Topic: OCSP stapling

Does wolfSSL support OCSP stapling in the handshake? What are the relevant APIs?

Share

Re: OCSP stapling

Hi,

I have attached a PDF which should help explain wolfSSL's OCSP Stapling functionality.  Are you able to share any details of the project you are working on?

Thanks,
Chris

Re: OCSP stapling

Hi Chris

I'm basically doing a measurement study of top 100 Alexa websites to see which support OCSP stapling in the SSL handshake. I'm also collecting some statistics on the validity period of the OCSP responses. Therefore, I want to parse all this data out from the SSL handshake. My plan was to use the callback mechanism and go from there.

I can't find the attachment.

Share

Re: OCSP stapling

Hi,

Thanks for the additional details.  It looks like my attachment didn't work correctly last time.  Trying again here.

Thanks,
Chris

Post's attachments

WolfSSLTLSXStatusRequestV2.pdf 161.45 kb, 15 downloads since 2016-06-17 

You don't have the permssions to download the attachments of this post.

Re: OCSP stapling

Thanks, I can setup the API now, but how do I access the OCSP response?

Share

Re: OCSP stapling

I'd like to access the ocsp response and extract the thisUpdate, nextUpdate, etc fields for data collection.

Share

Re: OCSP stapling

So some progress. I did:

            if((use_ocsp = wolfSSL_UseOCSPStaplingV2(ssl, WOLFSSL_CSR2_OCSP, 0)) != SSL_SUCCESS)
              logsslerror(use_ocsp, "OCSP Error");

            if((use_ocsp = wolfSSL_CTX_EnableOCSP(ctx, 0)) != SSL_SUCCESS)
              logsslerror(use_ocsp, "CTX_EnableOCSP error");

            if((use_ocsp = wolfSSL_SetOCSP_Cb(ssl, ocspCb, NULL, NULL)) != SSL_SUCCESS)
              logsslerror(use_ocsp, "OCSP CB Error");

with an ocsp callback of the form:

int ocspCb(void *a, const char* url, int urlSz, unsigned char *req, int reqSz, unsigned char **resp)
{
  printf("ocsp cb\n");
}


Now when I try it with bing.com and root cert of BaltimoreCyberTrustRoot.pem

I get as output error:

Connected to bing.com:443!
ocsp cb
hsi: ClientHello
hsi: ServerHello
hsi: Certificate
hsi: Alert
SSL handshake error: OCSP Responder lookup fail


Any idea what this means? I have enabled callbacks on the SSL handshake, and callbacks on the OCSP CB IO, which does not seem to be documented, but I got it from the wolfssl/ssh.h header

How is it possible that the callback is called so early in the handshake process?

My goal is to extract the thisDate, nextDate (which I think correspond to the thisUpdate, nextUpdate fields as per OCSP stapling RFC)

Share

Re: OCSP stapling

OK. so I used wireshark to find out that the bing.com server does not understand status_request_v2. It only understands status_request (i.e., regular ocsp stapling), so I recompiled with --enable-ocsp stapling, and I updated my code to:

            if((use_ocsp = wolfSSL_UseOCSPStapling(ssl, WOLFSSL_CSR2_OCSP, 0)) != SSL_SUCCESS)
              logsslerror(use_ocsp, "OCSP Error");

            if((use_ocsp = wolfSSL_CTX_EnableOCSPStapling(ctx)) != SSL_SUCCESS)
              logsslerror(use_ocsp, "CTX_EnableOCSP error");

            if((use_ocsp = wolfSSL_SetOCSP_Cb(ssl, ocspCb, NULL, NULL)) != SSL_SUCCESS)
              logsslerror(use_ocsp, "OCSP CB Error");

Now based on wireshark, I can see the OCSP response in the Server Hello, but my callback is still not getting called.

Share

Re: OCSP stapling

Now I have this code:

if (host != NULL) {
        sockfd = socket(host->ai_family, host->ai_socktype, host->ai_protocol);
        int ret = connect(sockfd, host->ai_addr, host->ai_addrlen);
        if (ret < 0)
          printf("error in connect: %s\n", strerror(errno));
        else {
          printf("Connected to %s:%s!\n", hostname, port);

          if ((ssl = wolfSSL_new(ctx)) == NULL)
            printf("%s\n", "wolfSSL_new error");
          else {
            wolfSSL_set_fd(ssl, sockfd);

            //set ourselves up so that we can access the ServerHello and OCSP stapling
            wolfSSL_KeepArrays(ssl);
            int use_ocsp;
            if((use_ocsp = wolfSSL_CTX_UseOCSPStapling(ctx, WOLFSSL_CSR_OCSP, 0)) != SSL_SUCCESS)
              logsslerror(use_ocsp, "OCSP Error");

            if((use_ocsp = wolfSSL_CTX_EnableOCSP(ctx, 0)) != SSL_SUCCESS)
              logsslerror(use_ocsp, "CTX_EnableOCSP error");

            if((use_ocsp = wolfSSL_CTX_EnableOCSPStapling(ctx)) != SSL_SUCCESS)
              logsslerror(use_ocsp, "CTX_EnableOCSPStapling error");

            if((use_ocsp = wolfSSL_CTX_SetOCSP_Cb(ctx, ocspCb, NULL, NULL)) != SSL_SUCCESS)
              logsslerror(use_ocsp, "OCSP CB Error");

            if (wolfSSL_connect_ex(ssl, handShakeCB, timeoutCB, timeout) == SSL_SUCCESS)
            {
              printf("%s\n", "SSL handshake complete");
              processServerRandom(ssl);
            }
            else {
              int err2 = wolfSSL_get_error(ssl, 0);
              logsslerror(err2, "SSL handshake error");
            }
          }
        }

But the callback doesn;t get called. My only goal is to get the OCSP response data from the Server Hello.

Share

Re: OCSP stapling

Hi,

The OCSP callback (registered with wolfSSL_CTX_SetOCSP_Cb()) is meant to allow your application to have control over connecting to the OCSP Responder and parsing/verifying the response.  wolfSSL uses an internal OCSP callback (EmbedOcspLookup() in ./src/io.c) to do this by default, but when you override our internal callback with wolSSL_CTX_SetOCSP_Cb(), your application needs to handle this yourself within your callback.  Your callback should return 0 on success or -1 on error.

One option that would allow you to inspect the OCSP response would be to:

1.  Write and register your own OCSP callback with wolSSL_CTX_SetOCSP_Cb()
2.  Have your callback just call our default callback (EmbedOcspLookup()).  This is a public API function exposed through <wolfssl/ssl.h>
3.  After our internal callback returns, you should be able to look at the response data inside the "unsigned char** resp" output variable.

Best Regards,
Chris

Re: OCSP stapling

what is the correct way to use these functions?

I have:
int ocspCb(void *a, const char* url, int urlSz, unsigned char *req, int reqSz, unsigned char **resp)
{
  int retVal = EmbedOcspLookup(a, url, urlSz, req, reqSz, resp);
  printf("resp: %s\n", *resp);

  return retVal;
}

and in registration I have:

if((use_ocsp = wolfSSL_CTX_SetOCSP_Cb(ctx, ocspCb, ocspRespFree, NULL)) != SSL_SUCCESS)
              logsslerror(use_ocsp, "OCSP CB Error");


Not sure what to pass as the last argument

Share

Re: OCSP stapling

The CB is not getting called. This is what I have:

int ocspCb(void *a, const char* url, int urlSz, unsigned char *req, int reqSz, unsigned char **resp)
{
  int retVal = EmbedOcspLookup(a, url, urlSz, req, reqSz, resp);
  printf("resp: %s\n", *resp);

  return retVal;
}

void ocspRespFree(void *a, unsigned char *b)
{
  EmbedOcspRespFree(a, b);
}


if((use_ocsp = wolfSSL_CTX_UseOCSPStapling(ctx, WOLFSSL_CSR_OCSP, 0)) != SSL_SUCCESS)
              logsslerror(use_ocsp, "OCSP Error");

            if((use_ocsp = wolfSSL_CTX_EnableOCSP(ctx, 0)) != SSL_SUCCESS)
              logsslerror(use_ocsp, "CTX_EnableOCSP error");

            if((use_ocsp = wolfSSL_CTX_EnableOCSPStapling(ctx)) != SSL_SUCCESS)
              logsslerror(use_ocsp, "CTX_EnableOCSPStapling error");

            if((use_ocsp = wolfSSL_CTX_SetOCSP_Cb(ctx, ocspCb, ocspRespFree, NULL)) != SSL_SUCCESS)
              logsslerror(use_ocsp, "OCSP CB Error");

            if (wolfSSL_connect_ex(ssl, handShakeCB, timeoutCB, timeout) == SSL_SUCCESS)
            {
              printf("%s\n", "SSL handshake complete");
              processServerRandom(ssl);
            }
            else {
              int err2 = wolfSSL_get_error(ssl, 0);
              logsslerror(err2, "SSL handshake error");
            }


why does this not work? the last void* param seems to not be used in any function, so I'm confusued about what;s going wrong.

Share

Re: OCSP stapling

Keep in mind that this is OCSP stapling. The client should not go and contact some OCSP responder on its own. It should expect an OCSP response as part of the handshake. My goal is to retrieve the OCSP response data once a handshake is sucessful, and once the library has verified the OCSP response to be legitimate. Am I using the right functions here?

Share

Re: OCSP stapling

Updates. After debugging the code, I've boiled it down to CertStatus.thisDate and .nextDate

I edited code in wolfcrypt/src/asn.c (DecodeSingleResponse) and I was able to dump the thisDate and nextDate buffers. But how do I access this stuff from a normal program using the wolfSSL API? Is this supported or not?

Share

Re: OCSP stapling

Hi,

Indeed, we don't have API functions to retrieve that information. This functionality is not supported.

The way you did it, by dumping the desired data inside DecodeSingleResponse() is one of the paths I'd suggest you to follow.

[ ]'s
Moisés

[ ]'s
Moisés

Share