git.openssl.org Git - openssl.git/commit

author	David Cooper <david.cooper@nist.gov>
	Fri, 18 Aug 2017 13:27:19 +0000 (09:27 -0400)
committer	Matt Caswell <matt@openssl.org>
	Wed, 24 Jan 2018 18:30:31 +0000 (18:30 +0000)
commit	b4dd21a7b8b850a39b0f610fceca21557853c943
tree	fa51e54fae522f19759f48211061263a8c7b8758	tree \| snapshot
parent	a26dd465b21d8def440c16b6bd90227b03e12e02	commit \| diff

Add -rsigopt option to ocsp command

Add a -rsigopt option to the ocsp command that allows signature parameters to be provided for the signing of OCSP responses. The parameters that may be provided to -rsigopt are the same as may be provided to -sigopt in the ca, req, and x509 commands.

This PR also defines a OCSP_basic_sign_ctx() function, which functions in the same way as OCSP_basic_sign(), except that it accepts a EVP_MD_CTX rather than a key and digest. The OCSP_basic_sign_ctx() function is used to implement the -rsigopt option in the ocsp command.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4190)

apps/ocsp.c		diff \| blob \| history
crypto/ocsp/ocsp_err.c		diff \| blob \| history
crypto/ocsp/ocsp_lcl.h		diff \| blob \| history
crypto/ocsp/ocsp_srv.c		diff \| blob \| history
include/openssl/ocsp.h		diff \| blob \| history
include/openssl/ocsperr.h		diff \| blob \| history
util/libcrypto.num		diff \| blob \| history