Verification of OCSP Responses signed with RSASSA-PSS fails with Java 11 LTS
can comert
cancomert at gmail.com
Thu Sep 30 13:44:14 UTC 2021
I have recently received a Notification Email about the acceptance of the
Bug report.
It says the Bug is accepted and available under:
http://bugs.java.com/bugdatabase/view_bug.do?bug_id=JDK-8274471
Hier is also the JIRA Issue for OpenJDK:
https://bugs.openjdk.java.net/browse/JDK-8274471
Thanks for your interest and fast response.
Best regards,
Can
Sean Mullan <sean.mullan at oracle.com>, 29 Eyl 2021 Çar, 22:36 tarihinde şunu
yazdı:
> Thank you for reporting this issue. As far as I can tell, it looks like
> the JDK OCSP implementation has not yet been enhanced to support
> RSASSA-PSS signatures.
>
> We will keep an eye out for the bug report you filed but I think it is
> still making its way through our system as I have not seen it yet.
>
> --Sean
>
> On 9/28/21 11:17 AM, can comert wrote:
> > Hello everyone,
> >
> > I am trying to verify Certificate Revocation Status by using JDK and the
> > preferred way is the OCSP request. I came across certificates provided
> > by a certain Certificate Authority (Procilion) which I can not verify
> > the Revocation Status by using the JDK (I tried with the latest 11 LTS
> > and 16). Openssl on the other hand can verify the OCSP responses.
> >
> > Here is the call for the openssl library:
> > openssl ocsp -CAfile ROOT.cer -issuer INTERMEDIATE.cer -cert
> > APPLICATION.cer -text -url http://ocsp.spi-cloud.com/status/
> > <http://ocsp.spi-cloud.com/status/>
> >
> > which gives results such as:
> > APPLICATION.cer: good
> > This Update: Sep 21 15:31:32 2021 GMT
> > Next Update: Sep 21 16:31:32 2021 GMT
> > Response verify OK
> >
> > With the Wireshark I can also read the OCSP Request and Response and
> > Response contains status SUCCESSFUL.
> >
> > Java runtime throws an exception with message "Parameters required for
> > RSASSA-PSS signatures" during trying to verify the signature of the OCSP
> > Response.
> >
> > CA is using a separate certificate with Subject "OCSP Signer" to sign
> > the OCSP Response. This certificate is delivered in the OCSP response
> > and the signer certificate is signed by the same root as the issuer
> > certificate of the certificate under test. Java seems to accept the
> > signer certificate but fails to verify the signature.
> > Here is the debug output snaps from the Java Program I wrote to test the
> > revocation check and executed with flag
> > -Djava.security.auth.debug=certpath,ocsp:
> >
> > start program
> > ...
> > certpath: KeySizeConstraints.permits(): RSA
> > certpath: Responder's certificate includes the extension
> > id-pkix-ocsp-nocheck.
> > certpath: OCSP response is signed by an Authorized Responder
> > ...
> > certpath: RevocationChecker.check() java.security.SignatureException:
> > Parameters required for RSASSA-PSS signatures
> > certpath: RevocationChecker.check() preparing to failover
> > ...CRL check also fails due to some other reasons.....
> > Parameters required for RSASSA-PSS signatures
> > end program
> >
> > I have also created a Bug Report for the Open JDK with internal review
> > id:9071579 since I could not find any related issues on the Bug database.
> >
> > Root certificate is: procilonGROUPCustomerRootCA02.cer
> > Intermediate certificate is: procilonGROUPCustomerCAEDIFACT02.cer
> > Both available under https://pki.spi-cloud.com/issuer
> > <https://pki.spi-cloud.com/issuer> (packed as p7b)
> >
> > I can provide the example certificates and the Java program which is
> > basically calling CertPathValidator.validate method to validate the
> > revocation status if you need to reproduce the issue.
> >
> > Kind Regards,
> > Can Cömert
> >
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/security-dev/attachments/20210930/daf00c02/attachment.htm>
More information about the security-dev
mailing list