How to handle both traditional OCSP and OCSP stapling on client side

958 views Asked by At

Currently, I have an implementation where I send an OCSP request in the verify_callback(int preverify_ok, X509_STORE_CTX *x509_ctx) function for every intermediate and end-entity certificate. The verify_callback function is set using the SSL_CTX_set_verify() function.

Now, I would like to add OCSP stapling to my implementation. I saw the post OpenSSL certificate revocation check in client program using OCSP stapling on how to include OCSP Stapling.

The issue with adding the above OCSP callback is that the verify_callback() first gets called prior to OCSP Stapling callback function.

My question is how can I have both of them in such a way that, if there is no OCSP stapling response from the server, then the client will itself send the OCSP request.

Is there a way to check if the OCSP stapling is supported or not before we reach the verify_callback() function?

1

There are 1 answers

0
user8472 On

I am not sure if this makes sense. The point of OCSP stapling is that the response is appended to the initial TLS handshake, cf. Wikipedia. Thus, the validity of the TLS handshake must be established prior to the evaluation of its content. Consequently, OpenSSL first triggers the verify_callback() to verify the handshake itself and only then (if the handshake is found to be valid) triggers the OCSP callback function to let you verify the additional datum contained in the handshake.

Otherwise, if the TLS handshake fails why would you need to submit any traditional OCSP request, anyways?

If you insist on manually submitting an OCSP request to a third party then this needs to be done after the TLS handshake has completed (probably before you send any further data on that connection or process any data that you have received). Or before you even attempt to connect to the remote server (provided you know the certificate in advance, of course) -- this workflow obsoletes the need to use OCSP stapling.