The branch OpenSSL_1_1_0-stable has been updated via b50c9f3be062f3af1f6261c87ddb0fbbcb682d09 (commit) via 9ba3012387e9b7c93d864fe757290726f92cf6e9 (commit) from f2ce14d6cfa83c16b36319d71b245a388ddcc1ce (commit)
- Log ----------------------------------------------------------------- commit b50c9f3be062f3af1f6261c87ddb0fbbcb682d09 Author: Paul Kehrer <paul.l.keh...@gmail.com> Date: Sat Sep 1 10:50:28 2018 -0400 add docs for OCSP_resp_get0_signature Reviewed-by: Paul Dale <paul.d...@oracle.com> Reviewed-by: Matthias St. Pierre <matthias.st.pie...@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/7082) commit 9ba3012387e9b7c93d864fe757290726f92cf6e9 Author: Paul Kehrer <paul.l.keh...@gmail.com> Date: Sat Sep 1 00:05:55 2018 -0400 add getter for tbsResponseData and signatureAlgorithm on OCSP_BASICRESP fixes #7081 Reviewed-by: Paul Dale <paul.d...@oracle.com> Reviewed-by: Matthias St. Pierre <matthias.st.pie...@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/7082) ----------------------------------------------------------------------- Summary of changes: crypto/ocsp/ocsp_cl.c | 10 ++++++++++ doc/crypto/OCSP_resp_find_status.pod | 12 ++++++++++++ include/openssl/ocsp.h | 2 ++ util/libcrypto.num | 2 ++ 4 files changed, 26 insertions(+) diff --git a/crypto/ocsp/ocsp_cl.c b/crypto/ocsp/ocsp_cl.c index a42b80f..5d99ae3 100644 --- a/crypto/ocsp/ocsp_cl.c +++ b/crypto/ocsp/ocsp_cl.c @@ -166,6 +166,16 @@ const ASN1_OCTET_STRING *OCSP_resp_get0_signature(const OCSP_BASICRESP *bs) return bs->signature; } +const X509_ALGOR *OCSP_resp_get0_tbs_sigalg(const OCSP_BASICRESP *bs) +{ + return &bs->signatureAlgorithm; +} + +const OCSP_RESPDATA *OCSP_resp_get0_respdata(const OCSP_BASICRESP *bs) +{ + return &bs->tbsResponseData; +} + /* * Return number of OCSP_SINGLERESP responses present in a basic response. */ diff --git a/doc/crypto/OCSP_resp_find_status.pod b/doc/crypto/OCSP_resp_find_status.pod index e014df5..a4e3c1c 100644 --- a/doc/crypto/OCSP_resp_find_status.pod +++ b/doc/crypto/OCSP_resp_find_status.pod @@ -6,6 +6,9 @@ OCSP_resp_get0_certs, OCSP_resp_get0_signer, OCSP_resp_get0_id, OCSP_resp_get0_produced_at, +OCSP_resp_get0_signature, +OCSP_resp_get0_tbs_sigalg, +OCSP_resp_get0_respdata, OCSP_resp_find_status, OCSP_resp_count, OCSP_resp_get0, OCSP_resp_find, OCSP_single_get0_status, OCSP_check_validity, OCSP_basic_verify @@ -32,6 +35,9 @@ OCSP_basic_verify const ASN1_GENERALIZEDTIME *OCSP_resp_get0_produced_at( const OCSP_BASICRESP* single); + const ASN1_OCTET_STRING *OCSP_resp_get0_signature(const OCSP_BASICRESP *bs); + const X509_ALGOR *OCSP_resp_get0_tbs_sigalg(const OCSP_BASICRESP *bs); + const OCSP_RESPDATA *OCSP_resp_get0_respdata(const OCSP_BASICRESP *bs); const STACK_OF(X509) *OCSP_resp_get0_certs(const OCSP_BASICRESP *bs); int OCSP_resp_get0_signer(OCSP_BASICRESP *bs, X509 **signer, @@ -78,6 +84,12 @@ B<*revtime>, B<*thisupd> and B<*nextupd>. OCSP_resp_get0_produced_at() extracts the B<producedAt> field from the single response B<bs>. +OCSP_resp_get0_signature() returns the signature from B<bs>. + +OCSP_resp_get0_tbs_sigalg() returns the B<signatureAlgorithm> from B<bs>. + +OCSP_resp_get0_respdata() returns the B<tbsResponseData> from B<bs>. + OCSP_resp_get0_certs() returns any certificates included in B<bs>. OCSP_resp_get0_signer() attempts to retrieve the certificate that directly diff --git a/include/openssl/ocsp.h b/include/openssl/ocsp.h index 90ebe5c..fd172fb 100644 --- a/include/openssl/ocsp.h +++ b/include/openssl/ocsp.h @@ -194,6 +194,8 @@ int OCSP_response_status(OCSP_RESPONSE *resp); OCSP_BASICRESP *OCSP_response_get1_basic(OCSP_RESPONSE *resp); const ASN1_OCTET_STRING *OCSP_resp_get0_signature(const OCSP_BASICRESP *bs); +const X509_ALGOR *OCSP_resp_get0_tbs_sigalg(const OCSP_BASICRESP *bs); +const OCSP_RESPDATA *OCSP_resp_get0_respdata(const OCSP_BASICRESP *bs); int OCSP_resp_get0_signer(OCSP_BASICRESP *bs, X509 **signer, STACK_OF(X509) *extra_certs); diff --git a/util/libcrypto.num b/util/libcrypto.num index 51f1d7d..c0fe79d 100644 --- a/util/libcrypto.num +++ b/util/libcrypto.num @@ -4263,3 +4263,5 @@ X509_OBJECT_set1_X509 4514 1_1_0i EXIST::FUNCTION: X509_LOOKUP_meth_get_get_by_issuer_serial 4515 1_1_0i EXIST::FUNCTION: X509_LOOKUP_meth_set_init 4516 1_1_0i EXIST::FUNCTION: X509_OBJECT_set1_X509_CRL 4517 1_1_0i EXIST::FUNCTION: +OCSP_resp_get0_tbs_sigalg 4529 1_1_0j EXIST::FUNCTION:OCSP +OCSP_resp_get0_respdata 4530 1_1_0j EXIST::FUNCTION:OCSP _____ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits