JSSE: add Android non-standard checkServerTrusted() in X509TrustManager

Author: cconlon

examples/certs/ocsp-root-ca-cert.pem

@@ -0,0 +1,92 @@
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 99 (0x63)
+        Signature Algorithm: sha256WithRSAEncryption
+        Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA, emailAddress=info@wolfssl.com
+        Validity
+            Not Before: Nov 13 20:41:34 2025 GMT
+            Not After : Aug  9 20:41:34 2028 GMT
+        Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA, emailAddress=info@wolfssl.com
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+                Public-Key: (2048 bit)
+                Modulus:
+                    00:ab:2c:b4:2f:1d:06:09:ef:4e:29:86:84:7e:cc:
+                    bf:a6:79:7c:f0:c0:c1:64:25:8c:75:b7:10:05:ca:
+                    48:27:0c:0e:32:1c:b0:fe:99:85:39:b6:b9:a2:f7:
+                    27:ff:6d:3c:8c:16:73:29:21:7f:8b:a6:54:71:90:
+                    ad:cc:05:b9:9f:15:c7:0a:3f:5f:69:f4:0a:5f:8c:
+                    71:b5:2c:bf:66:e2:03:9a:32:f4:d2:ec:2a:89:4b:
+                    f9:35:88:14:33:47:4e:2e:05:79:01:ed:64:36:76:
+                    b9:f8:85:cd:01:88:ac:c5:b2:b1:59:b8:cd:5a:f4:
+                    09:09:38:9b:da:5a:cf:ce:78:99:1f:49:3d:41:d6:
+                    06:7c:52:99:c8:97:d1:b3:80:3a:a2:4f:36:c4:c5:
+                    96:30:77:31:38:c8:70:cc:e1:67:06:b3:2b:2f:93:
+                    b5:69:cf:83:7e:88:53:9b:0f:46:21:4c:d6:05:36:
+                    44:99:60:68:47:e5:32:01:12:d4:10:73:ae:9a:34:
+                    94:fa:6e:b8:58:4f:7b:5b:8a:92:97:ad:fd:97:b9:
+                    75:ca:c2:d4:45:7d:17:6b:cd:2f:f3:63:7a:0e:30:
+                    b5:0b:a9:d9:a6:7c:74:60:9d:cc:09:03:43:f1:0f:
+                    90:d3:b7:fe:6c:9f:d9:cd:78:4b:15:ae:8c:5b:f9:
+                    99:81
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 Basic Constraints: 
+                CA:TRUE
+            X509v3 Subject Key Identifier: 
+                73:B0:1C:A4:2F:82:CB:CF:47:A5:38:D7:B0:04:82:3A:7E:72:15:21
+            X509v3 Authority Key Identifier: 
+                keyid:73:B0:1C:A4:2F:82:CB:CF:47:A5:38:D7:B0:04:82:3A:7E:72:15:21
+                DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=wolfSSL root CA/emailAddress=info@wolfssl.com
+                serial:63
+            X509v3 Key Usage: 
+                Certificate Sign, CRL Sign
+            Authority Information Access: 
+                OCSP - URI:http://127.0.0.1:22220
+    Signature Algorithm: sha256WithRSAEncryption
+    Signature Value:
+        58:41:01:e5:1b:ce:bc:51:0c:23:b2:66:df:39:d9:1e:b1:bd:
+        9a:db:fa:da:16:83:26:6e:7e:2e:f9:5d:46:9a:52:a0:09:6f:
+        f2:c0:96:ba:49:ad:29:54:06:e9:21:d6:36:5e:d5:43:07:2c:
+        5d:4e:b7:bf:7c:e5:91:75:ea:0d:56:7c:a3:fd:82:d8:2e:70:
+        fa:fc:ab:36:36:d5:ba:63:d5:42:da:21:b4:50:9a:86:8a:df:
+        21:26:03:e8:ca:6f:c7:51:50:6c:cc:40:da:4e:8f:06:15:c0:
+        9a:0d:7a:80:2c:95:aa:5a:ad:e2:66:b0:32:d6:74:87:ea:7a:
+        b2:46:d5:2c:cf:fa:18:8a:2f:e0:3a:ae:17:6a:f2:ce:75:8d:
+        e4:4d:74:8f:e7:c6:21:29:65:5d:41:07:fb:29:d9:be:ea:b2:
+        e3:80:07:8c:14:8d:a3:7d:d1:51:af:26:9d:cd:01:d5:80:af:
+        68:12:41:2b:eb:94:cc:45:d1:c7:66:f3:f9:15:72:be:94:e3:
+        21:6d:f1:08:78:b6:5a:ee:73:09:4b:f4:1a:5e:02:2a:25:f0:
+        3d:d2:03:f2:22:15:4b:3d:aa:35:ea:90:ca:44:4e:61:77:db:
+        b4:94:46:77:c6:8c:33:09:b6:84:3c:4e:ac:ad:9d:e0:2f:22:
+        5a:be:25:19
+-----BEGIN CERTIFICATE-----
+MIIE5jCCA86gAwIBAgIBYzANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
+EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
+B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
+IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjUx
+MTEzMjA0MTM0WhcNMjgwODA5MjA0MTM0WjCBlzELMAkGA1UEBhMCVVMxEzARBgNV
+BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
+U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NMIHJvb3Qg
+Q0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqGSIb3
+DQEBAQUAA4IBDwAwggEKAoIBAQCrLLQvHQYJ704phoR+zL+meXzwwMFkJYx1txAF
+ykgnDA4yHLD+mYU5trmi9yf/bTyMFnMpIX+LplRxkK3MBbmfFccKP19p9ApfjHG1
+LL9m4gOaMvTS7CqJS/k1iBQzR04uBXkB7WQ2drn4hc0BiKzFsrFZuM1a9AkJOJva
+Ws/OeJkfST1B1gZ8UpnIl9GzgDqiTzbExZYwdzE4yHDM4WcGsysvk7Vpz4N+iFOb
+D0YhTNYFNkSZYGhH5TIBEtQQc66aNJT6brhYT3tbipKXrf2XuXXKwtRFfRdrzS/z
+Y3oOMLULqdmmfHRgncwJA0PxD5DTt/5sn9nNeEsVroxb+ZmBAgMBAAGjggE5MIIB
+NTAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBRzsBykL4LLz0elONewBII6fnIVITCB
+xAYDVR0jBIG8MIG5gBRzsBykL4LLz0elONewBII6fnIVIaGBnaSBmjCBlzELMAkG
+A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx
+EDAOBgNVBAoMB3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQD
+DA93b2xmU1NMIHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
+b22CAWMwCwYDVR0PBAQDAgEGMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYW
+aHR0cDovLzEyNy4wLjAuMToyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAWEEB5RvO
+vFEMI7Jm3znZHrG9mtv62haDJm5+LvldRppSoAlv8sCWukmtKVQG6SHWNl7VQwcs
+XU63v3zlkXXqDVZ8o/2C2C5w+vyrNjbVumPVQtohtFCahorfISYD6Mpvx1FQbMxA
+2k6PBhXAmg16gCyVqlqt4mawMtZ0h+p6skbVLM/6GIov4DquF2ryznWN5E10j+fG
+ISllXUEH+ynZvuqy44AHjBSNo33RUa8mnc0B1YCvaBJBK+uUzEXRx2bz+RVyvpTj
+IW3xCHi2Wu5zCUv0Gl4CKiXwPdID8iIVSz2qNeqQykROYXfbtJRGd8aMMwm2hDxO
+rK2d4C8iWr4lGQ==
+-----END CERTIFICATE-----

examples/certs/update-certs.sh

@@ -70,6 +70,14 @@ do
     fi
 done
 
+# Copy OCSP root CA cert (stored flat, not in subdirectory)
+printf "Updating: ocsp-root-ca-cert.pem\n"
+cp $CERT_LOCATION/ocsp/root-ca-cert.pem ./ocsp-root-ca-cert.pem
+if [ $? -ne 0 ]; then
+    printf "Failed to copy cert: ocsp/root-ca-cert.pem\n"
+    exit 1
+fi
+
 # Generate ca-keyPkcs8.der, used by examples/X509CertificateGeneration.java
 openssl pkcs8 -topk8 -inform DER -outform DER -in ca-key.der -out ca-keyPkcs8.der -nocrypt
 if [ $? -ne 0 ]; then

native/com_wolfssl_WolfSSLCertManager.c

@@ -145,3 +145,48 @@ JNIEXPORT jint JNICALL Java_com_wolfssl_WolfSSLCertManager_CertManagerVerifyBuff
     return (jint)ret;
 }
 
+JNIEXPORT jint JNICALL Java_com_wolfssl_WolfSSLCertManager_CertManagerCheckOCSPResponse
+  (JNIEnv* jenv, jclass jcl, jlong cmPtr, jbyteArray response)
+{
+#ifdef HAVE_OCSP
+    int ret = 0;
+    jint responseSz = 0;
+    byte* responseBuffer = NULL;
+    WOLFSSL_CERT_MANAGER* cm = (WOLFSSL_CERT_MANAGER*)(uintptr_t)cmPtr;
+    (void)jcl;
+
+    if (jenv == NULL || response == NULL || cm == NULL) {
+        ret = BAD_FUNC_ARG;
+    }
+
+    if (ret == 0) {
+        responseSz = (*jenv)->GetArrayLength(jenv, response);
+        responseBuffer = (byte*)(*jenv)->GetByteArrayElements(jenv,
+            response, NULL);
+        if (responseBuffer == NULL) {
+            ret = MEMORY_E;
+        }
+    }
+
+    /* Call native wolfSSL OCSP response validation. Pass NULL for unused
+     * parameters as we only need basic response validation. */
+    if (ret == 0) {
+        ret = wolfSSL_CertManagerCheckOCSPResponse(cm, responseBuffer,
+            responseSz, NULL, NULL, NULL, NULL);
+    }
+
+    if (responseBuffer != NULL) {
+        (*jenv)->ReleaseByteArrayElements(jenv, response,
+            (jbyte*)responseBuffer, JNI_ABORT);
+    }
+
+    return (jint)ret;
+#else
+    (void)jenv;
+    (void)jcl;
+    (void)cmPtr;
+    (void)response;
+    return (jint)NOT_COMPILED_IN;
+#endif
+}
+

native/com_wolfssl_WolfSSLCertManager.h

@@ -49,10 +49,11 @@ public class WolfSSLCertManager {
     static native void CertManagerFree(long cm);
     static native int CertManagerLoadCA(long cm, String f, String d);
     static native int CertManagerLoadCABuffer(long cm, byte[] in, long sz,
-                                              int format);
+        int format);
     static native int CertManagerUnloadCAs(long cm);
     static native int CertManagerVerifyBuffer(long cm, byte[] in, long sz,
-                                              int format);
+        int format);
+    static native int CertManagerCheckOCSPResponse(long cm, byte[] response);
 
     /**
      * Create new WolfSSLCertManager object
@@ -246,6 +247,41 @@ public synchronized int CertManagerVerifyBuffer(
         }
     }
 
+    /**
+     * Check OCSP response for certificate revocation status
+     *
+     * @param response DER-encoded OCSP response data
+     *
+     * @return WolfSSL.SSL_SUCCESS on success, negative on error
+     *
+     * @throws IllegalStateException if WolfSSLCertManager has been freed
+     * @throws WolfSSLException if OCSP is not compiled in
+     */
+    public synchronized int CertManagerCheckOCSPResponse(byte[] response)
+        throws IllegalStateException, WolfSSLException {
+
+        confirmObjectIsActive();
+
+        if (response == null || response.length == 0) {
+            throw new IllegalArgumentException(
+                "OCSP response data is null or invalid size");
+        }
+
+        synchronized (cmLock) {
+            WolfSSLDebug.log(getClass(), WolfSSLDebug.Component.JNI,
+                WolfSSLDebug.INFO, this.cmPtr,
+                () -> "entered CertManagerCheckOCSPResponse(responseSz: " +
+                response.length + ")");
+
+            int ret = CertManagerCheckOCSPResponse(this.cmPtr, response);
+            if (ret == WolfSSL.NOT_COMPILED_IN) {
+                throw new WolfSSLException(
+                    "OCSP support not compiled into wolfSSL");
+            }
+            return ret;
+        }
+    }
+
     /**
      * Frees CertManager object
      * @see WolfSSLSession#freeSSL()

src/java/com/wolfssl/WolfSSLCertManager.java

@@ -1018,6 +1018,105 @@ public List<X509Certificate> checkServerTrusted(X509Certificate[] certs,
         return certList;
     }
 
+    /**
+     * Verifies a specified certificate chain.
+     * Non standard API, this is called/needed by Android.
+     *
+     * Android expects this method signature for OCSP stapling support.
+     * Native wolfSSL supports OCSP response processing via
+     * wolfSSL_CertManagerCheckOCSPResponse(). The ocspData parameter
+     * contains DER-encoded OCSP response data that is processed for
+     * certificate revocation checking.
+     *
+     * @param chain      Certificate chain to validate
+     * @param ocspData   OCSP response data (DER-encoded), may be null
+     * @param tlsSctData TLS SCT data (unused, wolfSSL does not support SCT)
+     * @param authType   Authentication type
+     * @param host       Hostname of the server
+     *
+     * @return Certificate chain used for verification, ordered with leaf/peer
+     *         cert first, root CA cert last
+     *
+     * @throws CertificateException if chain does not verify properly
+     */
+    public List<X509Certificate> checkServerTrusted(X509Certificate[] chain,
+        byte[] ocspData, byte[] tlsSctData, String authType, String host)
+        throws CertificateException {
+
+        int ret;
+        WolfSSLCertManager cm = null;
+
+        WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO,
+            () -> "entered checkServerTrusted(chain, ocspData, tlsSctData, " +
+            "authType, host)");
+
+        /* First verify the certificate chain normally, throws exception
+         * if chain is invalid */
+        List<X509Certificate> certList =
+            checkServerTrusted(chain, authType, host);
+
+        /* Verify OCSP response data if provided */
+        if (ocspData != null && ocspData.length > 0) {
+
+            WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO,
+                () -> "Verifying OCSP response data (" + ocspData.length +
+                " bytes)");
+
+            try {
+                cm = new WolfSSLCertManager();
+
+                /* Load the trusted CAs that were used for cert verification */
+                ret = cm.CertManagerLoadCAKeyStore(this.store);
+                if (ret != WolfSSL.SSL_SUCCESS) {
+                    throw new CertificateException(
+                        "Failed to load trusted CAs for OCSP verification, " +
+                        "ret = " + ret);
+                }
+
+                /* Check OCSP response */
+                ret = cm.CertManagerCheckOCSPResponse(ocspData);
+                if (ret != WolfSSL.SSL_SUCCESS) {
+                    throw new CertificateException(
+                        "OCSP response validation failed: " + ret);
+                }
+
+                WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO,
+                    () -> "OCSP response validation successful");
+
+            } catch (WolfSSLException e) {
+                if (e.getMessage().contains("not compiled")) {
+                    /* OCSP not available, log and continue */
+                    WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO,
+                        () -> "OCSP support not available, skipping " +
+                        "OCSP validation");
+                } else {
+                    throw new CertificateException("OCSP validation error", e);
+                }
+            } finally {
+                if (cm != null) {
+                    cm.free();
+                }
+            }
+
+        } else {
+            WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO,
+                () -> "No OCSP data provided");
+        }
+
+        /* Ignore TLS SCT data as wolfSSL doesn't support it */
+        if (tlsSctData != null && tlsSctData.length > 0) {
+            WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO,
+                () -> "TLS SCT data provided (" + tlsSctData.length +
+                " bytes), currently not processed");
+        }
+
+        WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO,
+            () -> "leaving checkServerTrusted(chain, ocspData, tlsSctData, " +
+            "authType, host), success");
+
+        return certList;
+    }
+
     /**
      * Returns an array of certificate authorities which are trusted for
      * authenticating peers.