[gnutls-help] Problem with OCSP status in gnutls-cli
Nikos Mavrogiannopoulos
n.mavrogiannopoulos at gmail.com
Fri Dec 15 15:52:36 CET 2017
On Wed, Dec 13, 2017 at 1:26 PM, Johannes Bauer <dfnsonfsduifb at gmx.de> wrote:
> Hi Nikos,
>
> On 13.12.2017 12:46, Nikos Mavrogiannopoulos wrote:
>
>>> So, for now, this works as a workaround for me -- but I do think that is
>>> unintended behavior on gnuTLS' side, isn't it?
>>
>> I'm not sure. There is already a test for that (see
>> tests/ocsp-tests/ocsp-tls-connection) and gnutls-cli seems to be able
>> to connect. Could you help me by providing a reproducer to the issue?
>
> Sure thing! I've created a blob, ocsp_reproducer.tar.gz (attached at
> bottom), that contains all certificates and an OCSP response which I
> crafted to be valid for a year. It relies on OpenSSL (possibly 1.1,
> don't know when the -status_file option was added). Here's how it works:
Thank you. I checked it further and it seems that openssl s_client
doesn't seem to check/verify any OCSP responses given. That's why you
see it working on that server.
gnutls attempts OCSP verification with the following steps:
1. reads the included certificates in the OCSP response.
[no such certs are included in that response]
2. If that fails, it extracts the DN of the OCSP signer and search the
included trusted list based on DN.
[no DN is included in the OCSP response; only a hash of the DN]
3. If all of the above fails, it will try to verify against the
client's issuer certificate in the presented chain.
[fails because the server chain doesn't include its issuer]
Did you generate this OCSP response based on some rules which
suggested to have it that way? I suspect it would be possible to
extend the trust database searching (in gnutls and p11-kit as well)
using SHA1 hash of fields, but that would not be a trivial change.
regards,
Nikos
[0].
OCSP Response Information:
Response Status: Successful
Response Type: Basic OCSP Response
Version: 1
Responder Key ID: 4d5ddb9d963896e0f16028fabd2a8f8e083329c6
Produced At: Wed Dec 13 12:12:05 UTC 2017
Responses:
Certificate ID:
Hash Algorithm: SHA1
Issuer Name Hash: b731f8dc9366b6a1b427daa84e53909fa28b9a71
Issuer Key Hash: 4d5ddb9d963896e0f16028fabd2a8f8e083329c6
Serial Number: 6313d7d35516497c5e48d7dff323724a
Certificate Status: good
This Update: Wed Dec 13 09:12:05 UTC 2017
Next Update: Thu Dec 13 12:12:05 UTC 2018
Extensions:
More information about the Gnutls-help
mailing list