Re: [openssl.org #4620] OCSP_basic_verify() question/comment

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: [openssl.org #4620] OCSP_basic_verify() question/comment

David von Oheimb
It seems that OCSP_basic_verify(bs, certs, st, flags) unfortunately is
not documented, but from its code it becomes clear that the "certs"
parameter is meant to be a set of untrusted certificates, which is first
used (together with bs->certs) to determine the signer cert of the OCSP
response "bs" and then is partly(!) used to construct the chain of certs
towards a trusted (root) cert in the store passed in the "st" parameter.

>> OCSP responses do not seem to include the intermediate certificates so they
>> have to be acquired in other ways. I have been doing this and adding them
>> to the certificate stack handed to OCSP_basic_verify().
>
> Perhaps adding them to X509_STORE or STORE_CTX directly?

This does not work because OCSP_basic_verify(bs, certs, st, flags)
produces its own internal X509_STORE_CTX:
          init_res = X509_STORE_CTX_init(ctx, st, signer, untrusted);
where the "st" parameter is taken as the trusted store, while the set of
untrusted certs cannot be directly set by the caller.

>> I am relatively new to this so I may be incorrect; however, it seems to me
>> that the certificates in the cert argument should be added to the
>> X509_STORE_CTX.
>
> If you need to add certificates to validate a chain, it seems safer to explicitly add them to the store, not implicitly.

As long as the OCSP response pointed to by "bs" includes a non-NULL
bs->certs field, OCSP_basic_verify() takes the union of any certs in the
"certs" parameter and in bs->certs as untrusted certs for chain
construction, but if bs->certs is NULL, i.e. when the OCSP responder did
not include any certs its response, for some reason OCSP_basic_verify()
does not take "certs" but bs->certs, which corresponds to the empty set.

I consider this a bug, for which I've just submitted a pull request:
https://github.com/openssl/openssl/pull/4124
This fix takes "certs" as the set of untrusted certs in case bs->certs
is NULL.

As long as a fix is not yet available, one can use the following
workaround:
        {
           X509 *dummy = X509_new();
           (void)OCSP_basic_add1_cert(bs, dummy);
           X509_free(dummy);
        }
before calling
        OCSP_basic_verify(bs, certs, st, flags);
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Loading...