Skip to content

Commit

Permalink
add getter for tbsResponseData and signatureAlgorithm on OCSP_BASICRESP
Browse files Browse the repository at this point in the history 
fixes #7081

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from #7082)
  • Loading branch information
@reaperhulk @mspncp
reaperhulk authored and mspncp committed Sep 3, 2018
1 parent f2ce14d commit 9ba3012
Show file tree
Hide file tree
Showing 4 changed files with 22 additions and 0 deletions.
10 changes: 10 additions & 0 deletions crypto/ocsp/ocsp_cl.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -166,6 +166,16 @@ const ASN1_OCTET_STRING *OCSP_resp_get0_signature(const OCSP_BASICRESP *bs)
return bs->signature;
}

const X509_ALGOR *OCSP_resp_get0_tbs_sigalg(const OCSP_BASICRESP *bs)
{
return &bs->signatureAlgorithm;
}

const OCSP_RESPDATA *OCSP_resp_get0_respdata(const OCSP_BASICRESP *bs)
{
return &bs->tbsResponseData;
}

/*
* Return number of OCSP_SINGLERESP responses present in a basic response.
*/
Expand Down
8 changes: 8 additions & 0 deletions doc/crypto/OCSP_resp_find_status.pod
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,8 @@ OCSP_resp_get0_certs,
OCSP_resp_get0_signer,
OCSP_resp_get0_id,
OCSP_resp_get0_produced_at,
OCSP_resp_get0_tbs_sigalg,
OCSP_resp_get0_respdata,
OCSP_resp_find_status, OCSP_resp_count, OCSP_resp_get0, OCSP_resp_find,
OCSP_single_get0_status, OCSP_check_validity,
OCSP_basic_verify
Expand All @@ -32,6 +34,8 @@ OCSP_basic_verify
const ASN1_GENERALIZEDTIME *OCSP_resp_get0_produced_at(
const OCSP_BASICRESP* single);

const X509_ALGOR *OCSP_resp_get0_tbs_sigalg(const OCSP_BASICRESP *bs);
const OCSP_RESPDATA *OCSP_resp_get0_respdata(const OCSP_BASICRESP *bs);
const STACK_OF(X509) *OCSP_resp_get0_certs(const OCSP_BASICRESP *bs);

int OCSP_resp_get0_signer(OCSP_BASICRESP *bs, X509 **signer,
Expand Down Expand Up @@ -78,6 +82,10 @@ B<*revtime>, B<*thisupd> and B<*nextupd>.
OCSP_resp_get0_produced_at() extracts the B<producedAt> field from the
single response B<bs>.

OCSP_resp_get0_tbs_sigalg() returns the B<signatureAlgorithm> from B<bs>.

OCSP_resp_get0_respdata() returns the B<tbsResponseData> from B<bs>.

OCSP_resp_get0_certs() returns any certificates included in B<bs>.

OCSP_resp_get0_signer() attempts to retrieve the certificate that directly
Expand Down
2 changes: 2 additions & 0 deletions include/openssl/ocsp.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -194,6 +194,8 @@ int OCSP_response_status(OCSP_RESPONSE *resp);
OCSP_BASICRESP *OCSP_response_get1_basic(OCSP_RESPONSE *resp);

const ASN1_OCTET_STRING *OCSP_resp_get0_signature(const OCSP_BASICRESP *bs);
const X509_ALGOR *OCSP_resp_get0_tbs_sigalg(const OCSP_BASICRESP *bs);
const OCSP_RESPDATA *OCSP_resp_get0_respdata(const OCSP_BASICRESP *bs);
int OCSP_resp_get0_signer(OCSP_BASICRESP *bs, X509 **signer,
STACK_OF(X509) *extra_certs);

Expand Down
2 changes: 2 additions & 0 deletions util/libcrypto.num
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4263,3 +4263,5 @@ X509_OBJECT_set1_X509 4514 1_1_0i EXIST::FUNCTION:
X509_LOOKUP_meth_get_get_by_issuer_serial 4515 1_1_0i EXIST::FUNCTION:
X509_LOOKUP_meth_set_init 4516 1_1_0i EXIST::FUNCTION:
X509_OBJECT_set1_X509_CRL 4517 1_1_0i EXIST::FUNCTION:
OCSP_resp_get0_tbs_sigalg 4529 1_1_0j EXIST::FUNCTION:OCSP
OCSP_resp_get0_respdata 4530 1_1_0j EXIST::FUNCTION:OCSP

0 comments on commit 9ba3012

Please sign in to comment.