OCSP digest support for SHA-256 #2854
Description
Problem:
SHA1 seems to be the only OCSP digest supported by s2n: https://github.com/aws/s2n-tls/blob/main/tls/s2n_x509_validator.c#L473-L478
However, the support for SHA1 in OCSP is a bit outdated. The latest OCSP RFC states that it's mandatory for clients that request OCSP services to be able to process responses signed using SHA-256.
Proposed Solution:
Update OCSP digest support to handle SHA-256.
-
Does this change what S2N sends over the wire? No
-
Does this change any public APIs? No
-
Which versions of TLS will this impact? N/A
-
RFC links:
- Old OCSP RFC: https://datatracker.ietf.org/doc/html/rfc2560#section-4.3
- Latest OCSP RFC: https://datatracker.ietf.org/doc/html/rfc6960#section-4.3
-
Related Issues: https://shufflesharding.com/posts/improving-security-in-s2n
-
Will the Usage Guide or other documentation need to be updated?
-
Testing: Would need to update s2n unit tests to test against OCSP responses signed using SHA-256, along with new OCSP test files.
- Will this change trigger SAW changes? Not sure
- Should this change be fuzz tested? Not sure