wolf SSL
/
wolfSSL
Important changes to repositories hosted on mbed.com
Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.
To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.
It is also possible to export all your personal repositories from the account settings page.
Dependents: CyaSSL-Twitter-OAuth4Tw Example-client-tls-cert TwitterReader TweetTest ... more
Embed:
(wiki syntax)
Show/hide line numbers
ocsp.h
00001 /* ocsp.h 00002 * 00003 * Copyright (C) 2006-2020 wolfSSL Inc. 00004 * 00005 * This file is part of wolfSSL. 00006 * 00007 * wolfSSL is free software; you can redistribute it and/or modify 00008 * it under the terms of the GNU General Public License as published by 00009 * the Free Software Foundation; either version 2 of the License, or 00010 * (at your option) any later version. 00011 * 00012 * wolfSSL is distributed in the hope that it will be useful, 00013 * but WITHOUT ANY WARRANTY; without even the implied warranty of 00014 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 00015 * GNU General Public License for more details. 00016 * 00017 * You should have received a copy of the GNU General Public License 00018 * along with this program; if not, write to the Free Software 00019 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA 00020 */ 00021 00022 00023 00024 /* wolfSSL OCSP API */ 00025 00026 #ifndef WOLFSSL_OCSP_H 00027 #define WOLFSSL_OCSP_H 00028 00029 #ifdef HAVE_OCSP 00030 00031 #include <wolfssl/ssl.h> 00032 #include <wolfssl/wolfcrypt/asn.h > 00033 00034 #ifdef __cplusplus 00035 extern "C" { 00036 #endif 00037 00038 typedef struct WOLFSSL_OCSP WOLFSSL_OCSP; 00039 00040 #if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA) || defined(WOLFSSL_NGINX) ||\ 00041 defined(WOLFSSL_HAPROXY) 00042 typedef struct OcspResponse WOLFSSL_OCSP_BASICRESP; 00043 00044 typedef struct OcspRequest WOLFSSL_OCSP_CERTID; 00045 00046 typedef struct OcspRequest WOLFSSL_OCSP_ONEREQ; 00047 00048 typedef struct OcspRequest WOLFSSL_OCSP_REQUEST; 00049 #endif 00050 00051 WOLFSSL_LOCAL int InitOCSP(WOLFSSL_OCSP*, WOLFSSL_CERT_MANAGER*); 00052 WOLFSSL_LOCAL void FreeOCSP(WOLFSSL_OCSP*, int dynamic); 00053 00054 WOLFSSL_LOCAL int CheckCertOCSP(WOLFSSL_OCSP*, DecodedCert*, 00055 WOLFSSL_BUFFER_INFO* responseBuffer); 00056 WOLFSSL_LOCAL int CheckCertOCSP_ex(WOLFSSL_OCSP*, DecodedCert*, 00057 WOLFSSL_BUFFER_INFO* responseBuffer, WOLFSSL* ssl); 00058 WOLFSSL_LOCAL int CheckOcspRequest(WOLFSSL_OCSP* ocsp, 00059 OcspRequest* ocspRequest, WOLFSSL_BUFFER_INFO* responseBuffer); 00060 WOLFSSL_LOCAL int CheckOcspResponse(WOLFSSL_OCSP *ocsp, byte *response, int responseSz, 00061 WOLFSSL_BUFFER_INFO *responseBuffer, CertStatus *status, 00062 OcspEntry *entry, OcspRequest *ocspRequest); 00063 00064 #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) || \ 00065 defined(WOLFSSL_APACHE_HTTPD) 00066 00067 WOLFSSL_API int wolfSSL_OCSP_resp_find_status(WOLFSSL_OCSP_BASICRESP *bs, 00068 WOLFSSL_OCSP_CERTID *id, int *status, int *reason, 00069 WOLFSSL_ASN1_TIME **revtime, WOLFSSL_ASN1_TIME **thisupd, 00070 WOLFSSL_ASN1_TIME **nextupd); 00071 WOLFSSL_API const char *wolfSSL_OCSP_cert_status_str(long s); 00072 WOLFSSL_API int wolfSSL_OCSP_check_validity(WOLFSSL_ASN1_TIME* thisupd, 00073 WOLFSSL_ASN1_TIME* nextupd, long sec, long maxsec); 00074 00075 WOLFSSL_API void wolfSSL_OCSP_CERTID_free(WOLFSSL_OCSP_CERTID* certId); 00076 WOLFSSL_API WOLFSSL_OCSP_CERTID* wolfSSL_OCSP_cert_to_id( 00077 const WOLFSSL_EVP_MD *dgst, const WOLFSSL_X509 *subject, 00078 const WOLFSSL_X509 *issuer); 00079 00080 WOLFSSL_API void wolfSSL_OCSP_BASICRESP_free(WOLFSSL_OCSP_BASICRESP* basicResponse); 00081 WOLFSSL_API int wolfSSL_OCSP_basic_verify(WOLFSSL_OCSP_BASICRESP *bs, 00082 WOLF_STACK_OF(WOLFSSL_X509) *certs, WOLFSSL_X509_STORE *st, unsigned long flags); 00083 00084 WOLFSSL_API void wolfSSL_OCSP_RESPONSE_free(OcspResponse* response); 00085 WOLFSSL_API OcspResponse* wolfSSL_d2i_OCSP_RESPONSE_bio(WOLFSSL_BIO* bio, 00086 OcspResponse** response); 00087 WOLFSSL_API OcspResponse* wolfSSL_d2i_OCSP_RESPONSE(OcspResponse** response, 00088 const unsigned char** data, int len); 00089 WOLFSSL_API int wolfSSL_i2d_OCSP_RESPONSE(OcspResponse* response, 00090 unsigned char** data); 00091 WOLFSSL_API int wolfSSL_OCSP_response_status(OcspResponse *response); 00092 WOLFSSL_API const char *wolfSSL_OCSP_response_status_str(long s); 00093 WOLFSSL_API WOLFSSL_OCSP_BASICRESP* wolfSSL_OCSP_response_get1_basic( 00094 OcspResponse* response); 00095 00096 WOLFSSL_API OcspRequest* wolfSSL_OCSP_REQUEST_new(void); 00097 WOLFSSL_API void wolfSSL_OCSP_REQUEST_free(OcspRequest* request); 00098 WOLFSSL_API int wolfSSL_i2d_OCSP_REQUEST(OcspRequest* request, 00099 unsigned char** data); 00100 WOLFSSL_API WOLFSSL_OCSP_ONEREQ* wolfSSL_OCSP_request_add0_id(OcspRequest *req, 00101 WOLFSSL_OCSP_CERTID *cid); 00102 WOLFSSL_API WOLFSSL_OCSP_CERTID* wolfSSL_OCSP_CERTID_dup(WOLFSSL_OCSP_CERTID*); 00103 WOLFSSL_API int wolfSSL_i2d_OCSP_REQUEST_bio(WOLFSSL_BIO* out, 00104 WOLFSSL_OCSP_REQUEST *req); 00105 00106 #endif 00107 #ifdef OPENSSL_EXTRA 00108 WOLFSSL_API int wolfSSL_OCSP_REQUEST_add_ext(OcspRequest* req, 00109 WOLFSSL_X509_EXTENSION* ext, int idx); 00110 WOLFSSL_API OcspResponse* wolfSSL_OCSP_response_create(int status, 00111 WOLFSSL_OCSP_BASICRESP* bs); 00112 WOLFSSL_API const char* wolfSSL_OCSP_crl_reason_str(long s); 00113 00114 WOLFSSL_API int wolfSSL_OCSP_id_get0_info(WOLFSSL_ASN1_STRING**, 00115 WOLFSSL_ASN1_OBJECT**, WOLFSSL_ASN1_STRING**, 00116 WOLFSSL_ASN1_INTEGER**, WOLFSSL_OCSP_CERTID*); 00117 00118 WOLFSSL_API int wolfSSL_OCSP_request_add1_nonce(OcspRequest* req, 00119 unsigned char* val, int sz); 00120 WOLFSSL_API int wolfSSL_OCSP_check_nonce(OcspRequest* req, 00121 WOLFSSL_OCSP_BASICRESP* bs); 00122 #endif 00123 00124 00125 #ifdef __cplusplus 00126 } /* extern "C" */ 00127 #endif 00128 00129 00130 #endif /* HAVE_OCSP */ 00131 #endif /* WOLFSSL_OCSP_H */ 00132 00133 00134
Generated on Tue Jul 12 2022 20:58:40 by
1.7.2