From 42a2f5858e0b446563c160fb7563cc7174f071a0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Moise=CC=81s=20Guimara=CC=83es?= Date: Mon, 30 Jan 2017 15:07:38 -0300 Subject: [PATCH 1/6] adds OCSP Responder extKeyUsage validation --- wolfcrypt/src/asn.c | 8 ++++++++ wolfcrypt/src/error.c | 3 +++ wolfssl/wolfcrypt/error-crypt.h | 1 + 3 files changed, 12 insertions(+) diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index 03153a0f4..61134f015 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -10757,6 +10757,7 @@ static int DecodeBasicOcspResponse(byte* source, word32* ioIndex, return ASN_PARSE_E; InitDecodedCert(&cert, resp->cert, resp->certSz, heap); + /* Don't verify if we don't have access to Cert Manager. */ ret = ParseCertRelative(&cert, CERT_TYPE, noVerify ? NO_VERIFY : VERIFY_OCSP, cm); @@ -10766,6 +10767,13 @@ static int DecodeBasicOcspResponse(byte* source, word32* ioIndex, return ret; } + if ((cert.extExtKeyUsage & EXTKEYUSE_OCSP_SIGN) == 0) { + WOLFSSL_MSG("\tOCSP Responder key usage check failed"); + + FreeDecodedCert(&cert); + return BAD_OCSP_RESPONDER; + } + /* ConfirmSignature is blocking here */ ret = ConfirmSignature(&cert.sigCtx, resp->response, resp->responseSz, diff --git a/wolfcrypt/src/error.c b/wolfcrypt/src/error.c index b5b578d5a..edd06afc6 100644 --- a/wolfcrypt/src/error.c +++ b/wolfcrypt/src/error.c @@ -425,6 +425,9 @@ const char* wc_GetErrorString(int error) case ASYNC_OP_E: return "Async operation error"; + case BAD_OCSP_RESPONDER: + return "Invalid OCSP Responder, missing specific key usage extensions"; + default: return "unknown error number"; diff --git a/wolfssl/wolfcrypt/error-crypt.h b/wolfssl/wolfcrypt/error-crypt.h index df29accc4..99c27d18e 100644 --- a/wolfssl/wolfcrypt/error-crypt.h +++ b/wolfssl/wolfcrypt/error-crypt.h @@ -106,6 +106,7 @@ enum { UNICODE_SIZE_E = -175, /* Unicode password too big */ NO_PASSWORD = -176, /* no password provided by user */ ALT_NAME_E = -177, /* alt name size problem, too big */ + BAD_OCSP_RESPONDER = -178, /* missing key usage extensions */ AES_GCM_AUTH_E = -180, /* AES-GCM Authentication check failure */ AES_CCM_AUTH_E = -181, /* AES-CCM Authentication check failure */ From a9d5dcae58aa4f2b5c5e9dda96248913b5758bd6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Moise=CC=81s=20Guimara=CC=83es?= Date: Fri, 3 Feb 2017 14:12:47 -0300 Subject: [PATCH 2/6] updates ocsp tests; adds check for OCSP response signed by issuer. --- ...{index0.txt => index-ca-and-intermediate-cas.txt} | 0 ...1.txt => index-intermediate1-ca-issued-certs.txt} | 0 ...2.txt => index-intermediate2-ca-issued-certs.txt} | 0 ...3.txt => index-intermediate3-ca-issued-certs.txt} | 0 ...rmediate1-ca-issued-certs-with-ca-as-responder.sh | 8 ++++++++ certs/ocsp/ocspd-intermediate1-ca-issued-certs.sh | 8 ++++++++ certs/ocsp/ocspd-intermediate2-ca-issued-certs.sh | 8 ++++++++ certs/ocsp/ocspd-intermediate3-ca-issued-certs.sh | 8 ++++++++ certs/ocsp/ocspd-root-ca-and-intermediate-cas.sh | 8 ++++++++ certs/ocsp/ocspd0.sh | 8 -------- certs/ocsp/ocspd1.sh | 8 -------- certs/ocsp/ocspd2.sh | 8 -------- certs/ocsp/ocspd3.sh | 8 -------- scripts/ocsp-stapling.test | 2 +- scripts/ocsp-stapling2.test | 6 +++--- wolfcrypt/src/asn.c | 12 +++++++++--- 16 files changed, 53 insertions(+), 39 deletions(-) rename certs/ocsp/{index0.txt => index-ca-and-intermediate-cas.txt} (100%) rename certs/ocsp/{index1.txt => index-intermediate1-ca-issued-certs.txt} (100%) rename certs/ocsp/{index2.txt => index-intermediate2-ca-issued-certs.txt} (100%) rename certs/ocsp/{index3.txt => index-intermediate3-ca-issued-certs.txt} (100%) create mode 100755 certs/ocsp/ocspd-intermediate1-ca-issued-certs-with-ca-as-responder.sh create mode 100755 certs/ocsp/ocspd-intermediate1-ca-issued-certs.sh create mode 100755 certs/ocsp/ocspd-intermediate2-ca-issued-certs.sh create mode 100755 certs/ocsp/ocspd-intermediate3-ca-issued-certs.sh create mode 100755 certs/ocsp/ocspd-root-ca-and-intermediate-cas.sh delete mode 100755 certs/ocsp/ocspd0.sh delete mode 100755 certs/ocsp/ocspd1.sh delete mode 100755 certs/ocsp/ocspd2.sh delete mode 100755 certs/ocsp/ocspd3.sh diff --git a/certs/ocsp/index0.txt b/certs/ocsp/index-ca-and-intermediate-cas.txt similarity index 100% rename from certs/ocsp/index0.txt rename to certs/ocsp/index-ca-and-intermediate-cas.txt diff --git a/certs/ocsp/index1.txt b/certs/ocsp/index-intermediate1-ca-issued-certs.txt similarity index 100% rename from certs/ocsp/index1.txt rename to certs/ocsp/index-intermediate1-ca-issued-certs.txt diff --git a/certs/ocsp/index2.txt b/certs/ocsp/index-intermediate2-ca-issued-certs.txt similarity index 100% rename from certs/ocsp/index2.txt rename to certs/ocsp/index-intermediate2-ca-issued-certs.txt diff --git a/certs/ocsp/index3.txt b/certs/ocsp/index-intermediate3-ca-issued-certs.txt similarity index 100% rename from certs/ocsp/index3.txt rename to certs/ocsp/index-intermediate3-ca-issued-certs.txt diff --git a/certs/ocsp/ocspd-intermediate1-ca-issued-certs-with-ca-as-responder.sh b/certs/ocsp/ocspd-intermediate1-ca-issued-certs-with-ca-as-responder.sh new file mode 100755 index 000000000..eecd81b58 --- /dev/null +++ b/certs/ocsp/ocspd-intermediate1-ca-issued-certs-with-ca-as-responder.sh @@ -0,0 +1,8 @@ +#!/bin/sh + +openssl ocsp -port 22221 -nmin 1 \ + -index certs/ocsp/index-intermediate1-ca-issued-certs.txt \ + -rsigner certs/ocsp/intermediate1-ca-cert.pem \ + -rkey certs/ocsp/intermediate1-ca-key.pem \ + -CA certs/ocsp/intermediate1-ca-cert.pem \ + $@ diff --git a/certs/ocsp/ocspd-intermediate1-ca-issued-certs.sh b/certs/ocsp/ocspd-intermediate1-ca-issued-certs.sh new file mode 100755 index 000000000..debfd63bb --- /dev/null +++ b/certs/ocsp/ocspd-intermediate1-ca-issued-certs.sh @@ -0,0 +1,8 @@ +#!/bin/sh + +openssl ocsp -port 22221 -nmin 1 \ + -index certs/ocsp/index-intermediate1-ca-issued-certs.txt \ + -rsigner certs/ocsp/ocsp-responder-cert.pem \ + -rkey certs/ocsp/ocsp-responder-key.pem \ + -CA certs/ocsp/intermediate1-ca-cert.pem \ + $@ diff --git a/certs/ocsp/ocspd-intermediate2-ca-issued-certs.sh b/certs/ocsp/ocspd-intermediate2-ca-issued-certs.sh new file mode 100755 index 000000000..0d06c5be1 --- /dev/null +++ b/certs/ocsp/ocspd-intermediate2-ca-issued-certs.sh @@ -0,0 +1,8 @@ +#!/bin/sh + +openssl ocsp -port 22222 -nmin 1 \ + -index certs/ocsp/index-intermediate2-ca-issued-certs.txt \ + -rsigner certs/ocsp/ocsp-responder-cert.pem \ + -rkey certs/ocsp/ocsp-responder-key.pem \ + -CA certs/ocsp/intermediate2-ca-cert.pem \ + $@ diff --git a/certs/ocsp/ocspd-intermediate3-ca-issued-certs.sh b/certs/ocsp/ocspd-intermediate3-ca-issued-certs.sh new file mode 100755 index 000000000..5e6a5173c --- /dev/null +++ b/certs/ocsp/ocspd-intermediate3-ca-issued-certs.sh @@ -0,0 +1,8 @@ +#!/bin/sh + +openssl ocsp -port 22223 -nmin 1 \ + -index certs/ocsp/index-intermediate3-ca-issued-certs.txt \ + -rsigner certs/ocsp/ocsp-responder-cert.pem \ + -rkey certs/ocsp/ocsp-responder-key.pem \ + -CA certs/ocsp/intermediate3-ca-cert.pem \ + $@ diff --git a/certs/ocsp/ocspd-root-ca-and-intermediate-cas.sh b/certs/ocsp/ocspd-root-ca-and-intermediate-cas.sh new file mode 100755 index 000000000..d3c3bc1ad --- /dev/null +++ b/certs/ocsp/ocspd-root-ca-and-intermediate-cas.sh @@ -0,0 +1,8 @@ +#!/bin/sh + +openssl ocsp -port 22220 -nmin 1 \ + -index certs/ocsp/index-ca-and-intermediate-cas.txt \ + -rsigner certs/ocsp/ocsp-responder-cert.pem \ + -rkey certs/ocsp/ocsp-responder-key.pem \ + -CA certs/ocsp/root-ca-cert.pem \ + $@ diff --git a/certs/ocsp/ocspd0.sh b/certs/ocsp/ocspd0.sh deleted file mode 100755 index d0aa0b953..000000000 --- a/certs/ocsp/ocspd0.sh +++ /dev/null @@ -1,8 +0,0 @@ -#!/bin/sh - -openssl ocsp -port 22220 -nmin 1 \ - -index certs/ocsp/index0.txt \ - -rsigner certs/ocsp/ocsp-responder-cert.pem \ - -rkey certs/ocsp/ocsp-responder-key.pem \ - -CA certs/ocsp/root-ca-cert.pem \ - $@ diff --git a/certs/ocsp/ocspd1.sh b/certs/ocsp/ocspd1.sh deleted file mode 100755 index 91448c004..000000000 --- a/certs/ocsp/ocspd1.sh +++ /dev/null @@ -1,8 +0,0 @@ -#!/bin/sh - -openssl ocsp -port 22221 -nmin 1 \ - -index certs/ocsp/index1.txt \ - -rsigner certs/ocsp/ocsp-responder-cert.pem \ - -rkey certs/ocsp/ocsp-responder-key.pem \ - -CA certs/ocsp/intermediate1-ca-cert.pem \ - $@ diff --git a/certs/ocsp/ocspd2.sh b/certs/ocsp/ocspd2.sh deleted file mode 100755 index a7748b337..000000000 --- a/certs/ocsp/ocspd2.sh +++ /dev/null @@ -1,8 +0,0 @@ -#!/bin/sh - -openssl ocsp -port 22222 -nmin 1 \ - -index certs/ocsp/index2.txt \ - -rsigner certs/ocsp/ocsp-responder-cert.pem \ - -rkey certs/ocsp/ocsp-responder-key.pem \ - -CA certs/ocsp/intermediate2-ca-cert.pem \ - $@ diff --git a/certs/ocsp/ocspd3.sh b/certs/ocsp/ocspd3.sh deleted file mode 100755 index 3e53ceb71..000000000 --- a/certs/ocsp/ocspd3.sh +++ /dev/null @@ -1,8 +0,0 @@ -#!/bin/sh - -openssl ocsp -port 22223 -nmin 1 \ - -index certs/ocsp/index3.txt \ - -rsigner certs/ocsp/ocsp-responder-cert.pem \ - -rkey certs/ocsp/ocsp-responder-key.pem \ - -CA certs/ocsp/intermediate3-ca-cert.pem \ - $@ diff --git a/scripts/ocsp-stapling.test b/scripts/ocsp-stapling.test index e8984b0aa..3511d4a36 100755 --- a/scripts/ocsp-stapling.test +++ b/scripts/ocsp-stapling.test @@ -18,7 +18,7 @@ RESULT=$? [ $RESULT -ne 0 ] && echo -e "\n\nClient connection failed" && exit 1 # setup ocsp responder -./certs/ocsp/ocspd1.sh & +./certs/ocsp/ocspd-intermediate1-ca-issued-certs.sh & sleep 1 [ $(jobs -r | wc -l) -ne 1 ] && echo -e "\n\nSetup ocsp responder failed, skipping" && exit 0 diff --git a/scripts/ocsp-stapling2.test b/scripts/ocsp-stapling2.test index 16bd81823..db48161d8 100755 --- a/scripts/ocsp-stapling2.test +++ b/scripts/ocsp-stapling2.test @@ -7,9 +7,9 @@ trap 'for i in `jobs -p`; do pkill -TERM -P $i; kill $i; done' EXIT [ ! -x ./examples/client/client ] && echo -e "\n\nClient doesn't exist" && exit 1 # setup ocsp responders -./certs/ocsp/ocspd0.sh & -./certs/ocsp/ocspd2.sh & -./certs/ocsp/ocspd3.sh & +./certs/ocsp/ocspd-root-ca-and-intermediate-cas.sh & +./certs/ocsp/ocspd-intermediate2-ca-issued-certs.sh & +./certs/ocsp/ocspd-intermediate3-ca-issued-certs.sh & sleep 1 [ $(jobs -r | wc -l) -ne 3 ] && echo -e "\n\nSetup ocsp responder failed, skipping" && exit 0 diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index 61134f015..75f993a41 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -10768,10 +10768,16 @@ static int DecodeBasicOcspResponse(byte* source, word32* ioIndex, } if ((cert.extExtKeyUsage & EXTKEYUSE_OCSP_SIGN) == 0) { - WOLFSSL_MSG("\tOCSP Responder key usage check failed"); + if (XMEMCMP(cert.subjectHash, + resp->issuerHash, KEYID_SIZE) == 0) { + WOLFSSL_MSG("\tOCSP Response signed by issuer"); + } + else { + WOLFSSL_MSG("\tOCSP Responder key usage check failed"); - FreeDecodedCert(&cert); - return BAD_OCSP_RESPONDER; + FreeDecodedCert(&cert); + return BAD_OCSP_RESPONDER; + } } /* ConfirmSignature is blocking here */ From 4bb17205fe300f8295cec80152577143d42646d1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Moise=CC=81s=20Guimara=CC=83es?= Date: Fri, 3 Feb 2017 14:31:56 -0300 Subject: [PATCH 3/6] adds new ocsp test --- scripts/include.am | 4 +- .../ocsp-stapling-with-ca-as-responder.test | 39 +++++++++++++++++++ 2 files changed, 42 insertions(+), 1 deletion(-) create mode 100755 scripts/ocsp-stapling-with-ca-as-responder.test diff --git a/scripts/include.am b/scripts/include.am index 442d758f7..c1180cbd1 100644 --- a/scripts/include.am +++ b/scripts/include.am @@ -26,13 +26,15 @@ endif if BUILD_OCSP_STAPLING dist_noinst_SCRIPTS+= scripts/ocsp-stapling.test scripts/ocsp-stapling.log: scripts/ocsp.log +dist_noinst_SCRIPTS+= scripts/ocsp-stapling-with-ca-as-responder.test +scripts/ocsp-stapling-with-ca-as-responder.log: scripts/ocsp-stapling.log endif if BUILD_OCSP_STAPLING_V2 dist_noinst_SCRIPTS+= scripts/ocsp-stapling2.test if BUILD_OCSP_STAPLING -scripts/ocsp-stapling2.log: scripts/ocsp-stapling.log +scripts/ocsp-stapling2.log: scripts/ocsp-stapling-with-ca-as-responder.log else scripts/ocsp-stapling2.log: scripts/ocsp.log endif diff --git a/scripts/ocsp-stapling-with-ca-as-responder.test b/scripts/ocsp-stapling-with-ca-as-responder.test new file mode 100755 index 000000000..49a8fe536 --- /dev/null +++ b/scripts/ocsp-stapling-with-ca-as-responder.test @@ -0,0 +1,39 @@ +#!/bin/sh + +# ocsp-stapling.test + +trap 'for i in `jobs -p`; do pkill -TERM -P $i; kill $i; done' EXIT + +server=login.live.com +ca=certs/external/ca-verisign-g5.pem + +[ ! -x ./examples/client/client ] && echo -e "\n\nClient doesn't exist" && exit 1 + +# is our desired server there? - login.live.com doesn't answers PING +#./scripts/ping.test $server 2 + +# client test against the server +./examples/client/client -X -C -h $server -p 443 -A $ca -g -W 1 +RESULT=$? +[ $RESULT -ne 0 ] && echo -e "\n\nClient connection failed" && exit 1 + +# setup ocsp responder +./certs/ocsp/ocspd-intermediate1-ca-issued-certs-with-ca-as-responder.sh & +sleep 1 +[ $(jobs -r | wc -l) -ne 1 ] && echo -e "\n\nSetup ocsp responder failed, skipping" && exit 0 + +# client test against our own server - GOOD CERT +./examples/server/server -c certs/ocsp/server1-cert.pem -k certs/ocsp/server1-key.pem & +sleep 1 +./examples/client/client -C -A certs/ocsp/root-ca-cert.pem -W 1 +RESULT=$? +[ $RESULT -ne 0 ] && echo -e "\n\nClient connection failed" && exit 1 + +# client test against our own server - REVOKED CERT +./examples/server/server -c certs/ocsp/server2-cert.pem -k certs/ocsp/server2-key.pem & +sleep 1 +./examples/client/client -C -A certs/ocsp/root-ca-cert.pem -W 1 +RESULT=$? +[ $RESULT -ne 1 ] && echo -e "\n\nClient connection suceeded $RESULT" && exit 1 + +exit 0 From 7a3769f4353e34b7bd792fdc6e5567dea80f7d0f Mon Sep 17 00:00:00 2001 From: David Garske Date: Fri, 9 Jun 2017 10:54:11 -0700 Subject: [PATCH 4/6] Fix wolfCrypt errors test to allow -178. --- wolfcrypt/test/test.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index 3afddfdd5..460b3f4e1 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -930,7 +930,7 @@ int error_test() /* Values that are not or no longer error codes. */ int missing[] = { -122, -123, -124, -127, -128, -129, -161, -162, -163, -164, -165, -166, -167, -168, -169, - -178, -179, -233, + -179, -233, 0 }; /* Check that all errors have a string and it's the same through the two From a3578c6643620d11748240ef0556027b562787fa Mon Sep 17 00:00:00 2001 From: David Garske Date: Wed, 21 Jun 2017 10:52:11 -0700 Subject: [PATCH 5/6] Adds `WOLFSSL_NO_OCSP_EXTKEYUSE_OCSP_SIGN` option to provide backwards compatibility option for OCSP checking. --- wolfcrypt/src/asn.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index 75f993a41..64eb76b20 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -36,10 +36,13 @@ ASN Options: * WOLFSSL_CERT_GEN: Cert generation. Saves extra certificate info in GetName. * WOLFSSL_NO_OCSP_OPTIONAL_CERTS: Skip optional OCSP certs (responder issuer must still be trusted) - * WOLFSSL_NO_TRUSTED_CERTS_VERIFY: Workaround for sitatuon where entire cert + * WOLFSSL_NO_TRUSTED_CERTS_VERIFY: Workaround for situation where entire cert chain is not loaded. This only matches on subject and public key and does not perform a PKI validation, so it is not a secure solution. Only enabled for OCSP. + * WOLFSSL_NO_OCSP_EXTKEYUSE_OCSP_SIGN: Can be defined for backwards + compatibility to disable matching of OCSP signing authority for the + certificate in question. */ #ifndef NO_ASN @@ -10767,6 +10770,7 @@ static int DecodeBasicOcspResponse(byte* source, word32* ioIndex, return ret; } +#ifndef WOLFSSL_NO_OCSP_EXTKEYUSE_OCSP_SIGN if ((cert.extExtKeyUsage & EXTKEYUSE_OCSP_SIGN) == 0) { if (XMEMCMP(cert.subjectHash, resp->issuerHash, KEYID_SIZE) == 0) { @@ -10779,6 +10783,7 @@ static int DecodeBasicOcspResponse(byte* source, word32* ioIndex, return BAD_OCSP_RESPONDER; } } +#endif /* ConfirmSignature is blocking here */ ret = ConfirmSignature(&cert.sigCtx, From 3a4edf75bd492313af507e0f11a62b0d81cd37a1 Mon Sep 17 00:00:00 2001 From: David Garske Date: Thu, 22 Jun 2017 09:56:43 -0700 Subject: [PATCH 6/6] =?UTF-8?q?Rename=20the=20option=20to=20disable=20the?= =?UTF-8?q?=20new=20issuer=20sign=20check=20to=20=E2=80=98WOLFSSL=5FNO=5FO?= =?UTF-8?q?CSP=5FISSUER=5FCHECK`.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- wolfcrypt/src/asn.c | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index 64eb76b20..83a2c602c 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -40,9 +40,8 @@ ASN Options: chain is not loaded. This only matches on subject and public key and does not perform a PKI validation, so it is not a secure solution. Only enabled for OCSP. - * WOLFSSL_NO_OCSP_EXTKEYUSE_OCSP_SIGN: Can be defined for backwards - compatibility to disable matching of OCSP signing authority for the - certificate in question. + * WOLFSSL_NO_OCSP_ISSUER_CHECK: Can be defined for backwards compatibility to + disable checking of OCSP subject hash with issuer hash. */ #ifndef NO_ASN @@ -10770,7 +10769,7 @@ static int DecodeBasicOcspResponse(byte* source, word32* ioIndex, return ret; } -#ifndef WOLFSSL_NO_OCSP_EXTKEYUSE_OCSP_SIGN +#ifndef WOLFSSL_NO_OCSP_ISSUER_CHECK if ((cert.extExtKeyUsage & EXTKEYUSE_OCSP_SIGN) == 0) { if (XMEMCMP(cert.subjectHash, resp->issuerHash, KEYID_SIZE) == 0) {