Re: CERT_PKIXVerifyCert ocsp leaf test fails using OCSP in a particular scenario

Sat, 07 Nov 2009 22:50:28 -0800 

Hi Joachim,
Thank you for reporting this problem. It looks like a valid bug that should be investigated. I was not able to reproduce it with a chain of three certs which has revoked EE and ICA cert. But, my certs do not use AIA for fetching and I suspect this in combination with ocsp cache may cause the problem. 


Please file a bug and add all your certs. I'd like to use your chain to 
reproduce the problem using your responders.


Thanks,
Alexei

Joachim Lingner wrote:

Hi,
I have the following setup:

- a certificate chain of 3

-the end certificate refers to revocation information using AIA and 
OCSP, the "responder" is the issuer.
-the intermediate certificate  uses also AIA and OCSP and the 
"responder" is the root certificate.

-the end and intermediate certificates are revoked.
-"openssl ocsp" is used as responder.


The end certificate is checked using vfychain.exe (nss 3.12.4) using 
this command line:
./vfychain.exe -d d:/vfydb -pp -u 0 -g leaf -m ocsp -g chain -m ocsp 
user_2_intermediate_2.crt


If both responder do not run, then vfychain says the chain is good.

If the "root" or both responder are running, the vfychain says the 
certificate has been revoked.
If only the "intermediate" responder is running, then vfychain says 
the certificate is good.



The latter case is unexpected. I see that the responder receives a 
request and the response contains that the end certificate is revoked. 
Still the result is "good". If the response contains "unknown", then 
the vfychain says that the certifate has been revoked, as expected.
I also tried a similar scenario, where the intermediate and end 
certificates use a CRL distribution point. Then everything worked as 
expected.


Have I overlooked something or is this a bug?

For completeness, here are the end cert and the OCSP requests/responses:


This is the end certificate (leaving out the public key and signature:
Certificate:
   Data:
       Version: 3 (0x2)
       Serial Number: 4097 (0x1001)
       Signature Algorithm: sha1WithRSAEncryption

       Issuer: C=DE, ST=Hamburg, O=OpenOffice.org, OU=Development, 
CN=Test CA 2009.2 intermediate 2

       Validity
           Not Before: Nov  3 13:48:38 2009 GMT
           Not After : Oct 28 13:48:38 2034 GMT

       Subject: C=DE, ST=Hamburg, O=OpenOffice.org, OU=Development, 
CN=user 2 intermediate 2

       Subject Public Key Info:
           Public Key Algorithm: rsaEncryption
           RSA Public Key: (1024 bit)
               Modulus (1024 bit):
                    ...
               Exponent: 65537 (0x10001)
       X509v3 extensions:

           Authority Information Access:                OCSP - 
URI:http://localhost:8889



           X509v3 Key Usage:                Digital Signature, Non 
Repudiation, Key Encipherment
           X509v3 Subject Key Identifier:                
DF:36:C8:A4:22:6A:45:38:30:5D:06:AB:45:98:ED:8D:B9:B9:36:CC
           X509v3 Authority Key Identifier:                
keyid:CA:BD:20:52:1C:EC:4C:86:FE:B7:1A:BA:5D:D8:8C:EA:C6:A3:40:33


   Signature Algorithm: sha1WithRSAEncryption
       ...

And this is the ocsp request/response with status "revoked":
OCSP Request Data:
   Version: 1 (0x0)
   Requestor List:
       Certificate ID:
         Hash Algorithm: sha1
         Issuer Name Hash: 1F29333FFF1E6A99A04D613A161A55D840146023
         Issuer Key Hash: CABD20521CEC4C86FEB71ABA5DD88CEAC6A34033
         Serial Number: 1001
   Request Extensions:
       Acceptable OCSP Responses:            Basic OCSP Response
OCSP Response Data:
   OCSP Response Status: successful (0x0)
   Response Type: Basic OCSP Response
   Version: 1 (0x0)

   Responder Id: C = DE, ST = Hamburg, O = OpenOffice.org, OU = 
Development, CN = Test CA 2009.2 intermediate 2

   Produced At: Nov  5 12:24:58 2009 GMT
   Responses:
   Certificate ID:
     Hash Algorithm: sha1
     Issuer Name Hash: 1F29333FFF1E6A99A04D613A161A55D840146023
     Issuer Key Hash: CABD20521CEC4C86FEB71ABA5DD88CEAC6A34033
     Serial Number: 1001
   Cert Status: revoked
   Revocation Time: Nov  3 13:50:24 2009 GMT
   Revocation Reason: cACompromise (0x2)
   This Update: Nov  5 12:24:58 2009 GMT

The ocsp request/response with status "unknown":

OCSP Request Data:
   Version: 1 (0x0)
   Requestor List:
       Certificate ID:
         Hash Algorithm: sha1
         Issuer Name Hash: 1F29333FFF1E6A99A04D613A161A55D840146023
         Issuer Key Hash: CABD20521CEC4C86FEB71ABA5DD88CEAC6A34033
         Serial Number: 1001
   Request Extensions:
       Acceptable OCSP Responses:            Basic OCSP Response
OCSP Response Data:
   OCSP Response Status: successful (0x0)
   Response Type: Basic OCSP Response
   Version: 1 (0x0)

   Responder Id: C = DE, ST = Hamburg, O = OpenOffice.org, OU = 
Development, CN = Test CA 2009.2 intermediate 4

   Produced At: Nov  5 12:43:30 2009 GMT
   Responses:
   Certificate ID:
     Hash Algorithm: sha1
     Issuer Name Hash: 1F29333FFF1E6A99A04D613A161A55D840146023
     Issuer Key Hash: CABD20521CEC4C86FEB71ABA5DD88CEAC6A34033
     Serial Number: 1001
   Cert Status: unknown
   This Update: Nov  5 12:43:30 2009 GMT



Kind Regards,
Joachim Lingner


--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto














    











					Reply via email to