tttls1.3 0.2.11 → 0.2.12

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 8f5aa81468afa7bdfe5706ab689499342070b9ccba1c3407e4aef7e7f5f2a6fc
-  data.tar.gz: 62b65e459cb2f1a0f14e1be474ab711aeb83d313e14cfdafc3b75dba44ddaf95
+  metadata.gz: 9677aea746ca98f9d18cfc1e841d836291b7692088cea9fcc3122e88b0bcb32a
+  data.tar.gz: e156e172215e1b76c45a4a43c85e6066499f65e0b0bf8a28c2d6fb524fd8940e
 SHA512:
-  metadata.gz: f11b5d1dae32d9e9aca363fee567840d0bf2da02a95e4f7930965c03ac3d53b4751d65cfd4eb709ab47a04cb51d4c14a28783e8519ffe0e9a7e479890b017520
-  data.tar.gz: e24b2a06489681198c28e1b5def42bd512102591c232fa7ccb847d5742a52cb3c62dd7289bfc4012be45f743f176bf945863f03c785805e2eb53412acbad291f
+  metadata.gz: f12cffcb976c740136afd8fa7b139400f58cb1a3795e7e7347192630e90b0c8e6c5138e9b98214bbc2a7f88a91ecd58332390ef1c1239ccf9d56a71f3f342743
+  data.tar.gz: 5ab10fcdab0e5cac1c4940bb92753c06db1656f615a3146b552b54c119b28483388bbe8b725b8a412b13df0fa3f1f668eaebc7cfb537e10753a3f2e686cf2279

data/.rubocop.yml

@@ -1,12 +1,15 @@
 AllCops:
   TargetRubyVersion: 2.6
 
-Style/NumericLiterals:
+Style/ConditionalAssignment:
   Enabled: false
 
 Style/Documentation:
   Enabled: false
 
+Style/NumericLiterals:
+  Enabled: false
+
 Metrics/AbcSize:
   Max: 30
 

data/README.md

@@ -100,6 +100,8 @@ tttls1.3 client is configurable using keyword arguments.
 | `:ticket_age_add` | String | nil | The ticket\_age\_add for PSK. |
 | `:ticket_timestamp` | Integer | nil | The ticket\_timestamp for PSK. |
 | `:record_size_limit` | Integer | nil | The record\_size\_limit offerd in ClientHello extensions. If not needed to be present, set nil. |
+| `:check_certificate_status` | Boolean | false | If needed to check certificate status, set true. |
+| `:process_certificate_status` | Proc | `TTTLS13::Client.method(:softfail_check_certificate_status)` | Proc(or Method) that checks received OCSPResponse. Its 3 arguments are OpenSSL::OCSP::Response, end-entity certificate(OpenSSL::X509::Certificate) and certificates chain(Array of Certificate) used for verification and it returns Boolean. |
 | `:compatibility_mode` | Boolean | true | If needed to send ChangeCipherSpec, set true. |
 | `:loglevel` | Logger constant | Logger::WARN | If needed to print verbose, set Logger::DEBUG. |
 
@@ -111,7 +113,7 @@ tttls1.3 server is configurable using keyword arguments.
 | key | type | default value | description |
 |-----|------|---------------|-------------|
 | `:crt_file` | String | nil | Path to the certificate file. This is a required setting. |
-| `:chain_files` | Array of OpenSSL::X509::Certificate | nil | Paths to the itermediate certificate files. |
+| `:chain_files` | Array of String | nil | Paths to the itermediate certificate files. |
 | `:key_file` | String | nil | Path to the private key file. This is a required setting. |
 | `:cipher_suites` | Array of TTTLS13::CipherSuite constant | `TLS_AES_256_GCM_SHA384`, `TLS_CHACHA20_POLY1305_SHA256`, `TLS_AES_128_GCM_SHA256` | List of supported cipher suites. |
 | `:signature_algorithms` | Array of TTTLS13::SignatureScheme constant | `ECDSA_SECP256R1_SHA256`, `ECDSA_SECP384R1_SHA384`, `ECDSA_SECP521R1_SHA512`, `RSA_PSS_RSAE_SHA256`, `RSA_PSS_RSAE_SHA384`, `RSA_PSS_RSAE_SHA512`, `RSA_PKCS1_SHA256`, `RSA_PKCS1_SHA384`, `RSA_PKCS1_SHA512` | List of supported signature algorithms. |

data/Rakefile

@@ -9,9 +9,11 @@ require 'fileutils'
 TMP_DIR    = __dir__ + '/tmp'
 CA_KEY     = TMP_DIR + '/ca.key'
 CA_CRT     = TMP_DIR + '/ca.crt'
+INTER_KEY  = TMP_DIR + '/intermediate.key'
+INTER_CRT  = TMP_DIR + '/intermediate.crt'
 SERVER_KEY = TMP_DIR + '/server.key'
 SERVER_CRT = TMP_DIR + '/server.crt'
-certs = [CA_KEY, CA_CRT, SERVER_KEY, SERVER_CRT]
+certs = [CA_KEY, CA_CRT, INTER_KEY, INTER_CRT, SERVER_KEY, SERVER_CRT]
 
 directory TMP_DIR
 
@@ -64,15 +66,66 @@ file CA_CRT => [TMP_DIR, CA_KEY] do
   File.write(CA_CRT, ca_crt.to_pem)
 end
 
+file INTER_KEY => TMP_DIR do
+  puts "generate #{INTER_KEY}..."
+  inter_key = OpenSSL::PKey::RSA.generate(2048)
+  File.write(INTER_KEY, inter_key.to_pem)
+end
+
+file INTER_CRT => [TMP_DIR, INTER_KEY] do
+  ca_key = OpenSSL::PKey::RSA.new(File.read(CA_KEY))
+  ca_crt = OpenSSL::X509::Certificate.new(File.read(CA_CRT))
+  inter_key = OpenSSL::PKey::RSA.new(File.read(INTER_KEY))
+
+  puts "generate #{INTER_CRT}..."
+  sub = OpenSSL::X509::Name.new
+  sub.add_entry('CN', 'test-intermediate')
+
+  inter_crt = OpenSSL::X509::Certificate.new
+  inter_crt.not_before = Time.now
+  inter_crt.not_after = Time.now + (60 * 60 * 24 * 365 * 10)
+  inter_crt.public_key = inter_key.public_key
+  inter_crt.serial = OpenSSL::BN.rand(64)
+  inter_crt.version = 2
+  inter_crt.issuer = ca_crt.subject
+  inter_crt.subject = sub
+
+  factory = OpenSSL::X509::ExtensionFactory.new
+  factory.subject_certificate = inter_crt
+  factory.issuer_certificate = ca_crt
+  inter_crt.add_extension(
+    factory.create_extension(
+      'keyUsage',
+      'critical, cRLSign, keyCertSign'
+    )
+  )
+  inter_crt.add_extension(
+    factory.create_extension(
+      'basicConstraints',
+      'critical, CA:true'
+    )
+  )
+  inter_crt.add_extension(
+    factory.create_extension(
+      'subjectKeyIdentifier',
+      'hash'
+    )
+  )
+
+  digest = OpenSSL::Digest::SHA256.new
+  inter_crt.sign(ca_key, digest)
+  File.write(INTER_CRT, inter_crt.to_pem)
+end
+
 file SERVER_KEY => TMP_DIR do
   puts "generate #{SERVER_KEY}..."
   server_key = OpenSSL::PKey::RSA.generate(2048)
   File.write(SERVER_KEY, server_key.to_pem)
 end
 
-file SERVER_CRT => [TMP_DIR, CA_CRT, SERVER_KEY] do
-  ca_key = OpenSSL::PKey::RSA.new(File.read(CA_KEY))
-  ca_crt = OpenSSL::X509::Certificate.new(File.read(CA_CRT))
+file SERVER_CRT => [TMP_DIR, INTER_CRT, SERVER_KEY] do
+  inter_key = OpenSSL::PKey::RSA.new(File.read(INTER_KEY))
+  inter_crt = OpenSSL::X509::Certificate.new(File.read(INTER_CRT))
   server_key = OpenSSL::PKey::RSA.new(File.read(SERVER_KEY))
 
   puts "generate #{SERVER_CRT}..."
@@ -85,12 +138,12 @@ file SERVER_CRT => [TMP_DIR, CA_CRT, SERVER_KEY] do
   server_crt.public_key = server_key.public_key
   server_crt.serial = OpenSSL::BN.rand(64)
   server_crt.version = 2
-  server_crt.issuer = ca_crt.issuer
+  server_crt.issuer = inter_crt.subject
   server_crt.subject = sub
 
   factory = OpenSSL::X509::ExtensionFactory.new
   factory.subject_certificate = server_crt
-  factory.issuer_certificate = ca_crt
+  factory.issuer_certificate = inter_crt
   server_crt.add_extension(
     factory.create_extension(
       'basicConstraints',
@@ -109,9 +162,15 @@ file SERVER_CRT => [TMP_DIR, CA_CRT, SERVER_KEY] do
       'DNS:localhost'
     )
   )
+  server_crt.add_extension(
+    factory.create_extension(
+      'authorityInfoAccess',
+      'caIssuers;URI:http://localhost:8080,OCSP;URI:http://localhost:8080'
+    )
+  )
 
   digest = OpenSSL::Digest::SHA256.new
-  server_crt.sign(ca_key, digest)
+  server_crt.sign(inter_key, digest)
   File.write(SERVER_CRT, server_crt.to_pem)
 end
 

data/example/https_client_using_0rtt.rb

@@ -22,7 +22,7 @@ process_new_session_ticket = proc do |nst, rms, cs|
   settings_2nd[:ticket_timestamp] = nst.timestamp
 end
 settings_1st = {
-  ca_file: FileTest.exists?(ca_file) ? ca_file : nil,
+  ca_file: File.exist?(ca_file) ? ca_file : nil,
   alpn: ['http/1.1'],
   process_new_session_ticket: process_new_session_ticket
 }

data/example/https_client_using_status_request.rb

@@ -0,0 +1,31 @@
+# encoding: ascii-8bit
+# frozen_string_literal: true
+
+require_relative 'helper'
+
+hostname, port = (ARGV[0] || 'localhost:4433').split(':')
+ca_file = __dir__ + '/../tmp/ca.crt'
+req = simple_http_request(hostname)
+
+process_certificate_status = proc do |res, cert, chain|
+  puts 'stapled OCSPResponse: '
+  puts res.basic.status.pretty_inspect unless res.nil?
+  puts '-' * 10
+
+  TTTLS13::Client.softfail_check_certificate_status(res, cert, chain)
+end
+
+socket = TCPSocket.new(hostname, port)
+settings = {
+  ca_file: File.exist?(ca_file) ? ca_file : nil,
+  alpn: ['http/1.1'],
+  check_certificate_status: true,
+  process_certificate_status: process_certificate_status
+}
+client = TTTLS13::Client.new(socket, hostname, settings)
+client.connect
+client.write(req)
+
+print recv_http_response(client)
+client.close unless client.eof?
+socket.close

data/example/https_server.rb

@@ -10,6 +10,7 @@ port = ARGV[0] || 4433
 
 settings = {
   crt_file: __dir__ + '/../tmp/server.crt',
+  chain_files: [__dir__ + '/../tmp/intermediate.crt'],
   key_file: __dir__ + '/../tmp/server.key',
   alpn: ['http/1.1']
 }

data/lib/tttls1.3.rb

@@ -1,6 +1,7 @@
 # frozen_string_literal: true
 
 require 'openssl'
+require 'net/http'
 require 'pp'
 require 'logger'
 

data/lib/tttls1.3/client.rb

@@ -59,6 +59,8 @@ module TTTLS13
     ticket_age_add: nil,
     ticket_timestamp: nil,
     record_size_limit: nil,
+    check_certificate_status: false,
+    process_certificate_status: nil,
     compatibility_mode: true,
     loglevel: Logger::WARN
   }.freeze
@@ -300,7 +302,8 @@ module TTTLS13
           message = recv_message(receivable_ccs: true, cipher: hs_rcipher)
           if message.msg_type == Message::HandshakeType::CERTIFICATE
             ct = transcript[CT] = message
-            terminate_invalid_certificate(ct, transcript[CH])
+            alert = check_invalid_certificate(ct, transcript[CH])
+            terminate(alert) unless alert.nil?
 
             @state = ClientState::WAIT_CV
           elsif message.msg_type == Message::HandshakeType::CERTIFICATE_REQUEST
@@ -314,7 +317,8 @@ module TTTLS13
           logger.debug('ClientState::WAIT_CERT')
 
           ct = transcript[CT] = recv_certificate(hs_rcipher)
-          terminate_invalid_certificate(ct, transcript[CH])
+          alert = check_invalid_certificate(ct, transcript[CH])
+          terminate(alert) unless alert.nil?
 
           @state = ClientState::WAIT_CV
         when ClientState::WAIT_CV
@@ -392,6 +396,58 @@ module TTTLS13
       @succeed_early_data
     end
 
+    # @param res [OpenSSL::OCSP::Response]
+    # @param cert [OpenSSL::X509::Certificate]
+    # @param chain [Array of OpenSSL::X509::Certificate, nil]
+    #
+    # @return [Boolean]
+    #
+    # @example
+    #   meth = Client.method(:softfail_check_certificate_status)
+    #   Client.new(
+    #     socket,
+    #     hostname,
+    #     check_certificate_status: true,
+    #     process_certificate_status: meth
+    #   )
+    # rubocop: disable Metrics/AbcSize
+    # rubocop: disable Metrics/CyclomaticComplexity
+    # rubocop: disable Metrics/PerceivedComplexity
+    def self.softfail_check_certificate_status(res, cert, chain)
+      ocsp_response = res
+      store = OpenSSL::X509::Store.new
+      store.set_default_paths
+      context = OpenSSL::X509::StoreContext.new(store, cert, chain)
+      context.verify
+      cid = OpenSSL::OCSP::CertificateId.new(cert, context.chain[1])
+
+      # When NOT received OCSPResponse in TLS handshake, this method will
+      # send OCSPRequest. If ocsp_uri is NOT presented in Certificate, return
+      # true. Also, if it sends OCSPRequest and does NOT receive a HTTPresponse
+      # within 2 seconds, return true.
+      if ocsp_response.nil?
+        uri = cert.ocsp_uris&.find { |u| URI::DEFAULT_PARSER.make_regexp =~ u }
+        return true if uri.nil?
+
+        begin
+          Timeout.timeout(2) { ocsp_response = send_ocsp_request(cid, uri) }
+        rescue StandardError
+          return true
+        end
+      end
+      return false \
+        if ocsp_response.status != OpenSSL::OCSP::RESPONSE_STATUS_SUCCESSFUL
+
+      status = ocsp_response.basic.status.find { |s| s.first.cmp(cid) }
+      return false if status[1] != OpenSSL::OCSP::V_CERTSTATUS_GOOD
+      return false if !status[3].nil? && status[3] < Time.now
+
+      ocsp_response.basic.verify(chain, store)
+    end
+    # rubocop: enable Metrics/AbcSize
+    # rubocop: enable Metrics/CyclomaticComplexity
+    # rubocop: enable Metrics/PerceivedComplexity
+
     private
 
     # @return [Boolean]
@@ -471,6 +527,7 @@ module TTTLS13
     # @return [Hash of NamedGroup => OpenSSL::PKey::EC.$Object]
     # rubocop: disable Metrics/AbcSize
     # rubocop: disable Metrics/CyclomaticComplexity
+    # rubocop: disable Metrics/MethodLength
     # rubocop: disable Metrics/PerceivedComplexity
     def gen_ch_extensions
       exs = []
@@ -519,10 +576,15 @@ module TTTLS13
       exs << Message::Extension::Alpn.new(@settings[:alpn].reject(&:empty?)) \
         if !@settings[:alpn].nil? && !@settings[:alpn].empty?
 
+      # status_request
+      exs << Message::Extension::OCSPStatusRequest.new \
+        if @settings[:check_certificate_status]
+
       [Message::Extensions.new(exs), priv_keys]
     end
     # rubocop: enable Metrics/AbcSize
     # rubocop: enable Metrics/CyclomaticComplexity
+    # rubocop: enable Metrics/MethodLength
     # rubocop: enable Metrics/PerceivedComplexity
 
     # @param extensions [TTTLS13::Message::Extensions]
@@ -753,16 +815,32 @@ module TTTLS13
 
     # @param ct [TTTLS13::Message::Certificate]
     # @param ch [TTTLS13::Message::ClientHello]
-    def terminate_invalid_certificate(ct, ch)
-      terminate(:illegal_parameter) unless ct.appearable_extensions?
+    #
+    # @return [Symbol, nil] return key of ALERT_DESCRIPTION, if invalid
+    def check_invalid_certificate(ct, ch)
+      return :illegal_parameter unless ct.appearable_extensions?
 
-      terminate(:unsupported_extension) \
+      return :unsupported_extension \
         unless ct.certificate_list.map(&:extensions)
                  .all? { |e| (e.keys - ch.extensions.keys).empty? }
 
-      terminate(:certificate_unknown) \
-        unless trusted_certificate?(ct.certificate_list,
-                                    @settings[:ca_file], @hostname)
+      return :certificate_unknown unless trusted_certificate?(
+        ct.certificate_list,
+        @settings[:ca_file],
+        @hostname
+      )
+
+      if @settings[:check_certificate_status]
+        ee = ct.certificate_list.first
+        ocsp_response = ee.extensions[Message::ExtensionType::STATUS_REQUEST]
+                         &.ocsp_response
+        cert = ee.cert_data
+        chain = ct.certificate_list[1..]&.map(&:cert_data)
+        return :bad_certificate_status_response \
+          unless satisfactory_certificate_status?(ocsp_response, cert, chain)
+      end
+
+      nil
     end
 
     # @param ct [TTTLS13::Message::Certificate]
@@ -784,6 +862,15 @@ module TTTLS13
       )
     end
 
+    # @param ocsp_response [OpenSSL::OCSP::Response]
+    # @param cert [OpenSSL::X509::Certificate]
+    # @param chain [Array of OpenSSL::X509::Certificate, nil]
+    #
+    # @return [Boolean]
+    def satisfactory_certificate_status?(ocsp_response, cert, chain)
+      @settings[:process_certificate_status]&.call(ocsp_response, cert, chain)
+    end
+
     # @param nst [TTTLS13::Message::NewSessionTicket]
     #
     # @raise [TTTLS13::Error::ErrorAlerts]

data/lib/tttls1.3/connection.rb

@@ -273,7 +273,7 @@ module TTTLS13
 
       # Received a protected ccs, peer MUST abort the handshake.
       if record.type == Message::ContentType::APPLICATION_DATA &&
-         record.messages.first.is_a?(Message::ChangeCipherSpec)
+         record.messages.any? { |m| m.is_a?(Message::ChangeCipherSpec) }
         terminate(:unexpected_message)
       end
 
@@ -474,8 +474,10 @@ module TTTLS13
     #
     # @return [Boolean]
     def trusted_certificate?(certificate_list, ca_file = nil, hostname = nil)
-      cert_bin = certificate_list.first.cert_data
-      cert = OpenSSL::X509::Certificate.new(cert_bin)
+      chain = certificate_list.map(&:cert_data).map do |c|
+        OpenSSL::X509::Certificate.new(c)
+      end
+      cert = chain.shift
 
       # not support CN matching, only support SAN matching
       return false if !hostname.nil? && !matching_san?(cert, hostname)
@@ -483,9 +485,6 @@ module TTTLS13
       store = OpenSSL::X509::Store.new
       store.set_default_paths
       store.add_file(ca_file) unless ca_file.nil?
-      chain = certificate_list[1..].map(&:cert_data).map do |c|
-        OpenSSL::X509::Certificate.new(c)
-      end
       # TODO: parse authorityInfoAccess::CA Issuers
       ctx = OpenSSL::X509::StoreContext.new(store, cert, chain)
       now = Time.now
@@ -539,6 +538,32 @@ module TTTLS13
         end
       end
     end
+
+    class << self
+      # @param cid [OpenSSL::OCSP::CertificateId]
+      # @param uri [String]
+      #
+      # @return [OpenSSL::OCSP::Response]
+      def send_ocsp_request(cid, uri)
+        # generate OCSPRequest
+        ocsp_request = OpenSSL::OCSP::Request.new
+        ocsp_request.add_certid(cid)
+        ocsp_request.add_nonce
+        # send HTTP POST
+        uri = URI.parse(uri)
+        path = uri.path
+        path = '/' if path.nil? || path.empty?
+        http_response = Net::HTTP.start uri.host, uri.port do |http|
+          http.post(
+            path,
+            ocsp_request.to_der,
+            'content-type' => 'application/ocsp-request'
+          )
+        end
+
+        OpenSSL::OCSP::Response.new(http_response.body)
+      end
+    end
   end
   # rubocop: enable Metrics/ClassLength
 end

data/lib/tttls1.3/message/extension/status_request.rb

@@ -9,23 +9,20 @@ module TTTLS13
         OCSP = "\x01"
       end
 
-      class StatusRequest
+      class OCSPStatusRequest
         attr_reader :extension_type
         attr_reader :responder_id_list
         attr_reader :request_extensions
 
-        # @param responder_id_list [Array of String]
-        # @param request_extensions [String]
+        # @param responder_id_list [Array of OpenSSL::ASN1::ASN1Data]
+        # @param request_extensions [Array of OpenSSL::ASN1::ASN1Data]
         #
         # @example
-        #   StatusRequest.new(
-        #       responder_id_list: [],
-        #       request_extensions: []
-        #   )
-        def initialize(responder_id_list: [], request_extensions: '')
+        #   OCSPStatusRequest.new
+        def initialize(responder_id_list: [], request_extensions: [])
           @extension_type = ExtensionType::STATUS_REQUEST
           @responder_id_list = responder_id_list || []
-          @request_extensions = request_extensions || ''
+          @request_extensions = request_extensions || []
         end
 
         # @return [String]
@@ -34,9 +31,9 @@ module TTTLS13
           binary += CertificateStatusType::OCSP
           binary += @responder_id_list.length.to_uint16
           binary += @responder_id_list.map do |id|
-            id.length.to_uint16 + id
+            id.to_der.prefix_uint16_length
           end.join
-          binary += @request_extensions.prefix_uint16_length
+          binary += @request_extensions.map(&:to_der).join.prefix_uint16_length
 
           @extension_type + binary.prefix_uint16_length
         end
@@ -45,8 +42,9 @@ module TTTLS13
         #
         # @raise [TTTLS13::Error::ErrorAlerts]
         #
-        # @return [TTTLS13::Message::Extension::StatusRequest, nil]
+        # @return [TTTLS13::Message::Extension::OCSPStatusRequest, nil]
         # rubocop: disable Metrics/CyclomaticComplexity
+        # rubocop: disable Metrics/PerceivedComplexity
         def self.deserialize(binary)
           raise Error::ErrorAlerts, :internal_error if binary.nil?
           return nil if binary.length < 5 ||
@@ -64,14 +62,20 @@ module TTTLS13
 
           re_len = Convert.bin2i(binary.slice(i, 2))
           i += 2
-          request_extensions = binary.slice(i, re_len)
+          exs_bin = binary.slice(i, re_len)
+          begin
+            request_extensions = OpenSSL::ASN1.decode_all(exs_bin)
+          rescue OpenSSL::ASN1::ASN1Error
+            return nil
+          end
           i += re_len
           return nil unless i == binary.length
 
-          StatusRequest.new(responder_id_list: responder_id_list,
-                            request_extensions: request_extensions)
+          OCSPStatusRequest.new(responder_id_list: responder_id_list,
+                                request_extensions: request_extensions)
         end
         # rubocop: enable Metrics/CyclomaticComplexity
+        # rubocop: enable Metrics/PerceivedComplexity
 
         class << self
           private
@@ -80,7 +84,7 @@ module TTTLS13
           #
           # @raise [TTTLS13::Error::ErrorAlerts]
           #
-          # @return [Array of String, nil] received unparsable binary, nil
+          # @return [Array of ASN1Data, nil] received unparsable binary, nil
           def deserialize_request_ids(binary)
             raise Error::ErrorAlerts, :internal_error if binary.nil?
 
@@ -92,7 +96,11 @@ module TTTLS13
               id_len = Convert.bin2i(binary.slice(i, 2))
               i += 2
               id = binary.slice(i, id_len)
-              request_ids += id
+              begin
+                request_ids += OpenSSL::ASN1.decode(id)
+              rescue OpenSSL::ASN1::ASN1Error
+                return nil
+              end
               i += id_len
             end
             return nil if i != binary.length
@@ -101,6 +109,54 @@ module TTTLS13
           end
         end
       end
+
+      class OCSPResponse
+        attr_reader :extension_type
+        attr_reader :ocsp_response
+
+        # @param ocsp_response [OpenSSL::OCSP::Response]
+        #
+        # @example
+        #   OCSPResponse.new(
+        #     OpenSSL::OCSP::Response.create(status, basic_resp)
+        #   )
+        def initialize(ocsp_response)
+          @extension_type = ExtensionType::STATUS_REQUEST
+          @ocsp_response = ocsp_response
+        end
+
+        # @return [String]
+        def serialize
+          binary = ''
+          binary += CertificateStatusType::OCSP
+          binary += @ocsp_response.to_der.prefix_uint24_length
+
+          @extension_type + binary.prefix_uint16_length
+        end
+
+        # @param binary [String]
+        #
+        # @raise [TTTLS13::Error::ErrorAlerts]
+        #
+        # @return [TTTLS13::Message::Extension::OCSPResponse, nil]
+        def self.deserialize(binary)
+          raise Error::ErrorAlerts, :internal_error if binary.nil?
+          return nil if binary.length < 4 ||
+                        binary[0] != CertificateStatusType::OCSP
+
+          res_len = Convert.bin2i(binary.slice(1, 3))
+          res = binary.slice(4, res_len)
+          ocsp_response = nil
+          begin
+            ocsp_response = OpenSSL::OCSP::Response.new(res)
+          rescue OpenSSL::OCSP::OCSPError
+            return nil
+          end
+          return nil if 4 + res_len != binary.length
+
+          OCSPResponse.new(ocsp_response)
+        end
+      end
     end
   end
 end

data/lib/tttls1.3/message/extensions.rb

@@ -110,12 +110,23 @@ module TTTLS13
         #
         # @return [TTTLS13::Message::Extension::$Object, nil]
         # rubocop: disable Metrics/CyclomaticComplexity
+        # rubocop: disable Metrics/MethodLength
+        # rubocop: disable Metrics/PerceivedComplexity
         def deserialize_extension(binary, extension_type, msg_type)
           raise Error::ErrorAlerts, :internal_error if binary.nil?
 
           case extension_type
           when ExtensionType::SERVER_NAME
             Extension::ServerName.deserialize(binary)
+          when ExtensionType::STATUS_REQUEST
+            if msg_type == HandshakeType::CLIENT_HELLO # ||
+              # msg_type == HandshakeType::CERTIFICATE_REQUEST
+              Extension::OCSPStatusRequest.deserialize(binary)
+            elsif msg_type == HandshakeType::CERTIFICATE
+              Extension::OCSPResponse.deserialize(binary)
+            else
+              return nil
+            end
           when ExtensionType::SUPPORTED_GROUPS
             Extension::SupportedGroups.deserialize(binary)
           when ExtensionType::SIGNATURE_ALGORITHMS
@@ -143,6 +154,8 @@ module TTTLS13
           end
         end
         # rubocop: enable Metrics/CyclomaticComplexity
+        # rubocop: enable Metrics/MethodLength
+        # rubocop: enable Metrics/PerceivedComplexity
       end
     end
   end

data/lib/tttls1.3/utils.rb

@@ -61,6 +61,21 @@ module TTTLS13
         length.to_uint64 + self
       end
     end
+
+    refine OpenSSL::X509::Certificate do
+      unless method_defined?(:ocsp_uris)
+        define_method(:ocsp_uris) do
+          aia = extensions.find { |ex| ex.oid == 'authorityInfoAccess' }
+          return nil if aia.nil?
+
+          ostr = OpenSSL::ASN1.decode(aia.to_der).value.last
+          ocsp = OpenSSL::ASN1.decode(ostr.value)
+                              .map(&:value)
+                              .select { |des| des.first.value == 'OCSP' }
+          ocsp&.map { |o| o[1].value }
+        end
+      end
+    end
   end
 
   module Convert

data/lib/tttls1.3/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module TTTLS13
-  VERSION = '0.2.11'
+  VERSION = '0.2.12'
 end

data/spec/fixtures/rsa_rsa_ocsp.crt

@@ -0,0 +1,18 @@
+-----BEGIN CERTIFICATE-----
+MIIC4TCCAcmgAwIBAgIJALkL6IyOlMwWMA0GCSqGSIb3DQEBCwUAMBIxEDAOBgNV
+BAMMB3Rlc3QtY2EwHhcNMTkxMTI2MDczMzExWhcNMjkxMTIzMDczMzExWjAUMRIw
+EAYDVQQDDAl0ZXN0LW9jc3AwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
+AQDapLrB5S2yXQ9Wt/O9SZzoMW8IChsPgtZYC8h4Z/bcbqRb/6Bq5YfcYxq84cD/
+8xn7e8R2OCNgva8GBlMy7d0czt3ysLnNlZ+dPu7MU4yS/R40LOhMGEf71mf6PLqj
+1ecaEclgbIhyIGHlUXQIAnhhpAwzHxKVAhcgBgQFs8NgNViAE3BpjyUW0qXE5RUY
+BQ7V9/Kn/fnsfOk6jMF20V2Kxn5Sj/c+D59+vFX3FmQyqsTKoAKoUuNsFOvHGV0d
+gxLggE5wq4AodrA40MY95HgCZ2rDfEKgfc9rKhLGz6s0etGFMVtjqK6YvpQYUOaS
+8JStLrGF1eINoJJFibIf69v9AgMBAAGjODA2MAkGA1UdEwQCMAAwEwYDVR0lBAww
+CgYIKwYBBQUHAwkwFAYDVR0RBA0wC4IJdGVzdC1vY3NwMA0GCSqGSIb3DQEBCwUA
+A4IBAQBHC6jRQyZhBJIdfP9CGpNO1dNHicwpFJ61ofwgzW1jEkVfBtVpqvEaEbYE
+LVxru1s8VY281trhwRuZkDRv5hB/CUUbdPICwQlkyCdUoYURrJEm/mirK9494AGh
+f33S+bMXZGAYLYoPYlSGj8EpL1Do3nvJK8//coRJlTEBcfgIIUlRMaeOiGrg3zpM
+1KGxO3GtG1mpod7BEMv3ZGI85p8wXF4N2Z+phBoAyRGW+R4VW3tF5bbqiKlRr3Lt
+HNsuXHSQykKpxD085eeQLTZGVESrCcmNv8XvVxwGE1r0kmlwexADNvP3HDXseie+
+8QFIt+zvJb/lDy4xbCT/M4a7L9Gn
+-----END CERTIFICATE-----

data/spec/fixtures/rsa_rsa_ocsp.key

@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpAIBAAKCAQEA2qS6weUtsl0PVrfzvUmc6DFvCAobD4LWWAvIeGf23G6kW/+g
+auWH3GMavOHA//MZ+3vEdjgjYL2vBgZTMu3dHM7d8rC5zZWfnT7uzFOMkv0eNCzo
+TBhH+9Zn+jy6o9XnGhHJYGyIciBh5VF0CAJ4YaQMMx8SlQIXIAYEBbPDYDVYgBNw
+aY8lFtKlxOUVGAUO1ffyp/357HzpOozBdtFdisZ+Uo/3Pg+ffrxV9xZkMqrEyqAC
+qFLjbBTrxxldHYMS4IBOcKuAKHawONDGPeR4Amdqw3xCoH3PayoSxs+rNHrRhTFb
+Y6iumL6UGFDmkvCUrS6xhdXiDaCSRYmyH+vb/QIDAQABAoIBAQC/s1D/siYHzeol
++XFelI1bVARqwxmI1wmB9wrU7yqViPjYpN+M+iTNyaLm2vUyNH6ibZkKohv6tTUh
+DiiibcXBfWtCX0r5gueIomYThmmpcv6pdnpSRbPPjeRqlhZ6kZBn3hJ3VZGoptXO
+j0UxxKCx03jS1bqgJU4LSNr7+OojjeKh8D9bxwCizhGx9239QwChtQTPr4U3aeTb
+Qwx8WtNH/2zvpdylyXW/eg8MO4WPYXpxWSGQnRJG5knPa7hF+iRnszysbUPNBVUd
+TUQJHBdtukt+7hDbPyMpMu0DwpqhOqsEk2avacWuCYEEE/SWmJ/mvLokbfECSUpy
+ZqfXJPLNAoGBAPtd+m2YVmLJmjO2skv+zGG5KhHNF2cY6xLQWuHW/yChNjSzpLYm
+YygyOd4hBH39ieQkBRs0QOX9S5Dzv6ERU1cr0CVDJeb9TQ9UTxXc01paJ+aoZNr5
+uHoGO16xBR4tmidc4HmbHDFSwmRAFhkooHM9MVACUFABIdWqwEwSZa/HAoGBAN6s
+WhPrsDyRAfKFV9bwD1P5aMPu6pjWOFO3bRIisPRtVzilamCkKvXCh1SyYHaNRjjG
+fQYEZeCZTxHi7GxZltRG5DRsmm8rDz6E4OrTQMHfQNDiuw78uZZ9+YYwaIM3nt1i
+/lN2hs79zj/HPf5qX9rw+CarOL0bdW97a/Monx4bAoGAeMqXXfT3hi9E15bypQxD
+IK6/JaC9n0BdLkRLd/09ymtNxhORkipuOdGw9yo8o2Kj0arxfTol+Z83oedP7dGK
+j/gw5McYvqB4WGZ2PpZIRkHOrMu883FPEexOuVktkWvuiP3brPQ5nwYa/dvCAsMA
+H4CHYuBJwbhZjvinwaaRkN8CgYA9sQh/zmOUVCRy+Yh9jyLgBBCHgDDUyTzvzLjW
+NnBKN+TbV9DiF3mjfxKZX5YkIj3bSvqmaR+Em1Txwqn31tZX15AwCgq7U/W0P4JE
+7ORbEixV8wsaOuB8FkjEabL677T+5wdJPmRZAq5asyu0yenmsa4+oF9m3S2rBknB
+I3b6EwKBgQD1+0+xdGomMeKHg8jWuDytdlWmNXmbiV0g2yOm533jG67vGDPfgd0H
+PNC62d7r5EhIVJwQZmW/GdOfZ7tI91XN+GjNyslr9t299hoMeRMT+Db2U+mQvKuS
+Oz+MHhO8YnOz9GFbQShqiCFj4zTU/0Ga/BY8Y52lURftt/QIXo+7Vg==
+-----END RSA PRIVATE KEY-----

data/spec/spec_helper.rb

@@ -4,6 +4,7 @@
 RSpec.configure(&:disable_monkey_patching!)
 
 # rubocop: disable Style/MixinUsage
+require 'date'
 require 'tttls1.3'
 include TTTLS13
 include TTTLS13::Error
@@ -41,10 +42,43 @@ TESTBINARY_SERVER_NAME = <<BIN.split.map(&:hex).map(&:chr).join
   00 0d 00 00 0a 67 69 74     68 75 62 2e 63 6f 6d
 BIN
 
-TESTBINARY_STATUS_REQUEST = <<BIN.split.map(&:hex).map(&:chr).join
+TESTBINARY_OCSP_STATUS_REQUEST = <<BIN.split.map(&:hex).map(&:chr).join
   01 00 00 00 00
 BIN
 
+TESTBINARY_OCSP_RESPONSE = <<BIN.split.map(&:hex).map(&:chr).join
+  01 00 01 d0 30 82 01 cc     0a 01 00 a0 82 01 c5 30
+  82 01 c1 06 09 2b 06 01     05 05 07 30 01 01 04 82
+  01 b2 30 82 01 ae 30 81     97 a1 16 30 14 31 12 30
+  10 06 03 55 04 03 0c 09     74 65 73 74 2d 6f 63 73
+  70 18 0f 32 30 31 39 31     31 32 38 32 30 34 32 32
+  38 5a 30 6c 30 6a 30 42     30 09 06 05 2b 0e 03 02
+  1a 05 00 04 14 71 02 ca     0e ca 3e be d8 31 e6 37
+  40 80 9e 37 f6 da 9f a5     27 04 14 ac c2 63 89 fe
+  4d c6 08 1f 1f 4d 77 9e     12 7a bf 32 b6 d6 12 02
+  09 00 cf 1a 4c 8a cc cc     78 33 80 00 18 0f 32 30
+  31 39 31 31 32 38 32 30     34 32 32 38 5a a0 11 18
+  0f 32 30 32 39 31 31 32     38 32 30 34 32 32 38 5a
+  30 0d 06 09 2a 86 48 86     f7 0d 01 01 05 05 00 03
+  82 01 01 00 42 90 e2 2f     f0 25 3b cf 11 75 56 83
+  c2 dc 10 d1 e8 d3 74 67     9e df db 0e 03 36 9f 64
+  48 61 8b 50 ca 2c dd fc     82 5b 52 d5 9b 06 64 86
+  70 08 c2 0b ca c9 50 b8     42 42 19 80 8f 6e f0 42
+  92 ac 67 4f 74 fa 2a d2     f4 2f 82 15 11 71 4b bd
+  54 d0 21 fb 0a 91 d3 ba     67 5e cb 7d b2 e6 a2 da
+  30 3d b3 92 3d a9 4e 2c     f6 4a 0b 22 96 b2 1d 06
+  c3 0a c7 41 5f 9e 22 c0     e0 3f 52 cc ff be dd 52
+  80 3f 68 36 ce c0 02 df     ae ab 96 a9 be d8 51 b2
+  bd ec f9 e7 98 5e 8a 77     69 b6 f1 60 19 49 f0 58
+  26 70 2f 7b 19 cc d0 13     9e 9c ed 8a 5c 87 34 4c
+  fd bd 0f 41 3f 5c d8 1e     26 ce bb dd 17 a7 a4 37
+  8f d8 19 39 5b c9 17 18     ca c3 7a eb 5d e7 ba a1
+  12 23 d6 cb 22 0e e1 bf     9e 40 9b e3 5c b5 6b e3
+  aa 6e 93 56 4f da da a1     c6 79 13 9d 5c d6 87 2b
+  f7 6a 0f fc 2c 03 b2 41     c4 90 b8 3d 50 1c 8a 9b
+  11 1b 41 83
+BIN
+
 TESTBINARY_SUPPORTED_GROUPS = <<BIN.split.map(&:hex).map(&:chr).join
   00 06 00 17 00 18 00 19
 BIN

data/spec/status_request_spec.rb

@@ -4,10 +4,10 @@
 require_relative 'spec_helper'
 using Refinements
 
-RSpec.describe StatusRequest do
-  context 'default status_request' do
+RSpec.describe OCSPStatusRequest do
+  context 'default OCSPStatusRequest' do
     let(:extension) do
-      StatusRequest.new
+      OCSPStatusRequest.new
     end
 
     it 'should be generated' do
@@ -21,9 +21,9 @@ RSpec.describe StatusRequest do
     end
   end
 
-  context 'valid status_request' do
+  context 'valid OCSPStatusRequest' do
     let(:extension) do
-      StatusRequest.new(responder_id_list: [], request_extensions: '')
+      OCSPStatusRequest.new(responder_id_list: [], request_extensions: [])
     end
 
     it 'should be generated' do
@@ -37,9 +37,9 @@ RSpec.describe StatusRequest do
     end
   end
 
-  context 'valid status_request, 0 length request ' do
+  context 'valid OCSPStatusRequest, 0 length request ' do
     let(:extension) do
-      StatusRequest.new(responder_id_list: nil, request_extensions: nil)
+      OCSPStatusRequest.new(responder_id_list: nil, request_extensions: nil)
     end
 
     it 'should be generated' do
@@ -53,9 +53,9 @@ RSpec.describe StatusRequest do
     end
   end
 
-  context 'valid status_request binary' do
+  context 'valid OCSPStatusRequest binary' do
     let(:extension) do
-      StatusRequest.deserialize(TESTBINARY_STATUS_REQUEST)
+      OCSPStatusRequest.deserialize(TESTBINARY_OCSP_STATUS_REQUEST)
     end
 
     it 'should generate valid object' do
@@ -67,7 +67,74 @@ RSpec.describe StatusRequest do
     it 'should generate serializable object' do
       expect(extension.serialize)
         .to eq ExtensionType::STATUS_REQUEST \
-               + TESTBINARY_STATUS_REQUEST.prefix_uint16_length
+               + TESTBINARY_OCSP_STATUS_REQUEST.prefix_uint16_length
+    end
+  end
+end
+
+RSpec.describe OCSPResponse do
+  context 'valid OCSPResponse whose status is good' do
+    let(:basic_resp) do
+      server_crt = OpenSSL::X509::Certificate.new(
+        File.read(__dir__ + '/fixtures/rsa_rsa.crt')
+      )
+      ca_crt = OpenSSL::X509::Certificate.new(
+        File.read(__dir__ + '/fixtures/rsa_ca.crt')
+      )
+      ocsp_crt = OpenSSL::X509::Certificate.new(
+        File.read(__dir__ + '/fixtures/rsa_rsa_ocsp.crt')
+      )
+      ocsp_key = OpenSSL::PKey.read(
+        File.read(__dir__ + '/fixtures/rsa_rsa_ocsp.key')
+      )
+
+      br = OpenSSL::OCSP::BasicResponse.new
+      cid = OpenSSL::OCSP::CertificateId.new(server_crt, ca_crt)
+      br.add_status(
+        cid,
+        OpenSSL::OCSP::V_CERTSTATUS_GOOD,
+        0,
+        nil,
+        Time.now,
+        DateTime.now.next_day(1).to_time,
+        []
+      )
+      br.sign(ocsp_crt, ocsp_key)
+      br
+    end
+
+    let(:ocsp_response) do
+      OpenSSL::OCSP::Response.create(
+        OpenSSL::OCSP::RESPONSE_STATUS_SUCCESSFUL,
+        basic_resp
+      )
+    end
+
+    let(:extension) do
+      OCSPResponse.new(ocsp_response)
+    end
+
+    it 'should be generated' do
+      expect(extension.extension_type).to eq ExtensionType::STATUS_REQUEST
+      expect(extension.ocsp_response).to eq ocsp_response
+    end
+
+    it 'should be serialized' do
+      binary = CertificateStatusType::OCSP \
+               + ocsp_response.to_der.prefix_uint24_length
+
+      expect(extension.serialize).to eq ExtensionType::STATUS_REQUEST \
+                                        + binary.prefix_uint16_length
+    end
+  end
+
+  context 'valid OCSPResponse binary' do
+    let(:extension) do
+      OCSPResponse.deserialize(TESTBINARY_OCSP_RESPONSE)
+    end
+
+    it 'should generate valid object' do
+      expect(extension.extension_type).to eq ExtensionType::STATUS_REQUEST
     end
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: tttls1.3
 version: !ruby/object:Gem::Version
-  version: 0.2.11
+  version: 0.2.12
 platform: ruby
 authors:
 - thekuwayama
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-12-05 00:00:00.000000000 Z
+date: 2020-01-04 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -73,6 +73,7 @@ files:
 - example/https_client_using_0rtt.rb
 - example/https_client_using_hrr.rb
 - example/https_client_using_hrr_and_ticket.rb
+- example/https_client_using_status_request.rb
 - example/https_client_using_ticket.rb
 - example/https_server.rb
 - interop/client_spec.rb
@@ -144,6 +145,8 @@ files:
 - spec/fixtures/rsa_ca.key
 - spec/fixtures/rsa_rsa.crt
 - spec/fixtures/rsa_rsa.key
+- spec/fixtures/rsa_rsa_ocsp.crt
+- spec/fixtures/rsa_rsa_ocsp.key
 - spec/fixtures/rsa_rsassaPss.crt
 - spec/fixtures/rsa_rsassaPss.key
 - spec/fixtures/rsa_secp256r1.crt
@@ -217,6 +220,8 @@ test_files:
 - spec/fixtures/rsa_ca.key
 - spec/fixtures/rsa_rsa.crt
 - spec/fixtures/rsa_rsa.key
+- spec/fixtures/rsa_rsa_ocsp.crt
+- spec/fixtures/rsa_rsa_ocsp.key
 - spec/fixtures/rsa_rsassaPss.crt
 - spec/fixtures/rsa_rsassaPss.key
 - spec/fixtures/rsa_secp256r1.crt