ocsp: add workaround for OCSP_basic_verify() bugtopic/ocsp-basic-verify-bug

Older versions of OpenSSL have a bug that it doesn't use the
certificates passed to OCSP_basic_verify() for verifying the chain. This
can be a problem when the response is signed by a certificate issued by
an intermediate CA.

      root_ca
        |
  intermediate_ca
        |-------------|
    end_entity    ocsp_signer

When the certificate hierarchy is like this, and the response contains
only ocsp_signer certificate, the following code wrongly fails.

  store = OpenSSL::X509::Store.new; store.add_cert(root_ca)
  basic_response.verify([intermediate_ca], store)

So duplicate the OCSP_BASICRESP and add the certificates to the embedded
list first.

1 files changed, 11 insertions, 0 deletions

diff --git a/test/test_ocsp.rb b/test/test_ocsp.rb
index db7b139e..c59cf1b9 100644
--- a/test/test_ocsp.rb
+++ b/test/test_ocsp.rb
@@ -184,6 +184,17 @@ class OpenSSL::TestOCSP < OpenSSL::TestCase
     assert_equal false, bres.verify([], store1, OpenSSL::OCSP::NOCHAIN)
   end
 
+  def test_basic_response_sign_verify_use_extra_chain
+    # OpenSSL had a bug on this; test that our workaround works
+    cid = OpenSSL::OCSP::CertificateId.new(@cert2, @cert, OpenSSL::Digest::SHA256.new)
+    bres = OpenSSL::OCSP::BasicResponse.new
+    bres.add_status(cid, OpenSSL::OCSP::V_CERTSTATUS_GOOD, nil, -400, -300, 500, [])
+    bres.sign(@ocsp_cert, @ocsp_key, [], 0, "SHA256")
+    store1 = OpenSSL::X509::Store.new; store1.add_cert(@ca_cert)
+    assert_equal true, bres.verify([@cert], store1)
+    assert_equal false, bres.verify([], store1, OpenSSL::OCSP::NOCHAIN)
+  end
+
   def test_basic_response_dup
     bres = OpenSSL::OCSP::BasicResponse.new
     cid = OpenSSL::OCSP::CertificateId.new(@cert, @ca_cert, OpenSSL::Digest::SHA1.new)