See Also
 Important: |
|---|
| This is retired content. This content is outdated and is no longer being maintained. It is provided as a courtesy for individuals who are still using these technologies. This content may contain URLs that were valid when originally published, but now link to sites or pages that no longer exist. |
Authentication is the process of determining if a remote host can be trusted. To establish its trustworthiness, the remote host must provide an acceptable authentication certificate.
Remote hosts establish their trustworthiness by obtaining a certificate from a certification authority (CA). The CA may, in turn, have certification from a higher authority, and so on, creating a chain of trust. To determine whether a certificate is trustworthy, an application must determine the identity of the root CA, and then determine if it is trustworthy.
Windows Embedded CE maintains a database of trusted CAs. When a connection with a security infrastructure is attempted by an application, Windows Embedded CE extracts the root certificate from the certification chain and checks it against the CA database. It delivers the root certificate to the application through a certificate validation callback function, along with the results of the comparison against the CA database.
Applications bear ultimate responsibility for verifying that a certificate is acceptable. Applications can accept or reject any certificate. If a certificate is rejected, the connection is not completed. At a minimum, a certificate should meet two requirements: The certificate is current, and the identity contained in the certificate matches the root CA identity.
The certificate validation callback function must be implemented by all client applications that use secure sockets. The value it returns determines if the connection will be completed by Winsock. The value must have the following syntax.
 Copy Code
|
|
|---|---|
int SslValidate ( DWORD dwType LPVOID pvArg DWORD dwChainLen LPBLOB pCertChain DWORD dwFlags ); |
|
The parameters contain the following data:
- The
dwTypeparameter specifies the data type pointed to by
pCertChain. This must be SSL_CERT_X.509, specifying that
pCertChainis a pointer to an X.509 style certificate.
- The
pvArgparameter is the application-defined context, passed by
the
SSLVALIDATECERTHOOKstructure.
- The
dwChainLenparameter is the number of certificates pointed to
by
pCertChain. It will always be equal to one.
- The
pCertChainparameter is a pointer to the root certificate.
The BLOB struct is defined in Sslsock.h in the SDK. The
pBlobDatafield points to a X.509 certificate (ISO standard).
The certificate is not the root certificate but the server
certificate. The caller must parse the certificate to extract the
pertinent data like the subject and issuer names.
- If the root issuer of the certificate could not be found in the
CA database, the
dwFlagsparameter will contain SSL_CERT_FLAG_ISSUER_UNKNOWN.
The application can either attempt to verify the issuer itself, or
return SSL_ERR_CERT_UNKNOWN.
The following table shows values returned by the callback function.
| Return value | Description |
|---|---|
|
SSL_ERR_BAD_DATA |
The certificate is not properly formatted. |
|
SSL_ERR_BAD_SIG |
The signature check failed. |
|
SSL_ERR_CERT_EXPIRED |
The certificate has expired. |
|
SSL_ERR_CERT_REVOKED |
The certificate has been revoked. |
|
SSL_ERR_CERT_UNKNOWN |
The issuer is unknown, or some unspecified problem arose in the certificate processing, rendering it unacceptable. |
|
SSL_ERR_OKAY |
The certificate is acceptable. |