From: Paul Kehrer Date: Sat, 1 Sep 2018 04:05:55 +0000 (-0400) Subject: add getter for tbsResponseData and signatureAlgorithm on OCSP_BASICRESP X-Git-Tag: OpenSSL_1_1_1~68 X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff_plain;h=20c36721747d8dd383115b1843f14f677177d97d;hp=6bcfcf16bf6aef4f9ec267d8b86ae1bffd8deab9 add getter for tbsResponseData and signatureAlgorithm on OCSP_BASICRESP fixes #7081 Reviewed-by: Paul Dale Reviewed-by: Matthias St. Pierre (Merged from https://github.com/openssl/openssl/pull/7082) --- diff --git a/crypto/ocsp/ocsp_cl.c b/crypto/ocsp/ocsp_cl.c index f6101e1532..33ef9bbb20 100644 --- a/crypto/ocsp/ocsp_cl.c +++ b/crypto/ocsp/ocsp_cl.c @@ -167,6 +167,16 @@ const ASN1_OCTET_STRING *OCSP_resp_get0_signature(const OCSP_BASICRESP *bs) return bs->signature; } +const X509_ALGOR *OCSP_resp_get0_tbs_sigalg(const OCSP_BASICRESP *bs) +{ + return &bs->signatureAlgorithm; +} + +const OCSP_RESPDATA *OCSP_resp_get0_respdata(const OCSP_BASICRESP *bs) +{ + return &bs->tbsResponseData; +} + /* * Return number of OCSP_SINGLERESP responses present in a basic response. */ diff --git a/doc/man3/OCSP_resp_find_status.pod b/doc/man3/OCSP_resp_find_status.pod index 1bbc4e324c..6aa192d8a8 100644 --- a/doc/man3/OCSP_resp_find_status.pod +++ b/doc/man3/OCSP_resp_find_status.pod @@ -7,6 +7,8 @@ OCSP_resp_get0_signer, OCSP_resp_get0_id, OCSP_resp_get1_id, OCSP_resp_get0_produced_at, +OCSP_resp_get0_tbs_sigalg, +OCSP_resp_get0_respdata, OCSP_resp_find_status, OCSP_resp_count, OCSP_resp_get0, OCSP_resp_find, OCSP_single_get0_status, OCSP_check_validity, OCSP_basic_verify @@ -33,6 +35,8 @@ OCSP_basic_verify const ASN1_GENERALIZEDTIME *OCSP_resp_get0_produced_at( const OCSP_BASICRESP* single); + const X509_ALGOR *OCSP_resp_get0_tbs_sigalg(const OCSP_BASICRESP *bs); + const OCSP_RESPDATA *OCSP_resp_get0_respdata(const OCSP_BASICRESP *bs); const STACK_OF(X509) *OCSP_resp_get0_certs(const OCSP_BASICRESP *bs); int OCSP_resp_get0_signer(OCSP_BASICRESP *bs, X509 **signer, @@ -82,6 +86,10 @@ B<*revtime>, B<*thisupd> and B<*nextupd>. OCSP_resp_get0_produced_at() extracts the B field from the single response B. +OCSP_resp_get0_tbs_sigalg() returns the B from B. + +OCSP_resp_get0_respdata() returns the B from B. + OCSP_resp_get0_certs() returns any certificates included in B. OCSP_resp_get0_signer() attempts to retrieve the certificate that directly diff --git a/include/openssl/ocsp.h b/include/openssl/ocsp.h index 9c2698a4e3..937b32271b 100644 --- a/include/openssl/ocsp.h +++ b/include/openssl/ocsp.h @@ -197,6 +197,8 @@ int OCSP_response_status(OCSP_RESPONSE *resp); OCSP_BASICRESP *OCSP_response_get1_basic(OCSP_RESPONSE *resp); const ASN1_OCTET_STRING *OCSP_resp_get0_signature(const OCSP_BASICRESP *bs); +const X509_ALGOR *OCSP_resp_get0_tbs_sigalg(const OCSP_BASICRESP *bs); +const OCSP_RESPDATA *OCSP_resp_get0_respdata(const OCSP_BASICRESP *bs); int OCSP_resp_get0_signer(OCSP_BASICRESP *bs, X509 **signer, STACK_OF(X509) *extra_certs); diff --git a/util/libcrypto.num b/util/libcrypto.num index d69a6dcf68..81171fe2dc 100644 --- a/util/libcrypto.num +++ b/util/libcrypto.num @@ -4572,3 +4572,5 @@ EC_POINT_set_affine_coordinates 4525 1_1_1 EXIST::FUNCTION:EC EC_POINT_get_affine_coordinates 4526 1_1_1 EXIST::FUNCTION:EC EC_GROUP_set_curve 4527 1_1_1 EXIST::FUNCTION:EC EC_GROUP_get_curve 4528 1_1_1 EXIST::FUNCTION:EC +OCSP_resp_get0_tbs_sigalg 4529 1_1_0j EXIST::FUNCTION:OCSP +OCSP_resp_get0_respdata 4530 1_1_0j EXIST::FUNCTION:OCSP