/*
- * Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved.
*
- * Licensed under the OpenSSL license (the "License"). You may not use
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
#include <stdio.h>
#include <time.h>
#include "internal/cryptlib.h"
+#include <openssl/asn1.h>
#include <openssl/objects.h>
#include <openssl/x509.h>
#include <openssl/pem.h>
#include <openssl/x509v3.h>
#include <openssl/ocsp.h>
-#include "ocsp_lcl.h"
+#include "ocsp_local.h"
+
+DEFINE_STACK_OF(OCSP_ONEREQ)
+DEFINE_STACK_OF(OCSP_SINGLERESP)
/*
* Utility functions related to sending OCSP requests and extracting relevant
/* Set requestorName from an X509_NAME structure */
-int OCSP_request_set1_name(OCSP_REQUEST *req, X509_NAME *nm)
+int OCSP_request_set1_name(OCSP_REQUEST *req, const X509_NAME *nm)
{
GENERAL_NAME *gen;
return 0;
if (cert == NULL)
return 1;
- if (sig->certs == NULL
- && (sig->certs = sk_X509_new_null()) == NULL)
- return 0;
-
- if (!sk_X509_push(sig->certs, cert))
- return 0;
- X509_up_ref(cert);
- return 1;
+ return X509_add_cert_new(&sig->certs, cert, X509_ADD_FLAG_UP_REF);
}
/*
return bs->signature;
}
+const X509_ALGOR *OCSP_resp_get0_tbs_sigalg(const OCSP_BASICRESP *bs)
+{
+ return &bs->signatureAlgorithm;
+}
+
+const OCSP_RESPDATA *OCSP_resp_get0_respdata(const OCSP_BASICRESP *bs)
+{
+ return &bs->tbsResponseData;
+}
+
/*
* Return number of OCSP_SINGLERESP responses present in a basic response.
*/
int OCSP_resp_get0_id(const OCSP_BASICRESP *bs,
const ASN1_OCTET_STRING **pid,
const X509_NAME **pname)
-
{
const OCSP_RESPID *rid = &bs->tbsResponseData.responderId;
+
if (rid->type == V_OCSP_RESPID_NAME) {
*pname = rid->value.byName;
*pid = NULL;
return 1;
}
+int OCSP_resp_get1_id(const OCSP_BASICRESP *bs,
+ ASN1_OCTET_STRING **pid,
+ X509_NAME **pname)
+{
+ const OCSP_RESPID *rid = &bs->tbsResponseData.responderId;
+
+ if (rid->type == V_OCSP_RESPID_NAME) {
+ *pname = X509_NAME_dup(rid->value.byName);
+ *pid = NULL;
+ } else if (rid->type == V_OCSP_RESPID_KEY) {
+ *pid = ASN1_OCTET_STRING_dup(rid->value.byKey);
+ *pname = NULL;
+ } else {
+ return 0;
+ }
+ if (*pname == NULL && *pid == NULL)
+ return 0;
+ return 1;
+}
+
/* Look single response matching a given certificate ID */
int OCSP_resp_find(OCSP_BASICRESP *bs, OCSP_CERTID *id, int last)