<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<p><font size="-1" face="Courier New, Courier, monospace">Oh.. I'm a
step further. I've checked every byte range of the ocsp response
for the recovered sha256 signature.</font></p>
<p><font size="-1" face="Courier New, Courier, monospace">$ len=`cat
ocsp.resp | wc -c`<br>
$ for start in `seq 1 $len`; do</font><br>
<font size="-1" face="Courier New, Courier, monospace"><font
size="-1" face="Courier New, Courier, monospace"> echo -n
"$start "<br>
</font> for end in `seq 1 $[$len+1-$start]`; do<br>
output=`cat ocsp.resp | tail -c +$start | head -c $end |
sha256sum| grep </font><font size="-1" face="Courier New,
Courier, monospace"><font size="-1" face="Courier New, Courier,
monospace">b483f2c34a6c1b4edf66b4d5310b58c3603ce9200f4fb0df61882fc0e02566a8</font>`<br>
if [ "$output" != "" ]; then<br>
echo ''<br>
echo $start $end $output<br>
cat ocsp.resp | tail -c +$start | head -c $end | od -An
-tx1<br>
break<br>
fi</font><font size="-1" face="Courier New, Courier,
monospace"><br>
done<br>
</font><font size="-1" face="Courier New, Courier, monospace"><font
size="-1" face="Courier New, Courier, monospace"> if [
"$output" != "" ]; then break; fi<br>
</font> done</font></p>
<p></p>
<p><font size="-1" face="Courier New, Courier, monospace">35 193
b483f2c34a6c1b4edf66b4d5310b58c3603ce9200f4fb0df61882fc0e02566a8
-<br>
30 81 be a1 34 30 32 31 0b 30 09 06 03 55 04 06<br>
13 02 55 53 31 16 30 14 06 03 55 04 0a 13 0d 4c<br>
65 74 27 73 20 45 6e 63 72 79 70 74 31 0b 30 09<br>
06 03 55 04 03 13 02 52 33 18 0f 32 30 32 31 30<br>
37 31 38 31 38 30 30 30 30 5a 30 75 30 73 30 4b<br>
30 09 06 05 2b 0e 03 02 1a 05 00 04 14 48 da c9<br>
a0 fb 2b d3 2d 4f f0 de 68 d2 f5 67 b7 35 f9 b3<br>
c4 04 14 14 2e b3 17 b7 58 56 cb ae 50 09 40 e6<br>
1f af 9d 8b 14 c2 c6 02 12 03 dc be 01 33 c9 b8<br>
33 12 54 75 b4 a7 7a b5 4a 3d f6 80 00 18 0f 32<br>
30 32 31 30 37 31 38 31 38 30 30 30 30 5a a0 11<br>
18 0f 32 30 32 31 30 37 32 35 31 38 30 30 30 30<br>
5a<br>
<br>
</font></p>
<p><font size="-1" face="Courier New, Courier, monospace">So the TBS
part starts in byte 35 and is 193 bytes long, meaning bytes
35-227. <br>
</font></p>
<p><font size="-1" face="Courier New, Courier, monospace">Looking at
wireshark, that's indeed the 'tbsResponseData'. Any way to
extract the tbs with openssl ? Thanks.<br>
</font></p>
<p><br>
</p>
<div class="moz-cite-prefix">On 2021-07-21 00:04, Gaardiolor wrote:<br>
</div>
<blockquote type="cite"
cite="mid:921f8d2d-163b-9d9a-1120-92f23b7d4c84@gmail.com">
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<p><font size="-1" face="Courier New, Courier, monospace">Good
day,<br>
<br>
I don't fully understand ocsp certificate verification. In
order to better understand it, I want to do it manually. I can
already do that with certificates.<br>
<br>
</font><font size="-1" face="Courier New, Courier, monospace"><font
size="-1" face="Courier New, Courier, monospace">$ </font>openssl
s_client -connect openssl.org:443 -showcerts<br>
# I save the server.crt and intermediate.crt<br>
<br>
$ openssl verify -no-CApath -partial_chain -trusted
intermediate.crt server.crt<br>
server.crt: OK<br>
<br>
Manually:<br>
# Get the ASN id's of the TBS and Signature<br>
</font><font size="-1" face="Courier New, Courier, monospace"><font
size="-1" face="Courier New, Courier, monospace">$ </font>asn=`openssl
asn1parse -i -in server.crt |egrep -e '(^ .*: SEQUENCE|: BIT
STRING)'`<br>
</font><font size="-1" face="Courier New, Courier, monospace"><font
size="-1" face="Courier New, Courier, monospace">$ </font>asn_tbs=`echo
"$asn" | head -1 | awk -F: '{print $1}' | sed 's/ //g'`<br>
</font><font size="-1" face="Courier New, Courier, monospace"><font
size="-1" face="Courier New, Courier, monospace">$ </font>asn_sig=`echo
"$asn" | tail -1 | awk -F: '{print $1}' | sed 's/ //g'`<br>
</font></p>
<p><font size="-1" face="Courier New, Courier, monospace"># Get
tbs<br>
openssl asn1parse -in server.crt -strparse ${asn_tbs} -out
server.tbs > /dev/null</font></p>
<p><font size="-1" face="Courier New, Courier, monospace"># Hash
tbs<br>
</font><font size="-1" face="Courier New, Courier, monospace"><font
size="-1" face="Courier New, Courier, monospace">$ </font>cat
server.tbs | openssl sha256 -binary > server.tbs.sha256<br>
</font></p>
<p><font size="-1" face="Courier New, Courier, monospace"># Get
signature (ignore 'header too long' error)<br>
</font><font size="-1" face="Courier New, Courier, monospace"><font
size="-1" face="Courier New, Courier, monospace">$ </font>openssl
asn1parse -in server.crt -strparse ${asn_sig} -out server.sig
> /dev/null<br>
<br>
# Get public key of intermediate<br>
</font><font size="-1" face="Courier New, Courier, monospace"><font
size="-1" face="Courier New, Courier, monospace">$ </font>openssl
x509 -in intermediate.crt -noout -pubkey > intermediate.pub</font></p>
<p><font size="-1" face="Courier New, Courier, monospace">#
Recover (decrypt) the signature<br>
</font><font size="-1" face="Courier New, Courier, monospace"><font
size="-1" face="Courier New, Courier, monospace">$ </font>openssl
rsautl -inkey intermediate.pub -pubin -in server.sig -out
server.sig.recovered</font></p>
<p><font size="-1" face="Courier New, Courier, monospace">#
Verify. Ignore the first line of server.sig.recovered, this is
the hash algoritm designator<br>
</font><font size="-1" face="Courier New, Courier, monospace"><font
size="-1" face="Courier New, Courier, monospace">$ </font>od
-An -tx1 -w19 server.sig.recovered<br>
30 31 30 0d 06 09 60 86 48 01 65 03 04 02 01 05 00 04 20<br>
87 36 67 06 ba d7 10 18 72 d3 f6 58 00 a9 34 78 bc 82 bf<br>
57 37 20 ab 82 04 fb 04 78 38 e2 d3 a2<br>
</font><font size="-1" face="Courier New, Courier, monospace"><font
size="-1" face="Courier New, Courier, monospace">$ </font>od
-An -tx1 -w19 server.tbs.sha256<br>
87 36 67 06 ba d7 10 18 72 d3 f6 58 00 a9 34 78 bc 82 bf<br>
57 37 20 ab 82 04 fb 04 78 38 e2 d3 a2<br>
</font></p>
<p><font size="-1" face="Courier New, Courier, monospace">Yay. Now
how do I do that with OCSP ?</font></p>
<p><font size="-1" face="Courier New, Courier, monospace"># Get
OCSP<br>
</font><font size="-1" face="Courier New, Courier, monospace"><font
size="-1" face="Courier New, Courier, monospace">$ </font>ocsp=`openssl
x509 -noout -ocsp_uri -in server.crt`<br>
</font></p>
<p><font size="-1" face="Courier New, Courier, monospace"># Verify<br>
$ ocsp_response=`openssl ocsp -noverify -no_nonce -respout
ocsp.resp -reqout ocsp.req -issuer intermediate.crt -cert
server.crt -text -url $ocsp`<br>
$ echo "$ocsp_response" | grep server.crt<br>
server.crt: good<br>
</font></p>
<p><font size="-1" face="Courier New, Courier, monospace">Manually:<br>
# Get the signature. Can't find how to do this with asn1parse<br>
$ for byte in `echo "$ocsp_response" | grep -A40 "
Signature Algorithm" | grep -B40 "server.crt" | egrep -ve
'(Signature Algorithm|server.crt)' | sed -e 's/ //g' -e 's/:/
/g'`; do<br>
echo -ne "\x$byte"<br>
done </font><font size="-1" face="Courier New, Courier,
monospace"><font size="-1" face="Courier New, Courier,
monospace">> ocsp.resp.sig</font></font></p>
<p><font size="-1" face="Courier New, Courier, monospace"># </font><font
size="-1" face="Courier New, Courier, monospace"><font
size="-1" face="Courier New, Courier, monospace">Recover
(decrypt) the signature<br>
$ openssl rsautl -inkey intermediate.pub -pubin -in
ocsp.resp.sig -out ocsp.resp.sig.recovered</font></font></p>
<p><font size="-1" face="Courier New, Courier, monospace"><font
size="-1" face="Courier New, Courier, monospace"># Print the
decrypted signature (looks good, first line is hash
algorithm designator, length looks ok, no errors)<br>
$ od -An -tx1 -w19 ocsp.resp.sig.recovered<br>
30 31 30 0d 06 09 60 86 48 01 65 03 04 02 01 05 00 04 20<br>
b4 83 f2 c3 4a 6c 1b 4e df 66 b4 d5 31 0b 58 c3 60 3c e9<br>
20 0f 4f b0 df 61 88 2f c0 e0 25 66 a8<br>
</font></font></p>
<p><font size="-1" face="Courier New, Courier, monospace"><font
size="-1" face="Courier New, Courier, monospace">But.. How
to extract the tbs data from the response, so I can sha256
that and compare ?<br>
</font></font></p>
</blockquote>
</body>
</html>