gnutls_ocsp_resp_verify: Check key purpose if signer not on trust list

According to [1] the id-kp-OCSPSigning key purpose is only needed for
delegated signers, not signers explicitly set as trusted. The previous
code would reject a signature directly from a CA on the trust list
(without delegation) because the CA certificate didn't contain the
id-kp-OCSPSigning key purpose.

The tests included in this commit check:

1. Is a signature directly from a CA on the trust list accepted?

2. Is a signature from a delegated signer issued by a CA on the trust
   list accepted?

3. Is a signature from a certificate without id-kp-OCSPSigning issued
   by a CA on the trust list rejected?

Note that the CA in these tests is also the one that issued the
certificate the OCSP response is for, but the code (current and
previous) doesn't enforce this.

[1] https://datatracker.ietf.org/doc/html/rfc6960#section-4.2.2.2

Signed-off-by: Fiona Klute <fiona.klute@gmx.de>

diff --git a/lib/x509/ocsp.c b/lib/x509/ocsp.c
index b8646d3dc16711b185a287b960a7ef6724f856c7..81f3d7eb86d4ccbb0565ec70fbd7fcb554b9dc7e 100644 (file)
--- a/lib/x509/ocsp.c
+++ b/lib/x509/ocsp.c
@@ -2374,15 +2374,15 @@ gnutls_ocsp_resp_verify(gnutls_ocsp_resp_const_t resp,
                                rc = GNUTLS_E_SUCCESS;
                                goto done;
                        }
-               }
-       }
 
-       rc = check_ocsp_purpose(signercert);
-       if (rc < 0) {
-               gnutls_assert();
-               *verify = GNUTLS_OCSP_VERIFY_SIGNER_KEYUSAGE_ERROR;
-               rc = GNUTLS_E_SUCCESS;
-               goto done;
+                       rc = check_ocsp_purpose(signercert);
+                       if (rc < 0) {
+                               gnutls_assert();
+                               *verify = GNUTLS_OCSP_VERIFY_SIGNER_KEYUSAGE_ERROR;
+                               rc = GNUTLS_E_SUCCESS;
+                               goto done;
+                       }
+               }
        }
 
        rc = _ocsp_resp_verify_direct(resp, signercert, verify, flags);

diff --git a/tests/Makefile.am b/tests/Makefile.am
index 247d6af2c917160e8ed8a8a46fa627d605bb041a..156f6a6e9716d99b44ecd2aaed6588f4c1915c8a 100644 (file)
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -62,6 +62,10 @@ EXTRA_DIST = suppressions.valgrind eagain-common.h cert-common.h test-chains.h \
        ocsp-tests/response1.pem ocsp-tests/response2.pem \
        ocsp-tests/certs/server_good.key ocsp-tests/certs/server_bad.key ocsp-tests/certs/server_good.template \
        ocsp-tests/certs/server_bad.template ocsp-tests/certs/ocsp-staple-unrelated.der ocsp-tests/suppressions.valgrind \
+       ocsp-tests/signer-verify/response-ca.der \
+       ocsp-tests/signer-verify/response-delegated.der \
+       ocsp-tests/signer-verify/response-non-delegated.der \
+       ocsp-tests/signer-verify/trust.pem \
        data/listings-DTLS1.0 data/listings-SSL3.0 data/listings-TLS1.0 data/listings-TLS1.1 \
        data/listings-legacy1 data/listings-legacy2 data/listings-legacy3 data/listings-legacy4 \
        data/listings-old-SSL3.0-TLS1.1 data/listings-SSL3.0-TLS1.1 \
@@ -503,7 +507,7 @@ dist_check_SCRIPTS += fastopen.sh pkgconfig.sh starttls.sh starttls-ftp.sh start
        psktool.sh ocsp-tests/ocsp-load-chain.sh gnutls-cli-save-data.sh gnutls-cli-debug.sh \
        sni-resume.sh ocsp-tests/ocsptool.sh cert-reencoding.sh pkcs7-cat.sh long-crl.sh \
        serv-udp.sh logfile-option.sh gnutls-cli-resume.sh profile-tests.sh \
-       server-weak-keys.sh
+       server-weak-keys.sh ocsp-tests/ocsp-signer-verify.sh
 
 if !DISABLE_SYSTEM_CONFIG
 dist_check_SCRIPTS += system-override-sig.sh system-override-hash.sh \

diff --git a/tests/ocsp-tests/ocsp-signer-verify.sh b/tests/ocsp-tests/ocsp-signer-verify.sh
new file mode 100755 (executable)
index 0000000..ce815ce
--- /dev/null
+++ b/tests/ocsp-tests/ocsp-signer-verify.sh
@@ -0,0 +1,61 @@
+#!/bin/sh
+
+# Copyright (C) 2021 Fiona Klute
+#
+# This file is part of GnuTLS.
+#
+# GnuTLS is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by the
+# Free Software Foundation; either version 3 of the License, or (at
+# your option) any later version.
+#
+# GnuTLS is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public License
+# along with this program.  If not, see <https://www.gnu.org/licenses/>
+
+: ${srcdir=.}
+: ${OCSPTOOL=../src/ocsptool${EXEEXT}}
+: ${DIFF=diff}
+
+if ! test -x "${OCSPTOOL}"; then
+    exit 77
+fi
+
+export TZ="UTC"
+
+. "${srcdir}/scripts/common.sh"
+
+skip_if_no_datefudge
+
+date="2021-07-14 00:00"
+sample_dir="${srcdir}/ocsp-tests/signer-verify"
+trusted="${sample_dir}/trust.pem"
+
+verify_response ()
+{
+    echo "verifying ${sample_dir}/${1} using ${trusted}"
+    datefudge --static "${date}" \
+              "${OCSPTOOL}" --infile="${sample_dir}/${1}" \
+              --verify-response --load-trust="${trusted}"
+    return $?
+}
+
+if ! verify_response response-ca.der; then
+    echo "verification of OCSP response signature by CA failed"
+    exit 1
+fi
+
+if ! verify_response response-delegated.der; then
+    echo "verification of OCSP response signature by delegated signer failed"
+    exit 1
+fi
+
+if verify_response response-non-delegated.der; then
+    echo "verification of OCSP response signature by non-signer certificate " \
+         "from the same CA succeeded, but should have failed"
+    exit 1
+fi

diff --git a/tests/ocsp-tests/signer-verify/response-ca.der b/tests/ocsp-tests/signer-verify/response-ca.der
new file mode 100644 (file)
index 0000000..6052421
Binary files /dev/null and b/tests/ocsp-tests/signer-verify/response-ca.der differ

diff --git a/tests/ocsp-tests/signer-verify/response-delegated.der b/tests/ocsp-tests/signer-verify/response-delegated.der
new file mode 100644 (file)
index 0000000..717edfd
Binary files /dev/null and b/tests/ocsp-tests/signer-verify/response-delegated.der differ

diff --git a/tests/ocsp-tests/signer-verify/response-non-delegated.der b/tests/ocsp-tests/signer-verify/response-non-delegated.der
new file mode 100644 (file)
index 0000000..02574d5
Binary files /dev/null and b/tests/ocsp-tests/signer-verify/response-non-delegated.der differ

diff --git a/tests/ocsp-tests/signer-verify/trust.pem b/tests/ocsp-tests/signer-verify/trust.pem
new file mode 100644 (file)
index 0000000..941a18a
--- /dev/null
+++ b/tests/ocsp-tests/signer-verify/trust.pem
@@ -0,0 +1,50 @@
+-----BEGIN CERTIFICATE-----
+MIIEVDCCArygAwIBAgIEL5gfejANBgkqhkiG9w0BAQsFADAcMRowGAYDVQQDExFU
+ZXN0aW5nIEF1dGhvcml0eTAeFw0yMTA3MTExNjAxNTFaFw0yMjA3MTExNjAxNTFa
+MBExDzANBgNVBAMTBlN1YiBDQTCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoC
+ggGBAM2sgcNoA0aadfC4CrZYsJyxYU+2o+Ai8YgadLhjQHwVhs6O4oXV5HEcgXrr
+t0RLXY1bMnfXESeXMsawAo84D4tFY1WXXwBo6DqwpR886lHtxE8DJeahR6lejt/b
+4Pv6i85gDLwVWfPIfvEDo1YBimPWYokRGNdrX087qkVMhiylESH/+E4X4ucEAN2m
+bHBuYpw3DtEVZkZFABHBgp+2cj28JX5vDYv4yDbXBe+PlgMQTjpOMJOL5KyEmBh0
+BEqFpWltQvKZSiJEyIxB/SlVCu0RFqDyJDCvmuxZeYVadtna0BZ8mWyE/UCTnntc
+/vgcoLVl70rldLqxtM8gauIbnFseUoKO7azsOGvHzpJHep3H45JjaKUzfmGxlkIg
+mjzxRUVo6y4B2EzW2uuq/KRUH5E6nz7EXAXLpZorPWM1SO2Wvtj1agcY2B1q3/sb
+ytmpAslcA24uhbjliQtv2luloGW9MumbIGMdM9TK3QCi1FmpC/xgLM7x+HY05JMm
++T3mHwIDAQABo4GoMIGlMA8GA1UdEwEB/wQFMAMBAf8wQQYIKwYBBQUHAQEENTAz
+MDEGCCsGAQUFBzABhiVodHRwOi8vbG9jYWxob3N0Ojk5MzYvb2NzcC9hdXRob3Jp
+dHkvMA8GA1UdDwEB/wQFAwMHBgAwHQYDVR0OBBYEFGzMZrzodsQyo/WdQc9poCPB
+rR5EMB8GA1UdIwQYMBaAFKNgxYBNWRk9dHE+PBe9koa4tpMpMA0GCSqGSIb3DQEB
+CwUAA4IBgQBYPjCSqo7DuIE8t9/yh0wqOcLXXpM03fxFLeTGZIA+qodW4BN7R1GD
+a+CmjXhBZe/hV4h6toENXbLwGZe0rMF8VoV9+YdH8Dc3qW6Xzz5qWbliqi48pi1x
+fMPlJFFCd7+Upob4L0OmB+iAk5iLtlSdNivAVelgTX9jqb6d0hSySoaoxfKcqD6L
+VhoIc7sjBAFUtRAg9fpqQEVCCoY+uV+Fkf45/i9kyj3uwHiSmdQ8PgggkUr2+KU5
+1O4UJiE/Z/N+7qBBCnrhSqpe3U+pI/2R9OWG4b8+hy3AQBx/3PRmVsSeY64MZm+1
+CKNvNYRhH+EyyFIBxszqJQz9oZSK9/LKkXZNEcJN6p7BNWRxunerzlrexVtFyaX9
+sTCBvJWnioAYRTzuo0sv6BA1jCTUfLp/iKeSwxBftlAGu65c3kynLowITWLCgSiX
+N1CZjBW3wLyLs+66Ab4YapdlPka/Ru0ws6v3968iCgixNF3Dtu0nuEe2iYfCrdx2
+1qtUEwQRpJ4=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIID9jCCAl6gAwIBAgIBATANBgkqhkiG9w0BAQsFADAcMRowGAYDVQQDExFUZXN0
+aW5nIEF1dGhvcml0eTAeFw0yMTA3MTExNTQxMzBaFw0yMjA3MTExNTQxMzBaMBwx
+GjAYBgNVBAMTEVRlc3RpbmcgQXV0aG9yaXR5MIIBojANBgkqhkiG9w0BAQEFAAOC
+AY8AMIIBigKCAYEAvws8rQionbM4c8Cy8nYa9CHay+CFvTTLVw9EO0Kczqaq4PAG
+uP+72DF4qmoWemNZslV5609K/MMumVzjyBT/b1kn1i8RAH4STKZMpswA2wouLLd0
+QhUYlxvbD+9Fe7LXk9U+kdO6V+lpYQVW0F8uB1zYRIOpuQ11DWXllcDexHHJrTsj
+NOeOI3Bicr2QuB1KhOlZHH7sC8eDtTzsT9TLP8ftzEynSeF0MbMobv6IB9xC405V
+mD4Zlpmw8Zggu+exOhGNbmlMgvfvfYqRJOjO5JDEEuzgAeOvlqay35VwaVJDdXMF
+0Rn+C5n8Hfaz1Eq1qkPo8C13YI2na7ZzhjWP//8H1gJUgkD2ajcR2mD8g2KSx3zw
+GQMmLgqTERB6qoR0D+uLfPC7qSA/eIN5PdYGHDRwybKuiQLR2Q2Uh2kvmMk3LoDb
+dMLbdKdQTB9aKKsy7lM0NItrXERleu4Ty/rJUVR2miYUqWFHuuNzXLMtVihFgmSb
+/G+eSzqzRxauXfzjAgMBAAGjQzBBMA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/
+BAUDAwcGADAdBgNVHQ4EFgQUo2DFgE1ZGT10cT48F72Shri2kykwDQYJKoZIhvcN
+AQELBQADggGBAKqI+hv9mMV/4cGN6XHt5p6ks1j5j6Q5uH8cahQhyIvwc54F3d6q
+Arkit25QhGs8IOriAO/BRTMCDv6hKQNgNN/3Lux1NPX9LBddku5S1NtfOF9Lqss4
+E5TYcZxPzY0QxdGeMa0TH5eq+9CNayXqo95n5ixx9NCnMHROAtgOfUr4j3AGfBdz
+4C16x35+kB0EO/N4ieCZo84ArF3IpOKd6RLLbI6Y5GygxMn29BLLQWWYsckW67j2
+iQFvlSE67p+lJ3WDQHJ6acgIb1ZNiEAwC5y6za7XPbwhJ02HL+jbL8q4DpNwtd0r
+PGU/xMB7C5Sx9DryoWQk9pLelIpLgnDSUfHUuxunpFf5b2QIB/6JKA/f2dNjZY/w
+ma/HoS3nN6Poi+tO628GbBh07JTzbL0hTpRCIde5XbbuHyKdS//KERswCXYe0AGB
+gL2IE87/6/+Ax+e78O62evlyHpuOQ82PR8qN0sldpANPG2Ko/KUT7W1hlo4wBLrn
+1kb6HIISAJS1pQ==
+-----END CERTIFICATE-----