Closed
Description
Currently in the ocsp.ParseResponseForCert function is a block:
if len(basicResp.Certificates) > 1 {
return nil, ParseError("OCSP response contains bad number of certificates")
}I can't find any justification for this check (it dates back to @rsc's initial commit). RFC 6960 section 4.2.1 says,
The value for response SHALL be the DER encoding of
BasicOCSPResponse.
BasicOCSPResponse ::= SEQUENCE {
tbsResponseData ResponseData,
signatureAlgorithm AlgorithmIdentifier,
signature BIT STRING,
certs [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL }
The value for signature SHALL be computed on the hash of the DER
encoding of ResponseData. The responder MAY include certificates in
the certs field of BasicOCSPResponse that help the OCSP client verify
the responder's signature. If no certificates are included, then
certs SHOULD be absent.
This leads me to believe that more than one cert is valid here, and in fact the http://sureseries-ocsp.cybertrust.ne.jp/OcspServer responder sends certs chaining up to a root.
The Go OCSP implementation doesn't verify the response certificate to a root, it just checks the signature against the issuer. (Is this sufficient? OpenSSL seems to do more.) But it seems like it shouldn't be an error to receive more than one certificate; it could simply do the check it currently does against the first one in the list.
/cc @agl