PATCH: possible bug in OCSP check

Xuelei Fan xuelei.fan at oracle.com
Wed May 29 01:16:09 UTC 2013 

Hi Ricardo,

Have you or your organization signed the signed the Oracle Contributor
Agreement (OCA) per the request of OpenJDK bylaws?

http://openjdk.java.net/bylaws#_2

Thanks,
Xuelei

On 5/24/2013 5:31 PM, Ricardo Martin Camarero wrote:
> Hi everybody,
> 
> I have been struggling for some months with a weird issue about how Java
> validates OCSP responses. Following the RFC2560 standard the responses
> sent by the responder should be signed following one of these three
> possibilities:
> 
>> All definitive response messages SHALL be digitally signed. The key
>>    used to sign the response MUST belong to one of the following:
>>
>>    -- the CA who issued the certificate in question
>>    -- a Trusted Responder whose public key is trusted by the requester
>>    -- a CA Designated Responder (Authorized Responder) who holds a
>>       specially marked certificate issued directly by the CA, indicating
>>       that the responder may issue OCSP responses for that CA
> 
> In current java implementation (openjdk 6, 7 and 8) the case (1) and (3)
> are considered by default and case (2) can be configured using some
> properties ("ocsp.responderCertSubjectName" for example). But the
> problem is that both configurations are exclusive, if your application
> accepts responses for the cases (1) and (3) it fails with the case (2)
> and vice-versa.
> 
> I faced an OCSP responder that in some cases it answered using the case
> (1) and in others using the case (2). The case (1) was used to sign
> responses for their own certificates and the case (2) was used to sign
> responses for foreign certificates (spanish national id certificates
> specifically). I'm not completely sure if the standard admits this
> situation but I haven't read anything against that. Besides why not to
> take the configured certificate ("ocsp.responderCertSubjectName" or any
> of the other properties) as a failback and not as the unique valid signer.
> 
> Looking at the code the problem is that only one certificate is passed
> as the valid signer for responses (the one configured via properties or
> the issuer cert). Following Andrew advise I have made a little patch
> against current openjdk-8 that just considers both of them (OCSPResponse
> class receives both certs and this way can check the three cases).
> 
> Thanks in advance!
>

More information about the security-dev mailing list