Loading crypto/ocsp/ocsp_cl.c +23 −0 Original line number Diff line number Diff line Loading @@ -191,6 +191,29 @@ ASN1_GENERALIZEDTIME *OCSP_resp_get0_produced_at(OCSP_BASICRESP* bs) return bs->tbsResponseData.producedAt; } const STACK_OF(X509) *OCSP_resp_get0_certs(const OCSP_BASICRESP *bs) { return bs->certs; } int OCSP_resp_get0_id(const OCSP_BASICRESP *bs, const ASN1_OCTET_STRING **pid, const X509_NAME **pname) { const OCSP_RESPID *rid = &bs->tbsResponseData.responderId; if (rid->type == V_OCSP_RESPID_NAME) { *pname = rid->value.byName; *pid = NULL; } else if (rid->type == V_OCSP_RESPID_KEY) { *pid = rid->value.byKey; *pname = NULL; } else { return 0; } return 1; } /* Look single response matching a given certificate ID */ int OCSP_resp_find(OCSP_BASICRESP *bs, OCSP_CERTID *id, int last) Loading doc/crypto/OCSP_resp_find_status.pod +13 −0 Original line number Diff line number Diff line Loading @@ -27,6 +27,12 @@ OCSP_single_get0_status, OCSP_check_validity ASN1_GENERALIZEDTIME *OCSP_resp_get0_produced_at(OCSP_BASICRESP* single); const STACK_OF(X509) *OCSP_resp_get0_certs(const OCSP_BASICRESP *bs); int OCSP_resp_get0_id(const OCSP_BASICRESP *bs, const ASN1_OCTET_STRING **pid, const X509_NAME **pname); int OCSP_check_validity(ASN1_GENERALIZEDTIME *thisupd, ASN1_GENERALIZEDTIME *nextupd, long sec, long maxsec); Loading Loading @@ -61,6 +67,13 @@ B<*revtime>, B<*thisupd> and B<*nextupd>. OCSP_resp_get0_produced_at() extracts the B<producedAt> field from the single response B<bs>. OCSP_resp_get0_certs() returns any certificates included in B<bs>. OCSP_resp_get0_id() gets the responder id of <bs>. If the responder ID is a name then <*pname> is set to the name and B<*pid> is set to NULL. If the responder ID is by key ID then B<*pid> is set to the key ID and B<*pname> is set to NULL. OCSP_check_validity() checks the validity of B<thisupd> and B<nextupd> values which will be typically obtained from OCSP_resp_find_status() or OCSP_single_get0_status(). If B<sec> is non-zero it indicates how many seconds Loading include/openssl/ocsp.h +5 −0 Original line number Diff line number Diff line Loading @@ -213,6 +213,11 @@ ASN1_OCTET_STRING *OCSP_resp_get0_signature(OCSP_BASICRESP *bs); int OCSP_resp_count(OCSP_BASICRESP *bs); OCSP_SINGLERESP *OCSP_resp_get0(OCSP_BASICRESP *bs, int idx); ASN1_GENERALIZEDTIME *OCSP_resp_get0_produced_at(OCSP_BASICRESP* bs); const STACK_OF(X509) *OCSP_resp_get0_certs(const OCSP_BASICRESP *bs); int OCSP_resp_get0_id(const OCSP_BASICRESP *bs, const ASN1_OCTET_STRING **pid, const X509_NAME **pname); int OCSP_resp_find(OCSP_BASICRESP *bs, OCSP_CERTID *id, int last); int OCSP_single_get0_status(OCSP_SINGLERESP *single, int *reason, ASN1_GENERALIZEDTIME **revtime, Loading Loading
crypto/ocsp/ocsp_cl.c +23 −0 Original line number Diff line number Diff line Loading @@ -191,6 +191,29 @@ ASN1_GENERALIZEDTIME *OCSP_resp_get0_produced_at(OCSP_BASICRESP* bs) return bs->tbsResponseData.producedAt; } const STACK_OF(X509) *OCSP_resp_get0_certs(const OCSP_BASICRESP *bs) { return bs->certs; } int OCSP_resp_get0_id(const OCSP_BASICRESP *bs, const ASN1_OCTET_STRING **pid, const X509_NAME **pname) { const OCSP_RESPID *rid = &bs->tbsResponseData.responderId; if (rid->type == V_OCSP_RESPID_NAME) { *pname = rid->value.byName; *pid = NULL; } else if (rid->type == V_OCSP_RESPID_KEY) { *pid = rid->value.byKey; *pname = NULL; } else { return 0; } return 1; } /* Look single response matching a given certificate ID */ int OCSP_resp_find(OCSP_BASICRESP *bs, OCSP_CERTID *id, int last) Loading
doc/crypto/OCSP_resp_find_status.pod +13 −0 Original line number Diff line number Diff line Loading @@ -27,6 +27,12 @@ OCSP_single_get0_status, OCSP_check_validity ASN1_GENERALIZEDTIME *OCSP_resp_get0_produced_at(OCSP_BASICRESP* single); const STACK_OF(X509) *OCSP_resp_get0_certs(const OCSP_BASICRESP *bs); int OCSP_resp_get0_id(const OCSP_BASICRESP *bs, const ASN1_OCTET_STRING **pid, const X509_NAME **pname); int OCSP_check_validity(ASN1_GENERALIZEDTIME *thisupd, ASN1_GENERALIZEDTIME *nextupd, long sec, long maxsec); Loading Loading @@ -61,6 +67,13 @@ B<*revtime>, B<*thisupd> and B<*nextupd>. OCSP_resp_get0_produced_at() extracts the B<producedAt> field from the single response B<bs>. OCSP_resp_get0_certs() returns any certificates included in B<bs>. OCSP_resp_get0_id() gets the responder id of <bs>. If the responder ID is a name then <*pname> is set to the name and B<*pid> is set to NULL. If the responder ID is by key ID then B<*pid> is set to the key ID and B<*pname> is set to NULL. OCSP_check_validity() checks the validity of B<thisupd> and B<nextupd> values which will be typically obtained from OCSP_resp_find_status() or OCSP_single_get0_status(). If B<sec> is non-zero it indicates how many seconds Loading
include/openssl/ocsp.h +5 −0 Original line number Diff line number Diff line Loading @@ -213,6 +213,11 @@ ASN1_OCTET_STRING *OCSP_resp_get0_signature(OCSP_BASICRESP *bs); int OCSP_resp_count(OCSP_BASICRESP *bs); OCSP_SINGLERESP *OCSP_resp_get0(OCSP_BASICRESP *bs, int idx); ASN1_GENERALIZEDTIME *OCSP_resp_get0_produced_at(OCSP_BASICRESP* bs); const STACK_OF(X509) *OCSP_resp_get0_certs(const OCSP_BASICRESP *bs); int OCSP_resp_get0_id(const OCSP_BASICRESP *bs, const ASN1_OCTET_STRING **pid, const X509_NAME **pname); int OCSP_resp_find(OCSP_BASICRESP *bs, OCSP_CERTID *id, int last); int OCSP_single_get0_status(OCSP_SINGLERESP *single, int *reason, ASN1_GENERALIZEDTIME **revtime, Loading
Rich Salz <rsalz@openssl.org>Rich Salz <rsalz@openssl.org>