[openssl-dev] [openssl.org #3668] [PATCH] Don't use the cert list embedded in the OCSP response to build the trust chain

Alessandro Ghedini via RT rt at openssl.org
Tue Jan 20 14:02:36 UTC 2015


Currently the OCSP_basic_verify() function fails with many apparently valid OCSP
responses (e.g. all those sent by Cloudflare servers). Other libraries (GnuTLS,
NSS) have no problem with them.

Essentially, in crypto/ocsp/ocsp_vfy.c in the OCSP_basic_verify() function, the
X509_STORE_CTX_init() function is called like this:

  init_res = X509_STORE_CTX_init(&ctx, st, signer, bs->certs);

where ctx is the X509_STORE_CTX to be initialized, st is the trust store passed
by the user, signer is the signer of the OCSP response (which is what needs to
be validated), and bs is the decoded OCSP basic response.

The problem is the last argument. OpenSSL uses the cert list embedded in the
OCSP response to build the trust chain, but it seems that in some cases this
list is somewhat broken. Other libraries (e.g. GnuTLS), do the verification
differently, without including those bs->certs that OpenSSL uses.

I attached the patch and a simple test case. You can compile it with:

  $ cc ocsp_test.c -lcrypto -lssl

To test the problem run:

  $ ./a.out digitalocean.com 443
  OCSP response verification failed

after the patch:

  $ ./a.out digitalocean.com 443
  OK

Cheers

-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-Don-t-use-the-cert-list-embedded-in-the-OCSP-respons.patch
Type: text/x-diff
Size: 1052 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20150120/009cfb66/attachment-0001.patch>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ocsp_test.c
Type: text/x-csrc
Size: 2160 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20150120/009cfb66/attachment-0001.c>


More information about the openssl-dev mailing list