Make editorial changes suggested by Matt Caswell and fixed Travis failures.

    OPT_VALIDITY_PERIOD, OPT_STATUS_AGE, OPT_SIGNKEY, OPT_REQOUT,

    OPT_RESPOUT, OPT_PATH, OPT_ISSUER, OPT_CERT, OPT_SERIAL,

    OPT_INDEX, OPT_CA, OPT_NMIN, OPT_REQUEST, OPT_NDAYS, OPT_RSIGNER,

    OPT_RKEY, OPT_ROTHER, OPT_RMD, OPT_SIGOPT, OPT_HEADER,

    OPT_RKEY, OPT_ROTHER, OPT_RMD, OPT_RSIGOPT, OPT_HEADER,

    OPT_V_ENUM,

    OPT_MD

} OPTION_CHOICE;

    {"rkey", OPT_RKEY, '<', "Responder key to sign responses with"},

    {"rother", OPT_ROTHER, '<', "Other certificates to include in response"},

    {"rmd", OPT_RMD, 's', "Digest Algorithm to use in signature of OCSP response"},

    {"rsigopt", OPT_SIGOPT, 's', "OCSP response signature parameter in n:v form"},

    {"rsigopt", OPT_RSIGOPT, 's', "OCSP response signature parameter in n:v form"},

    {"header", OPT_HEADER, 's', "key=value header to add"},

    {"", OPT_MD, '-', "Any supported digest algorithm (sha1,sha256, ... )"},

    OPT_V_OPTIONS,

            if (!opt_md(opt_arg(), &rsign_md))

                goto end;

            break;

        case OPT_SIGOPT:

        case OPT_RSIGOPT:

            if (rsign_sigopts == NULL)

                rsign_sigopts = sk_OPENSSL_STRING_new_null();

            if (rsign_sigopts == NULL || !sk_OPENSSL_STRING_push(rsign_sigopts, opt_arg()))

# Copyright 1999-2017 The OpenSSL Project Authors. All Rights Reserved.

# Copyright 1999-2018 The OpenSSL Project Authors. All Rights Reserved.

#

# Licensed under the OpenSSL license (the "License").  You may not use

# this file except in compliance with the License.  You can obtain a copy

OCSP_F_D2I_OCSP_NONCE:102:d2i_ocsp_nonce

OCSP_F_OCSP_BASIC_ADD1_STATUS:103:OCSP_basic_add1_status

OCSP_F_OCSP_BASIC_SIGN:104:OCSP_basic_sign

OCSP_F_OCSP_BASIC_SIGN_CTX:119:OCSP_basic_sign_ctx

OCSP_F_OCSP_BASIC_VERIFY:105:OCSP_basic_verify

OCSP_F_OCSP_CERT_ID_NEW:101:OCSP_cert_id_new

OCSP_F_OCSP_CHECK_DELEGATED:106:ocsp_check_delegated

/*

 * Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.

 * Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.

 *

 * Licensed under the OpenSSL license (the "License").  You may not use

 * this file except in compliance with the License.  You can obtain a copy

    return 1;

}

/*

 * Sign an OCSP response using the parameters contained in the digest context,

 * set the responderID to the subject name in the signer's certificate, and

 * include one or more optional certificates in the response.

 */

int OCSP_basic_sign_ctx(OCSP_BASICRESP *brsp,

                    X509 *signer, EVP_MD_CTX *ctx,

                    STACK_OF(X509) *certs, unsigned long flags)

{

    int i;

    OCSP_RESPID *rid;

    EVP_PKEY *pkey;

    if (ctx == NULL || EVP_MD_CTX_pkey_ctx(ctx) == NULL) {

        OCSPerr(OCSP_F_OCSP_BASIC_SIGN_CTX, OCSP_R_NO_SIGNER_KEY);

        goto err;

    }

    if (ctx == NULL || EVP_MD_CTX_pkey_ctx(ctx) == NULL

        || EVP_PKEY_CTX_get0_pkey(EVP_MD_CTX_pkey_ctx(ctx)) == NULL

        || !X509_check_private_key(signer, EVP_PKEY_CTX_get0_pkey(EVP_MD_CTX_pkey_ctx(ctx)))) {

    pkey = EVP_PKEY_CTX_get0_pkey(EVP_MD_CTX_pkey_ctx(ctx));

    if (pkey == NULL || !X509_check_private_key(signer, pkey)) {

        OCSPerr(OCSP_F_OCSP_BASIC_SIGN_CTX,

                OCSP_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE);

        goto err;

# define OCSP_F_D2I_OCSP_NONCE                            102

# define OCSP_F_OCSP_BASIC_ADD1_STATUS                    103

# define OCSP_F_OCSP_BASIC_SIGN                           104

# define OCSP_F_OCSP_BASIC_SIGN_CTX                       131

# define OCSP_F_OCSP_BASIC_SIGN_CTX                       119

# define OCSP_F_OCSP_BASIC_VERIFY                         105

# define OCSP_F_OCSP_CERT_ID_NEW                          101

# define OCSP_F_OCSP_CHECK_DELEGATED                      106