/openssl/un_negotiate.c
@@ -178,16 +178,16 @@ int verify_certificate(int preverify_ok, X509_STORE_CTX *ctx)
 		if (err == X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT)
 			return SSL_SUCCESS;
 
-		/* According to the dice standard, the DiceTaggedEvidence extension should be set to critical=true.
-		 * However, there is no way via the openssl api to know directly which extension is causing
-		 * X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION, so we have to tolerate all this cases here.
-		 * This may be a security issue if there are other critical extensions that neither we nor openssl can handle.
-		 * See:
-		 *  - https://github.com/openssl/openssl/blob/a63fa5f711f1f97e623348656b42717d6904ee3e/crypto/x509/x509_vfy.c#L490
-		 *  - https://github.com/openssl/openssl/blob/a63fa5f711f1f97e623348656b42717d6904ee3e/crypto/x509/v3_purp.c#LL596C34-L596C34
-		 */
-		if (err == X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION)
-			return SSL_SUCCESS;
+		// /* According to the dice standard, the DiceTaggedEvidence extension should be set to critical=true.
+		//  * However, there is no way via the openssl api to know directly which extension is causing
+		//  * X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION, so we have to tolerate all this cases here.
+		//  * This may be a security issue if there are other critical extensions that neither we nor openssl can handle.
+		//  * See:
+		//  *  - https://github.com/openssl/openssl/blob/a63fa5f711f1f97e623348656b42717d6904ee3e/crypto/x509/x509_vfy.c#L490
+		//  *  - https://github.com/openssl/openssl/blob/a63fa5f711f1f97e623348656b42717d6904ee3e/crypto/x509/v3_purp.c#LL596C34-L596C34
+		//  */
+		// if (err == X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION)
+		// 	return SSL_SUCCESS;
 
 		/*
 		 * A typical and unrecoverable error code is