ocsp: responderID.ByKey is SHA-1 Digest len

Check that responderID.ByKey is exactly WC_SHA_DIGEST_SIZE as per RFC 6960. KEYID_SIZE can change across build configuration.
2025-07-29 18:27:29 +02:00 · 2025-02-20 16:07:22 +00:00
parent a85641574d
commit 8b80cb10d6
3 changed files with 13 additions and 7 deletions
--- a/tests/api/test_ocsp.c
+++ b/tests/api/test_ocsp.c
@ -222,7 +222,7 @@ int test_ocsp_basic_verify(void)
    ExpectIntEQ(response->responseStatus, 0);
    ExpectIntEQ(response->responderIdType, OCSP_RESPONDER_ID_KEY);
    ExpectBufEQ(response->responderId.keyHash, cert.subjectKeyHash,
-        OCSP_DIGEST_SIZE);
+        OCSP_RESPONDER_ID_KEY_SZ);
    wolfSSL_OCSP_RESPONSE_free(response);

    /* decoding with no embedded certificates */
--- a/wolfcrypt/src/asn.c
+++ b/wolfcrypt/src/asn.c
@ -36964,7 +36964,7 @@ static int DecodeResponseData(byte* source, word32* ioIndex,
        if (GetOctetString(source, &idx, &length, size) < 0)
            return ASN_PARSE_E;

-        if (length != KEYID_SIZE)
+        if (length != OCSP_RESPONDER_ID_KEY_SZ)
            return ASN_PARSE_E;
        resp->responderIdType = OCSP_RESPONDER_ID_KEY;
        XMEMCPY(resp->responderId.keyHash, source + idx, length);
@ -37027,7 +37027,7 @@ static int DecodeResponseData(byte* source, word32* ioIndex,
    int ret = 0;
    byte version;
    word32 dateSz = 0;
-    word32 responderByKeySz = KEYID_SIZE;
+    word32 responderByKeySz = OCSP_RESPONDER_ID_KEY_SZ;
    word32 idx = *ioIndex;
    OcspEntry* single = NULL;

@ -37073,7 +37073,8 @@ static int DecodeResponseData(byte* source, word32* ioIndex,
                resp->responderId.nameHash, WC_SHA);
        } else {
            resp->responderIdType = OCSP_RESPONDER_ID_KEY;
-            if (dataASN[OCSPRESPDATAASN_IDX_BYKEY_OCT].length != KEYID_SIZE) {
+            if (dataASN[OCSPRESPDATAASN_IDX_BYKEY_OCT].length
+                    != OCSP_RESPONDER_ID_KEY_SZ) {
                ret = ASN_PARSE_E;
            } else {
                resp->responderIdType = OCSP_RESPONDER_ID_KEY;
@ -37226,10 +37227,14 @@ enum {
 static int OcspRespIdMatch(OcspResponse *resp, const byte *NameHash,
    const byte *keyHash)
 {
+    if (resp->responderIdType == OCSP_RESPONDER_ID_INVALID)
+        return 0;
    if (resp->responderIdType == OCSP_RESPONDER_ID_NAME)
        return XMEMCMP(NameHash, resp->responderId.nameHash,
            SIGNER_DIGEST_SIZE) == 0;
-    return XMEMCMP(keyHash, resp->responderId.keyHash, KEYID_SIZE) == 0;
+    /* OCSP_RESPONDER_ID_KEY */
+    return ((int)KEYID_SIZE == OCSP_RESPONDER_ID_KEY_SZ) &&
+        XMEMCMP(keyHash, resp->responderId.keyHash, KEYID_SIZE) == 0;
 }

 #ifndef WOLFSSL_NO_OCSP_ISSUER_CHECK
@ -37268,7 +37273,7 @@ static Signer *OcspFindSigner(OcspResponse *resp, WOLFSSL_CERT_MANAGER *cm)
        if (s)
            return s;
    }
-    else {
+    else if ((int)KEYID_SIZE == OCSP_RESPONDER_ID_KEY_SZ) {
        s = GetCAByKeyHash(cm, resp->responderId.keyHash);
        if (s)
            return s;
--- a/wolfssl/wolfcrypt/asn.h
+++ b/wolfssl/wolfcrypt/asn.h
@ -2732,6 +2732,7 @@ struct OcspEntry
    WC_BITFIELD used:1;                   /* entry used                */
 };

+#define OCSP_RESPONDER_ID_KEY_SZ 20
 enum responderIdType {
    OCSP_RESPONDER_ID_INVALID = 0,
    OCSP_RESPONDER_ID_NAME = 1,
@ -2750,7 +2751,7 @@ struct OcspResponse {

    enum responderIdType responderIdType;
    union {
-        byte keyHash[KEYID_SIZE];
+        byte keyHash[OCSP_RESPONDER_ID_KEY_SZ];
        byte nameHash[KEYID_SIZE];
    } responderId ;