module OpenSSL::OCSP
OpenSSL::OCSP
implements Online Certificate Status Protocol requests and responses.
Creating and sending an OCSP
request requires a subject certificate that contains an OCSP
URL in an authorityInfoAccess extension and the issuer certificate for the subject certificate. First, load the issuer and subject certificates:
subject = OpenSSL::X509::Certificate.new subject_pem issuer = OpenSSL::X509::Certificate.new issuer_pem
To create the request we need to create a certificate ID for the subject certificate so the CA knows which certificate we are asking about:
digest = OpenSSL::Digest.new('SHA1') certificate_id = OpenSSL::OCSP::CertificateId.new subject, issuer, digest
Then create a request and add the certificate ID to it:
request = OpenSSL::OCSP::Request.new request.add_certid certificate_id
Adding a nonce to the request protects against replay attacks but not all CA process the nonce.
request.add_nonce
To submit the request to the CA for verification we need to extract the OCSP
URI
from the subject certificate:
ocsp_uris = subject.ocsp_uris require 'uri' ocsp_uri = URI ocsp_uris[0]
To submit the request we’ll POST the request to the OCSP
URI
(per RFC 2560). Note that we only handle HTTP requests and don’t handle any redirects in this example, so this is insufficient for serious use.
require 'net/http' http_response = Net::HTTP.start ocsp_uri.hostname, ocsp_uri.port do |http| http.post ocsp_uri.path, request.to_der, 'content-type' => 'application/ocsp-request' end response = OpenSSL::OCSP::Response.new http_response.body response_basic = response.basic
First we check if the response has a valid signature. Without a valid signature we cannot trust it. If you get a failure here you may be missing a system certificate store or may be missing the intermediate certificates.
store = OpenSSL::X509::Store.new store.set_default_paths unless response_basic.verify [], store then raise 'response is not signed by a trusted certificate' end
The response contains the status information (success/fail). We can display the status as a string:
puts response.status_string #=> successful
Next we need to know the response details to determine if the response matches our request. First we check the nonce. Again, not all CAs support a nonce. See Request#check_nonce
for the meanings of the return values.
p request.check_nonce basic_response #=> value from -1 to 3
Then extract the status information for the certificate from the basic response.
single_response = basic_response.find_response(certificate_id) unless single_response raise 'basic_response does not have the status for the certificate' end
Then check the validity. A status issued in the future must be rejected.
unless single_response.check_validity raise 'this_update is in the future or next_update time has passed' end case single_response.cert_status when OpenSSL::OCSP::V_CERTSTATUS_GOOD puts 'certificate is still valid' when OpenSSL::OCSP::V_CERTSTATUS_REVOKED puts "certificate has been revoked at #{single_response.revocation_time}" when OpenSSL::OCSP::V_CERTSTATUS_UNKNOWN puts 'responder doesn't know about the certificate' end
Constants
- NOCASIGN
(This flag is not used by
OpenSSL
1.0.1g)- NOCERTS
Do not include certificates in the response
- NOCHAIN
Do not verify the certificate chain on the response
- NOCHECKS
Do not make additional signing certificate checks
- NODELEGATED
(This flag is not used by
OpenSSL
1.0.1g)- NOEXPLICIT
Do not check trust
- NOINTERN
Do not search certificates contained in the response for a signer
- NOSIGS
Do not check the signature on the response
- NOTIME
Do not include producedAt time in response
- NOVERIFY
Do not verify the response at all
- RESPID_KEY
Identify the response by signing the certificate key ID
- RESPONSE_STATUS_INTERNALERROR
Internal error in issuer
- RESPONSE_STATUS_MALFORMEDREQUEST
Illegal confirmation request
- RESPONSE_STATUS_SIGREQUIRED
You must sign the request and resubmit
- RESPONSE_STATUS_SUCCESSFUL
Response
has valid confirmations- RESPONSE_STATUS_TRYLATER
Try again later
- RESPONSE_STATUS_UNAUTHORIZED
Your request is unauthorized.
- REVOKED_STATUS_AFFILIATIONCHANGED
The certificate subject’s name or other information changed
- REVOKED_STATUS_CACOMPROMISE
This CA certificate was revoked due to a key compromise
- REVOKED_STATUS_CERTIFICATEHOLD
The certificate is on hold
- REVOKED_STATUS_CESSATIONOFOPERATION
The certificate is no longer needed
- REVOKED_STATUS_KEYCOMPROMISE
The certificate was revoked due to a key compromise
- REVOKED_STATUS_NOSTATUS
The certificate was revoked for an unknown reason
- REVOKED_STATUS_REMOVEFROMCRL
The certificate was previously on hold and should now be removed from the CRL
- REVOKED_STATUS_SUPERSEDED
The certificate was superseded by a new certificate
- REVOKED_STATUS_UNSPECIFIED
The certificate was revoked for an unspecified reason
- TRUSTOTHER
Do not verify additional certificates
- V_CERTSTATUS_GOOD
Indicates the certificate is not revoked but does not necessarily mean the certificate was issued or that this response is within the certificate’s validity interval
- V_CERTSTATUS_REVOKED
Indicates the certificate has been revoked either permanently or temporarily (on hold).
- V_CERTSTATUS_UNKNOWN
Indicates the responder does not know about the certificate being requested.
- V_RESPID_KEY
The responder ID is based on the public key.
- V_RESPID_NAME
The responder ID is based on the key name.