[openssl-dev] [openssl.org #4620] OCSP_basic_verify() question/comment

David von Oheimb David.von.Oheimb at siemens.com
Wed Aug 9 16:26:19 UTC 2017 

It seems that OCSP_basic_verify(bs, certs, st, flags) unfortunately is
not documented, but from its code it becomes clear that the "certs"
parameter is meant to be a set of untrusted certificates, which is first
used (together with bs->certs) to determine the signer cert of the OCSP
response "bs" and then is partly(!) used to construct the chain of certs
towards a trusted (root) cert in the store passed in the "st" parameter.

>> OCSP responses do not seem to include the intermediate certificates so they
>> have to be acquired in other ways. I have been doing this and adding them
>> to the certificate stack handed to OCSP_basic_verify().
>
> Perhaps adding them to X509_STORE or STORE_CTX directly?

This does not work because OCSP_basic_verify(bs, certs, st, flags)
produces its own internal X509_STORE_CTX:
	  init_res = X509_STORE_CTX_init(ctx, st, signer, untrusted);
where the "st" parameter is taken as the trusted store, while the set of
untrusted certs cannot be directly set by the caller.

>> I am relatively new to this so I may be incorrect; however, it seems to me
>> that the certificates in the cert argument should be added to the
>> X509_STORE_CTX.
>
> If you need to add certificates to validate a chain, it seems safer to explicitly add them to the store, not implicitly.

As long as the OCSP response pointed to by "bs" includes a non-NULL
bs->certs field, OCSP_basic_verify() takes the union of any certs in the
"certs" parameter and in bs->certs as untrusted certs for chain
construction, but if bs->certs is NULL, i.e. when the OCSP responder did
not include any certs its response, for some reason OCSP_basic_verify()
does not take "certs" but bs->certs, which corresponds to the empty set.

I consider this a bug, for which I've just submitted a pull request:
https://github.com/openssl/openssl/pull/4124
This fix takes "certs" as the set of untrusted certs in case bs->certs
is NULL.

As long as a fix is not yet available, one can use the following
workaround:
	{
	   X509 *dummy = X509_new();
	   (void)OCSP_basic_add1_cert(bs, dummy);
	   X509_free(dummy);
	}
before calling
	OCSP_basic_verify(bs, certs, st, flags);

More information about the openssl-dev mailing list