bc-java icon indicating copy to clipboard operation
bc-java copied to clipboard
verified publisher icon bcgit

OCSP Responder Cert is invalid

Open olivertribess opened this issue 10 months ago • 1 comments

I am using org.bouncycastle:bcprov-jdk18on:1.80 and org.bouncycastle:bcpkix-jdk18on:1.80 within my Java/Kotlin Application to verify a X509 Certificate with a OCSP Responder.

/* validate a given cert against the OCSP Responder */
fun checkOCSPStatus(cert: X509Certificate) {
    // 1. load the java keystore that contains all issuer certs 
    val keystoreFile= File("<Filepath to keystore file>")
    val keystorePassword = "<secret>"
    val keystore = KeyStore.getInstance("JKS")
    FileInputStream(keystoreFile).use { fis ->
      keystore.load(fis, keystorePassword.toCharArray())
    }
 
    // 2. configure security provider and Brainpool Algo.
    Security.insertProviderAt(BouncyCastleProvider(), 1)
    JOSE4JBrainPoolExtension.installExtension()
 
    // 3. validate the cert
    val cpv = CertPathValidator.getInstance("PKIX")
    val rc = cpv.revocationChecker as PKIXRevocationChecker
    rc.ocspResponder = URI("<OCSP Responder URL>")
    val params = PKIXBuilderParameters(keystore,  X509CertSelector())
    params.addCertPathChecker(rc)
    val cf = CertificateFactory.getInstance("X.509")
    val certPath = cf.generateCertPath(listOf(cert))
    cpv.validate(certPath, params) validator.validate(certPath, pkixParams) // this line throws java.security.InvalidKeyException: Wrong key usage
    // OCSP validation passed successfull
}

The Certificate returned by the OCSP Responder has set the extendedKeyUsage "id-kp-OCSPSigning" and the keyUsage flag "nonRepudiation" (or nowdays named contentCommitment).

When using this code this validation fails with because the keyUsage expected flag "digitalSigning" is not set.

I checked RFC 6960 and RFC 5280 to verify that this is an invalid keyUsage combination but I found no evidance that this is invalid. Only CA/Browser Forum list the digitalSignature Flag as permitted / required.

My question: Is this a bug in the Bouncy Castle validation?

olivertribess avatar Mar 19 '25 15:03 olivertribess

Got the same issue on bouncycastle v1.79:

Caused by: java.security.cert.CertPathValidatorException: OCSP response failure: Wrong key usage at org.bouncycastle.jce.provider.ProvOcspRevocationChecker.validatedOcspResponse(Unknown Source) at org.bouncycastle.jce.provider.OcspCache.getOcspResponse(Unknown Source) at org.bouncycastle.jce.provider.ProvOcspRevocationChecker.check(Unknown Source) at org.bouncycastle.jce.provider.ProvRevocationChecker.check(Unknown Source) at java.base/java.security.cert.PKIXCertPathChecker.check(PKIXCertPathChecker.java:176) at org.bouncycastle.jce.provider.RFC3280CertPathUtilities.processCertA(Unknown Source) at org.bouncycastle.jce.provider.PKIXCertPathValidatorSpi_8.engineValidate(Unknown Source) at org.bouncycastle.jce.provider.PKIXCertPathBuilderSpi_8.build(Unknown Source) ... 40 more Caused by: java.security.InvalidKeyException: Wrong key usage at java.base/java.security.Signature.getPublicKeyFromCert(Signature.java:555) at java.base/java.security.Signature.initVerify(Signature.java:581) ... 48 more

simonk0ll avatar Jun 26 '25 12:06 simonk0ll