Re: Verification of OCSP Responses signed with RSASSA-PSS fails with Java 11 LTS

2021-09-30 Thread can comert 
I have recently received a Notification Email about the acceptance of the
Bug report.
It says the Bug is accepted and available under:
http://bugs.java.com/bugdatabase/view_bug.do?bug_id=JDK-8274471

Hier is also the JIRA Issue for OpenJDK:
https://bugs.openjdk.java.net/browse/JDK-8274471

Thanks for your interest and fast response.

Best regards,
Can

Sean Mullan , 29 Eyl 2021 Çar, 22:36 tarihinde şunu
yazdı:

> Thank you for reporting this issue. As far as I can tell, it looks like
> the JDK OCSP implementation has not yet been enhanced to support
> RSASSA-PSS signatures.
>
> We will keep an eye out for the bug report you filed but I think it is
> still making its way through our system as I have not seen it yet.
>
> --Sean
>
> On 9/28/21 11:17 AM, can comert wrote:
> > Hello everyone,
> >
> > I am trying to verify Certificate Revocation Status by using JDK and the
> > preferred way is the OCSP request. I came across certificates provided
> > by a certain Certificate Authority (Procilion) which I can not verify
> > the Revocation Status by using the JDK (I tried with the latest 11 LTS
> > and 16). Openssl on the other hand can verify the OCSP responses.
> >
> > Here is the call for the openssl library:
> > openssl ocsp -CAfile ROOT.cer -issuer INTERMEDIATE.cer -cert
> > APPLICATION.cer -text -url http://ocsp.spi-cloud.com/status/
> > 
> >
> > which gives results such as:
> > APPLICATION.cer: good
> >   This Update: Sep 21 15:31:32 2021 GMT
> >   Next Update: Sep 21 16:31:32 2021 GMT
> > Response verify OK
> >
> > With the Wireshark I can also read the OCSP Request and Response and
> > Response contains status SUCCESSFUL.
> >
> > Java runtime throws an exception with message "Parameters required for
> > RSASSA-PSS signatures" during trying to verify the signature of the OCSP
> > Response.
> >
> > CA is using a separate certificate with Subject "OCSP Signer" to sign
> > the OCSP Response. This certificate is delivered in the OCSP response
> > and the signer certificate is signed by the same root as the issuer
> > certificate of the certificate under test. Java seems to accept the
> > signer certificate but fails to verify the signature.
> > Here is the debug output snaps from the Java Program I wrote to test the
> > revocation check and executed with flag
> > -Djava.security.auth.debug=certpath,ocsp:
> >
> > start program
> > ...
> > certpath: KeySizeConstraints.permits(): RSA
> > certpath: Responder's certificate includes the extension
> > id-pkix-ocsp-nocheck.
> > certpath: OCSP response is signed by an Authorized Responder
> > ...
> > certpath: RevocationChecker.check() java.security.SignatureException:
> > Parameters required for RSASSA-PSS signatures
> > certpath: RevocationChecker.check() preparing to failover
> > ...CRL check also fails due to some other reasons.
> > Parameters required for RSASSA-PSS signatures
> > end program
> >
> > I have also created a Bug Report for the Open JDK with internal review
> > id:9071579 since I could not find any related issues on the Bug database.
> >
> > Root certificate is: procilonGROUPCustomerRootCA02.cer
> > Intermediate certificate is: procilonGROUPCustomerCAEDIFACT02.cer
> > Both available under https://pki.spi-cloud.com/issuer
> >  (packed as p7b)
> >
> > I can provide the example certificates and the Java program which is
> > basically calling CertPathValidator.validate method to validate the
> > revocation status if you need to reproduce the issue.
> >
> > Kind Regards,
> > Can Cömert
> >
>

Re: Verification of OCSP Responses signed with RSASSA-PSS fails with Java 11 LTS

2021-09-29 Thread Sean Mullan 
Thank you for reporting this issue. As far as I can tell, it looks like 
the JDK OCSP implementation has not yet been enhanced to support 
RSASSA-PSS signatures.


We will keep an eye out for the bug report you filed but I think it is 
still making its way through our system as I have not seen it yet.


--Sean

On 9/28/21 11:17 AM, can comert wrote:

Hello everyone,

I am trying to verify Certificate Revocation Status by using JDK and the 
preferred way is the OCSP request. I came across certificates provided 
by a certain Certificate Authority (Procilion) which I can not verify 
the Revocation Status by using the JDK (I tried with the latest 11 LTS 
and 16). Openssl on the other hand can verify the OCSP responses.


Here is the call for the openssl library:
openssl ocsp -CAfile ROOT.cer -issuer INTERMEDIATE.cer -cert 
APPLICATION.cer -text -url http://ocsp.spi-cloud.com/status/ 



which gives results such as:
APPLICATION.cer: good
  This Update: Sep 21 15:31:32 2021 GMT
  Next Update: Sep 21 16:31:32 2021 GMT
Response verify OK

With the Wireshark I can also read the OCSP Request and Response and 
Response contains status SUCCESSFUL.


Java runtime throws an exception with message "Parameters required for 
RSASSA-PSS signatures" during trying to verify the signature of the OCSP 
Response.


CA is using a separate certificate with Subject "OCSP Signer" to sign 
the OCSP Response. This certificate is delivered in the OCSP response 
and the signer certificate is signed by the same root as the issuer 
certificate of the certificate under test. Java seems to accept the 
signer certificate but fails to verify the signature.
Here is the debug output snaps from the Java Program I wrote to test the 
revocation check and executed with flag 
-Djava.security.auth.debug=certpath,ocsp:


start program
...
certpath: KeySizeConstraints.permits(): RSA
certpath: Responder's certificate includes the extension 
id-pkix-ocsp-nocheck.

certpath: OCSP response is signed by an Authorized Responder
...
certpath: RevocationChecker.check() java.security.SignatureException: 
Parameters required for RSASSA-PSS signatures

certpath: RevocationChecker.check() preparing to failover
...CRL check also fails due to some other reasons.
Parameters required for RSASSA-PSS signatures
end program

I have also created a Bug Report for the Open JDK with internal review 
id:9071579 since I could not find any related issues on the Bug database.


Root certificate is: procilonGROUPCustomerRootCA02.cer
Intermediate certificate is: procilonGROUPCustomerCAEDIFACT02.cer
Both available under https://pki.spi-cloud.com/issuer 
 (packed as p7b)


I can provide the example certificates and the Java program which is 
basically calling CertPathValidator.validate method to validate the 
revocation status if you need to reproduce the issue.


Kind Regards,
Can Cömert

Verification of OCSP Responses signed with RSASSA-PSS fails with Java 11 LTS

2021-09-28 Thread can comert 
Hello everyone,

I am trying to verify Certificate Revocation Status by using JDK and the
preferred way is the OCSP request. I came across certificates provided by a
certain Certificate Authority (Procilion) which I can not verify the
Revocation Status by using the JDK (I tried with the latest 11 LTS and 16).
Openssl on the other hand can verify the OCSP responses.

Here is the call for the openssl library:
openssl ocsp -CAfile ROOT.cer -issuer INTERMEDIATE.cer -cert
APPLICATION.cer -text -url http://ocsp.spi-cloud.com/status/

which gives results such as:
APPLICATION.cer: good
 This Update: Sep 21 15:31:32 2021 GMT
 Next Update: Sep 21 16:31:32 2021 GMT
Response verify OK

With the Wireshark I can also read the OCSP Request and Response and
Response contains status SUCCESSFUL.

Java runtime throws an exception with message "Parameters required for
RSASSA-PSS signatures" during trying to verify the signature of the OCSP
Response.

CA is using a separate certificate with Subject "OCSP Signer" to sign the
OCSP Response. This certificate is delivered in the OCSP response and the
signer certificate is signed by the same root as the issuer certificate of
the certificate under test. Java seems to accept the signer certificate but
fails to verify the signature.
Here is the debug output snaps from the Java Program I wrote to test the
revocation check and executed with flag
-Djava.security.auth.debug=certpath,ocsp:

start program
...
certpath: KeySizeConstraints.permits(): RSA
certpath: Responder's certificate includes the extension
id-pkix-ocsp-nocheck.
certpath: OCSP response is signed by an Authorized Responder
...
certpath: RevocationChecker.check() java.security.SignatureException:
Parameters required for RSASSA-PSS signatures
certpath: RevocationChecker.check() preparing to failover
...CRL check also fails due to some other reasons.
Parameters required for RSASSA-PSS signatures
end program

I have also created a Bug Report for the Open JDK with internal review
id:9071579 since I could not find any related issues on the Bug database.

Root certificate is: procilonGROUPCustomerRootCA02.cer
Intermediate certificate is: procilonGROUPCustomerCAEDIFACT02.cer
Both available under https://pki.spi-cloud.com/issuer (packed as p7b)

I can provide the example certificates and the Java program which is
basically calling CertPathValidator.validate method to validate the
revocation status if you need to reproduce the issue.

Kind Regards,
Can Cömert