Validating Credentials

Schannel supports authentication for both sides of the connection. In server authentication (required by all Schannel protocols), a server proves its identity to a client. In client authentication, a client proves its identity to a server. Client authentication is optional and can be requested by the server application at any time.

For each type of authentication, client or server, there are two sides. One side supplies credentials to the other side. The receiver of a credential verifies the credentials by confirming that the remote party possesses the private key matching the public key embedded within the remote party's certificate. Responsibility for validating the other information contained within the certificate belongs to the application. Validation is done using the CryptoAPI functions.

To validate the remote certificate chain, the application can use the QueryContextAttributes function to obtain the SECPKG_ATTR_REMOTE_CERT_CONTEXT property. This property consists of a certificate context (CERT_CONTEXT) containing the end certificate supplied by the remote party. The hCertStore member of this certificate context can be used to obtain the certificate of the issuer of the end certificate. The hCertStore member of the issuer's certificate context can be used to obtain the certificate of the issuer of that issuer's certificate, and so on back to the root certificate.

Typically, the application must verify that:

• A chain is complete from the end certificate back to a root certificate that the application trusts.
• All of the certificates in the chain from the end certificate back to the trusted root certificate are time-valid.
• None of the certificates in the chain have been revoked.
• There are no depth violations. (The depth of the leaf certificate from any of the issuers in the chain is not greater than the maximum depth given in the certificate extension, if it is there.)
• The usage of the certificate is correct. (Client certificates cannot be used to authenticate servers, and so on.)
• For server authentication, the server identity contained in the server's leaf certificate matches the server that the client is attempting to contact. Typically, it will match some item in the certificate's SubjectName to the server's IP address or DNS name (as in the HTTPS protocol). The client can also query some central security server or do a database lookup to determine whether it wants to connect to this server.

By default, the Windows 2000 Schannel SSP calls CertGetCertificateChain to verify the acceptability of the server certificate. If the certificate has expired, was issued by a non-trusted certification authority (CA), or is not satisfactory for some other reason, the InitializeSecurityContext function fails.