Looks like OpenSSL has a problem/feature of garbage-in garbage-out. It's a problem because it does not comply with the RFC and a feature because it lets OpenSSL work with broken clients.
My OCSP request from some time ago had the encoding error of encoding the default values and it looks like OpenSSL just returns the encoding of the nonce extension that it got rather than re-encoding it as DER. Actually the encoding can be BER but the "... signature SHALL be computed on the hash of the DER encoding ..." is clear. This explains why OpenSSL now works for me - because the request (with nonce) from my end is now DER encoded. Regards, Simon McMahon Simon McMahon/Australia/Contr/[EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] 01/10/2007 12:56 PM Please respond to openssl-users@openssl.org To openssl-users@openssl.org cc Subject OCSP response nonce extension encoding not DER Hi, Just saw some weirdness in OCSP response encodings with a nonce extension. The OCSP response has this for the extensions: A1 1E 30 1C 30 1A 06 09 2B 06 01 05 05 07 30 01 02 01 01 00 <----------------------- 04 0A 04 08 A5 10 18 67 E5 A4 8B 2C The sencond last item is the 'false' (00) for the 'critical' field. 'false' is the default value (rfc 3280) so should not appear in a DER encoding. Here is another OCSP response extension and this is how it should be for DER: A1 1B 30 19 30 17 06 09 2B 06 01 05 05 07 30 01 02 04 0A 04 08 D4 4C 29 A8 C6 1A 16 56 The 'false' is not there. Note that afaik both were produced by the same version of OpenSSL but at different times. I haven't been able to reproduce the one containing the 'false' and since I cant reproduce a response like this, and the most recent one I produced was OK I'm not 100% sure what is going on. I only noticed this because my validitator used to accept the first response, now it rejects it. It reencodes the resp to DER, before checking the sig. RFC 2560 says the "signature SHALL be computed on the hash of the DER encoding...". The error I get is a bad signature. The entire ocsp response is attached. Simon McMahon ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
