Merge pull request #731 from moisesguimaraes/fixes-ocsp-responder

adds OCSP Responder extKeyUsage validation

certs/ocsp/ocspd-intermediate1-ca-issued-certs-with-ca-as-responder.sh

@@ -0,0 +1,8 @@
+#!/bin/sh
+
+openssl ocsp -port 22221 -nmin 1                                \
+    -index   certs/ocsp/index-intermediate1-ca-issued-certs.txt \
+    -rsigner certs/ocsp/intermediate1-ca-cert.pem               \
+    -rkey    certs/ocsp/intermediate1-ca-key.pem                \
+    -CA      certs/ocsp/intermediate1-ca-cert.pem               \
+    $@

certs/ocsp/ocspd-intermediate1-ca-issued-certs.sh

@@ -0,0 +1,8 @@
+#!/bin/sh
+
+openssl ocsp -port 22221 -nmin 1                                \
+    -index   certs/ocsp/index-intermediate1-ca-issued-certs.txt \
+    -rsigner certs/ocsp/ocsp-responder-cert.pem                 \
+    -rkey    certs/ocsp/ocsp-responder-key.pem                  \
+    -CA      certs/ocsp/intermediate1-ca-cert.pem               \
+    $@

certs/ocsp/ocspd-intermediate2-ca-issued-certs.sh

@@ -0,0 +1,8 @@
+#!/bin/sh
+
+openssl ocsp -port 22222 -nmin 1                                \
+    -index   certs/ocsp/index-intermediate2-ca-issued-certs.txt \
+    -rsigner certs/ocsp/ocsp-responder-cert.pem                 \
+    -rkey    certs/ocsp/ocsp-responder-key.pem                  \
+    -CA      certs/ocsp/intermediate2-ca-cert.pem               \
+    $@

certs/ocsp/ocspd-intermediate3-ca-issued-certs.sh

@@ -0,0 +1,8 @@
+#!/bin/sh
+
+openssl ocsp -port 22223 -nmin 1                                \
+    -index   certs/ocsp/index-intermediate3-ca-issued-certs.txt \
+    -rsigner certs/ocsp/ocsp-responder-cert.pem                 \
+    -rkey    certs/ocsp/ocsp-responder-key.pem                  \
+    -CA      certs/ocsp/intermediate3-ca-cert.pem               \
+    $@

certs/ocsp/ocspd-root-ca-and-intermediate-cas.sh

@@ -0,0 +1,8 @@
+#!/bin/sh
+
+openssl ocsp -port 22220 -nmin 1                          \
+    -index   certs/ocsp/index-ca-and-intermediate-cas.txt \
+    -rsigner certs/ocsp/ocsp-responder-cert.pem           \
+    -rkey    certs/ocsp/ocsp-responder-key.pem            \
+    -CA      certs/ocsp/root-ca-cert.pem                  \
+    $@

certs/ocsp/ocspd0.sh

@@ -1,8 +0,0 @@
-#!/bin/sh
-
-openssl ocsp -port 22220 -nmin 1                \
-    -index   certs/ocsp/index0.txt              \
-    -rsigner certs/ocsp/ocsp-responder-cert.pem \
-    -rkey    certs/ocsp/ocsp-responder-key.pem  \
-    -CA      certs/ocsp/root-ca-cert.pem        \
-    $@

certs/ocsp/ocspd1.sh

@@ -1,8 +0,0 @@
-#!/bin/sh
-
-openssl ocsp -port 22221 -nmin 1                  \
-    -index   certs/ocsp/index1.txt                \
-    -rsigner certs/ocsp/ocsp-responder-cert.pem   \
-    -rkey    certs/ocsp/ocsp-responder-key.pem    \
-    -CA      certs/ocsp/intermediate1-ca-cert.pem \
-    $@

certs/ocsp/ocspd2.sh

@@ -1,8 +0,0 @@
-#!/bin/sh
-
-openssl ocsp -port 22222 -nmin 1                  \
-    -index   certs/ocsp/index2.txt                \
-    -rsigner certs/ocsp/ocsp-responder-cert.pem   \
-    -rkey    certs/ocsp/ocsp-responder-key.pem    \
-    -CA      certs/ocsp/intermediate2-ca-cert.pem \
-    $@

certs/ocsp/ocspd3.sh

@@ -1,8 +0,0 @@
-#!/bin/sh
-
-openssl ocsp -port 22223 -nmin 1                  \
-    -index   certs/ocsp/index3.txt                \
-    -rsigner certs/ocsp/ocsp-responder-cert.pem   \
-    -rkey    certs/ocsp/ocsp-responder-key.pem    \
-    -CA      certs/ocsp/intermediate3-ca-cert.pem \
-    $@

scripts/include.am

@@ -26,13 +26,15 @@ endif
 if BUILD_OCSP_STAPLING
 dist_noinst_SCRIPTS+= scripts/ocsp-stapling.test
 scripts/ocsp-stapling.log: scripts/ocsp.log
+dist_noinst_SCRIPTS+= scripts/ocsp-stapling-with-ca-as-responder.test
+scripts/ocsp-stapling-with-ca-as-responder.log: scripts/ocsp-stapling.log
 endif
 
 if BUILD_OCSP_STAPLING_V2
 dist_noinst_SCRIPTS+= scripts/ocsp-stapling2.test
 
 if BUILD_OCSP_STAPLING
-scripts/ocsp-stapling2.log: scripts/ocsp-stapling.log
+scripts/ocsp-stapling2.log: scripts/ocsp-stapling-with-ca-as-responder.log
 else
 scripts/ocsp-stapling2.log: scripts/ocsp.log
 endif

scripts/ocsp-stapling-with-ca-as-responder.test

@@ -0,0 +1,39 @@
+#!/bin/sh
+
+# ocsp-stapling.test
+
+trap 'for i in `jobs -p`; do pkill -TERM -P $i; kill $i; done' EXIT
+
+server=login.live.com
+ca=certs/external/ca-verisign-g5.pem
+
+[ ! -x ./examples/client/client ] && echo -e "\n\nClient doesn't exist" && exit 1
+
+# is our desired server there? - login.live.com doesn't answers PING
+#./scripts/ping.test $server 2
+
+# client test against the server
+./examples/client/client -X -C -h $server -p 443 -A $ca -g -W 1
+RESULT=$?
+[ $RESULT -ne 0 ] && echo -e "\n\nClient connection failed" && exit 1
+
+# setup ocsp responder
+./certs/ocsp/ocspd-intermediate1-ca-issued-certs-with-ca-as-responder.sh &
+sleep 1
+[ $(jobs -r | wc -l) -ne 1 ] && echo -e "\n\nSetup ocsp responder failed, skipping" && exit 0
+
+# client test against our own server - GOOD CERT
+./examples/server/server -c certs/ocsp/server1-cert.pem -k certs/ocsp/server1-key.pem &
+sleep 1
+./examples/client/client -C -A certs/ocsp/root-ca-cert.pem -W 1
+RESULT=$?
+[ $RESULT -ne 0 ] && echo -e "\n\nClient connection failed" && exit 1
+
+# client test against our own server - REVOKED CERT
+./examples/server/server -c certs/ocsp/server2-cert.pem -k certs/ocsp/server2-key.pem &
+sleep 1
+./examples/client/client -C -A certs/ocsp/root-ca-cert.pem -W 1
+RESULT=$?
+[ $RESULT -ne 1 ] && echo -e "\n\nClient connection suceeded $RESULT" && exit 1
+
+exit 0

scripts/ocsp-stapling.test

@@ -18,7 +18,7 @@ RESULT=$?
 [ $RESULT -ne 0 ] && echo -e "\n\nClient connection failed" && exit 1
 
 # setup ocsp responder
-./certs/ocsp/ocspd1.sh &
+./certs/ocsp/ocspd-intermediate1-ca-issued-certs.sh &
 sleep 1
 [ $(jobs -r | wc -l) -ne 1 ] && echo -e "\n\nSetup ocsp responder failed, skipping" && exit 0
 

scripts/ocsp-stapling2.test

@@ -7,9 +7,9 @@ trap 'for i in `jobs -p`; do pkill -TERM -P $i; kill $i; done' EXIT
 [ ! -x ./examples/client/client ] && echo -e "\n\nClient doesn't exist" && exit 1
 
 # setup ocsp responders
-./certs/ocsp/ocspd0.sh &
-./certs/ocsp/ocspd2.sh &
-./certs/ocsp/ocspd3.sh &
+./certs/ocsp/ocspd-root-ca-and-intermediate-cas.sh &
+./certs/ocsp/ocspd-intermediate2-ca-issued-certs.sh &
+./certs/ocsp/ocspd-intermediate3-ca-issued-certs.sh &
 sleep 1
 [ $(jobs -r | wc -l) -ne 3 ] && echo -e "\n\nSetup ocsp responder failed, skipping" && exit 0
 

wolfcrypt/src/asn.c

@@ -36,10 +36,12 @@ ASN Options:
  * WOLFSSL_CERT_GEN: Cert generation. Saves extra certificate info in GetName.
  * WOLFSSL_NO_OCSP_OPTIONAL_CERTS: Skip optional OCSP certs (responder issuer
     must still be trusted)
- * WOLFSSL_NO_TRUSTED_CERTS_VERIFY: Workaround for sitatuon where entire cert
+ * WOLFSSL_NO_TRUSTED_CERTS_VERIFY: Workaround for situation where entire cert
     chain is not loaded. This only matches on subject and public key and
     does not perform a PKI validation, so it is not a secure solution.
     Only enabled for OCSP.
+ * WOLFSSL_NO_OCSP_ISSUER_CHECK: Can be defined for backwards compatibility to
+    disable checking of OCSP subject hash with issuer hash.
 */
 
 #ifndef NO_ASN
@@ -10757,6 +10759,7 @@ static int DecodeBasicOcspResponse(byte* source, word32* ioIndex,
             return ASN_PARSE_E;
 
         InitDecodedCert(&cert, resp->cert, resp->certSz, heap);
+
         /* Don't verify if we don't have access to Cert Manager. */
         ret = ParseCertRelative(&cert, CERT_TYPE,
                                 noVerify ? NO_VERIFY : VERIFY_OCSP, cm);
@@ -10766,6 +10769,21 @@ static int DecodeBasicOcspResponse(byte* source, word32* ioIndex,
             return ret;
         }
 
+#ifndef WOLFSSL_NO_OCSP_ISSUER_CHECK
+        if ((cert.extExtKeyUsage & EXTKEYUSE_OCSP_SIGN) == 0) {
+            if (XMEMCMP(cert.subjectHash,
+                        resp->issuerHash, KEYID_SIZE) == 0) {
+                WOLFSSL_MSG("\tOCSP Response signed by issuer");
+            }
+            else {
+                WOLFSSL_MSG("\tOCSP Responder key usage check failed");
+
+                FreeDecodedCert(&cert);
+                return BAD_OCSP_RESPONDER;
+            }
+        }
+#endif
+
         /* ConfirmSignature is blocking here */
         ret = ConfirmSignature(&cert.sigCtx,
             resp->response, resp->responseSz,

wolfcrypt/src/error.c

@@ -425,6 +425,9 @@ const char* wc_GetErrorString(int error)
     case ASYNC_OP_E:
         return "Async operation error";
 
+    case BAD_OCSP_RESPONDER:
+        return "Invalid OCSP Responder, missing specific key usage extensions";
+
     default:
         return "unknown error number";
 

wolfcrypt/test/test.c

@@ -930,7 +930,7 @@ int error_test()
     /* Values that are not or no longer error codes. */
     int missing[] = { -122, -123, -124,       -127, -128, -129,
                       -161, -162, -163, -164, -165, -166, -167, -168, -169,
-                      -178, -179,       -233,
+                      -179,       -233,
                       0 };
 
     /* Check that all errors have a string and it's the same through the two

wolfssl/wolfcrypt/error-crypt.h

@@ -106,6 +106,7 @@ enum {
     UNICODE_SIZE_E     = -175,  /* Unicode password too big */
     NO_PASSWORD        = -176,  /* no password provided by user */
     ALT_NAME_E         = -177,  /* alt name size problem, too big */
+    BAD_OCSP_RESPONDER = -178,  /* missing key usage extensions */
 
     AES_GCM_AUTH_E     = -180,  /* AES-GCM Authentication check failure */
     AES_CCM_AUTH_E     = -181,  /* AES-CCM Authentication check failure */