如何在C#或Java握手期间读取ocsp装订响应
[英]How to read ocsp stapled response during handshake in C# or Java
问题描述
There is an OCSP Responder to which the server will communicate and staple the response. 
服务器将与OCSP响应器进行通信并装订响应。 How can the client check for the stapled response in C# or Java. 客户端如何检查C#或Java中的装订响应。 Bouncy Castle, Chiklat, native lib - they call seem to have ways for the client to talk to the OCSP responder but not read the stapled response. Bouncy Castle,Chiklat,本地库-他们称客户似乎有办法与OCSP响应者进行对话,但看不到装订后的响应。
1 个解决方案
解决方案1
1 已采纳 2019-07-20 12:15:18
As you already mentioned correctly, stapling is done during the handshake. 正如您已经正确提到的那样,在握手过程中完成了装订。 I only know how to do this in the C# port of Bouncy Castle, since I'm implementing a PKIX crypto component based on BC, which also considers OCSP and which simplifies the BC calls dramatically (I will report it here when I'm ready to publish an alpha version, will most likely be open source). 我只知道如何在Bouncy Castle的C#端口中执行此操作,因为我正在实现基于BC的PKIX加密组件,该组件还考虑了OCSP,并且大大简化了BC调用(准备就绪时,我将在此处报告)发布Alpha版本,很可能是开源的)。
First of all, according to RFC6066 , stapling responses are only sent if you ask for them in the Client-Hello. 首先,根据RFC6066 ,只有在Client-Hello中请求装订响应时,才发送装订响应。 To enable this, you have to override GetClientExtensions of your TlsClient (eg when you inherit from DefaultTlsClient ): 要启用此功能,您必须覆盖TlsClient GetClientExtensions (例如,当您继承DefaultTlsClient ):
using BouncyTls = Org.BouncyCastle.Crypto.Tls;
...
public override IDictionary GetClientExtensions() // Override in your TlsClient class
{
IDictionary clientExtensions = base.GetClientExtensions();
clientExtensions = BouncyTls.TlsExtensionsUtilities.EnsureExtensionsInitialised(clientExtensions);
byte type = BouncyTls.CertificateStatusType.ocsp;
var request = new BouncyTls.OcspStatusRequest(null, null);
BouncyTls.TlsExtensionsUtilities.AddStatusRequestExtension(clientExtensions, new BouncyTls.CertificateStatusRequest(type, request));
return clientExtensions;
}
After that, the server will send the stapling response if supported. 之后,如果支持,服务器将发送装订响应。 However, the response is only available during the handshake, if you see Bouncy Castle's source code, it is cleared on CompleteHandshake in your TlsClientProtocol instance. 但是,该响应仅在握手期间可用,如果您看到Bouncy Castle的源代码,则会在TlsClientProtocol实例的CompleteHandshake TlsClientProtocol其清除。 Therefore you have to intercept here too: 因此,您也必须在这里拦截:
protected override void CompleteHandshake() // Override in your TlsClientProtocol class
{
// After the handshake completed, we do not have any access to the handshake data anymore
// (see TlsClientProtocol.CleanupHandshake). Therefore we must intercept here to gather information
YourValidationOfTheOcspResponse(mCertificateStatus);
// mCertificateStatus holds the response. It is cleared after the following call:
base.CompleteHandshake();
}
I spent hours until I understood what bouncy castle is doing here and how the stapling response can be extracted, although the code to do so is very simply. 我花了几个小时,直到我了解了充气城堡在做什么,以及如何提取装订响应,尽管这样做的代码非常简单。 A good starting point is always to find the corresponding RFC and compare fields with BC, since Bouncy Castle uses the exact same identifiers in most cases. 一个好的起点总是找到对应的RFC并将字段与BC比较,因为Bouncy Castle在大多数情况下使用完全相同的标识符。
Just another side note; 只是另一注; to comply with the TLS standard, use RaiseAlertFatal to write the correct error records (see RFC8446 ) if a status entry tells that a certificate is revoked, etc. 为了符合TLS标准,如果状态条目告诉您证书已被撤销,请使用RaiseAlertFatal编写正确的错误记录(请参阅RFC8446 )。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.