ocsp: better validate OCSP response's certificates #256
Conversation
|
This PR (HEAD: 4da111c) has been imported to Gerrit for code review. Please visit https://go-review.googlesource.com/c/crypto/+/485055 to see it. Tip: You can toggle comments from me using the |
We make three changes here:
1. Allow iterating over all given certificates to find the one that
signed this OCSP response, as RFC 6960 does not guarantee an order
and some CAs send multiple certificates, and
2. Allow the passed issuer to match the certificate that directly
signed this response, and
3. Lastly, we document the unsafe behavior of calling these functions
with issuer=nil, indicating that it performs no trust verification.
Previously, when a CA returned the intermediate CA that signed a leaf
cert as an additional cert in the response field (without using a
delegated OCSP certificate), Go would err with a bad signature, as it
expected the intermediate CA to have signed the wire copy (even though
it was the exact same certificate).
Also includes a code comment around the "bad signature on embedded
certificate" error message, indicating that this isn't strictly
the correct preposition choice.
See also: https://github.com/crtsh/test_websites_monitor/blob/1bd8226b5f963e91d7889ea432a36e3173be8eec/test_websites_monitor.go#L267
See also: golang/go#59641
Fixes golang/go#59641
Signed-off-by: Alexander Scheel <[email protected]>
cipherboy
force-pushed
the
better-ocsp-issuer-validation-semantics
branch
from
4da111c
to
7ee4c84
Compare
|
Message from Alex Scheel: Patch Set 1: (1 comment) Please don’t reply on this GitHub thread. Visit golang.org/cl/485055. |
|
This PR (HEAD: 7ee4c84) has been imported to Gerrit for code review. Please visit https://go-review.googlesource.com/c/crypto/+/485055 to see it. Tip: You can toggle comments from me using the |
|
Message from Alex Scheel: Patch Set 1: (1 comment) Please don’t reply on this GitHub thread. Visit golang.org/cl/485055. |
We make three changes here:
Previously, when a CA returned the intermediate CA that signed a leaf cert as an additional cert in the response field (without using a delegated OCSP certificate), Go would err with a bad signature, as it expected the intermediate CA to have signed the wire copy (even though it was the exact same certificate).
Also includes a code comment around the "bad signature on embedded certificate" error message, indicating that this isn't strictly the correct preposition choice.
See also: https://github.com/crtsh/test_websites_monitor/blob/1bd8226b5f963e91d7889ea432a36e3173be8eec/test_websites_monitor.go#L267
See also: golang/go#59641
Fixes golang/go#59641