Loading CHANGES +4 −0 Original line number Diff line number Diff line Loading @@ -3,6 +3,10 @@ Changes between 0.9.6 and 0.9.7 [xx XXX 2000] *) New function OCSP_copy_nonce() to copy nonce value (if present) from request to response. [Steve Henson] *) Functions for OCSP responders. OCSP_request_onereq_count(), OCSP_request_onereq_get0(), OCSP_onereq_get0_id() and OCSP_id_get0_info() extract information from a certificate request. OCSP_response_create() Loading crypto/ocsp/ocsp.h +3 −2 Original line number Diff line number Diff line Loading @@ -412,11 +412,12 @@ OCSP_CERTID *OCSP_cert_id_new(const EVP_MD *dgst, ASN1_BIT_STRING* issuerKey, ASN1_INTEGER *serialNumber); OCSP_CERTSTATUS *OCSP_cert_status_new(int status, int reason, char *tim); OCSP_ONEREQ *OCSP_request_add0_id(OCSP_REQUEST *req, OCSP_CERTID *cid); int OCSP_request_add1_nonce(OCSP_REQUEST *req, unsigned char *val, int len); int OCSP_check_nonce(OCSP_REQUEST *req, OCSP_BASICRESP *bs); int OCSP_copy_nonce(OCSP_BASICRESP *resp, OCSP_REQUEST *req); int OCSP_request_set1_name(OCSP_REQUEST *req, X509_NAME *nm); int OCSP_request_add1_cert(OCSP_REQUEST *req, X509 *cert); Loading crypto/ocsp/ocsp_ext.c +14 −10 Original line number Diff line number Diff line Loading @@ -371,16 +371,20 @@ int OCSP_check_nonce(OCSP_REQUEST *req, OCSP_BASICRESP *bs) return ret; } X509_EXTENSION *OCSP_nonce_new(void *p, unsigned int len) /* Copy the nonce value (if any) from an OCSP request to * a response. */ int OCSP_copy_nonce(OCSP_BASICRESP *resp, OCSP_REQUEST *req) { X509_EXTENSION *x=NULL; if (!(x = X509_EXTENSION_new())) goto err; if (!(x->object = OBJ_nid2obj(NID_id_pkix_OCSP_Nonce))) goto err; if (!(ASN1_OCTET_STRING_set(x->value, p, len))) goto err; return x; err: if (x) X509_EXTENSION_free(x); return NULL; X509_EXTENSION *req_ext; int req_idx; /* Check for nonce in request */ req_idx = OCSP_REQUEST_get_ext_by_NID(req, NID_id_pkix_OCSP_Nonce, -1); /* If no nonce that's OK */ if (req_idx < 0) return 2; req_ext = OCSP_REQUEST_get_ext(req, req_idx); return OCSP_BASICRESP_add_ext(resp, req_ext, -1); } X509_EXTENSION *OCSP_crlID_new(char *url, long *n, char *tim) Loading Loading
CHANGES +4 −0 Original line number Diff line number Diff line Loading @@ -3,6 +3,10 @@ Changes between 0.9.6 and 0.9.7 [xx XXX 2000] *) New function OCSP_copy_nonce() to copy nonce value (if present) from request to response. [Steve Henson] *) Functions for OCSP responders. OCSP_request_onereq_count(), OCSP_request_onereq_get0(), OCSP_onereq_get0_id() and OCSP_id_get0_info() extract information from a certificate request. OCSP_response_create() Loading
crypto/ocsp/ocsp.h +3 −2 Original line number Diff line number Diff line Loading @@ -412,11 +412,12 @@ OCSP_CERTID *OCSP_cert_id_new(const EVP_MD *dgst, ASN1_BIT_STRING* issuerKey, ASN1_INTEGER *serialNumber); OCSP_CERTSTATUS *OCSP_cert_status_new(int status, int reason, char *tim); OCSP_ONEREQ *OCSP_request_add0_id(OCSP_REQUEST *req, OCSP_CERTID *cid); int OCSP_request_add1_nonce(OCSP_REQUEST *req, unsigned char *val, int len); int OCSP_check_nonce(OCSP_REQUEST *req, OCSP_BASICRESP *bs); int OCSP_copy_nonce(OCSP_BASICRESP *resp, OCSP_REQUEST *req); int OCSP_request_set1_name(OCSP_REQUEST *req, X509_NAME *nm); int OCSP_request_add1_cert(OCSP_REQUEST *req, X509 *cert); Loading
crypto/ocsp/ocsp_ext.c +14 −10 Original line number Diff line number Diff line Loading @@ -371,16 +371,20 @@ int OCSP_check_nonce(OCSP_REQUEST *req, OCSP_BASICRESP *bs) return ret; } X509_EXTENSION *OCSP_nonce_new(void *p, unsigned int len) /* Copy the nonce value (if any) from an OCSP request to * a response. */ int OCSP_copy_nonce(OCSP_BASICRESP *resp, OCSP_REQUEST *req) { X509_EXTENSION *x=NULL; if (!(x = X509_EXTENSION_new())) goto err; if (!(x->object = OBJ_nid2obj(NID_id_pkix_OCSP_Nonce))) goto err; if (!(ASN1_OCTET_STRING_set(x->value, p, len))) goto err; return x; err: if (x) X509_EXTENSION_free(x); return NULL; X509_EXTENSION *req_ext; int req_idx; /* Check for nonce in request */ req_idx = OCSP_REQUEST_get_ext_by_NID(req, NID_id_pkix_OCSP_Nonce, -1); /* If no nonce that's OK */ if (req_idx < 0) return 2; req_ext = OCSP_REQUEST_get_ext(req, req_idx); return OCSP_BASICRESP_add_ext(resp, req_ext, -1); } X509_EXTENSION *OCSP_crlID_new(char *url, long *n, char *tim) Loading
