Skip to content

T
Third Party Openssl

OpenHarmony / Third Party Openssl
9 个月 前同步成功

通知 8
Star 18
Fork 1
T
Third Party Openssl

前往新版Gitcode,体验更适合开发者的 AI 搜索 >>

提交 26e083cc 编写于 作者: D Dr. Stephen Henson
浏览文件
操作

New function to copy nonce values from OCSP 

request to response.
上级 49783612
隐藏空白更改
内联 并排
Showing with 21 addition and 12 deletion
CHANGES
浏览文件 @ 26e083cc
...@@ -3,6 +3,10 @@ ...@@ -3,6 +3,10 @@
Changes between 0.9.6 and 0.9.7 [xx XXX 2000] Changes between 0.9.6 and 0.9.7 [xx XXX 2000]
*) New function OCSP_copy_nonce() to copy nonce value (if present) from
request to response.
[Steve Henson]
*) Functions for OCSP responders. OCSP_request_onereq_count(), *) Functions for OCSP responders. OCSP_request_onereq_count(),
OCSP_request_onereq_get0(), OCSP_onereq_get0_id() and OCSP_id_get0_info() OCSP_request_onereq_get0(), OCSP_onereq_get0_id() and OCSP_id_get0_info()
extract information from a certificate request. OCSP_response_create() extract information from a certificate request. OCSP_response_create()
......
crypto/ocsp/ocsp.h
浏览文件 @ 26e083cc
...@@ -412,11 +412,12 @@ OCSP_CERTID *OCSP_cert_id_new(const EVP_MD *dgst, ...@@ -412,11 +412,12 @@ OCSP_CERTID *OCSP_cert_id_new(const EVP_MD *dgst,
ASN1_BIT_STRING* issuerKey, ASN1_BIT_STRING* issuerKey,
ASN1_INTEGER *serialNumber); ASN1_INTEGER *serialNumber);
OCSP_CERTSTATUS *OCSP_cert_status_new(int status, int reason, char *tim);
OCSP_ONEREQ *OCSP_request_add0_id(OCSP_REQUEST *req, OCSP_CERTID *cid); OCSP_ONEREQ *OCSP_request_add0_id(OCSP_REQUEST *req, OCSP_CERTID *cid);
int OCSP_request_add1_nonce(OCSP_REQUEST *req, unsigned char *val, int len); int OCSP_request_add1_nonce(OCSP_REQUEST *req, unsigned char *val, int len);
int OCSP_check_nonce(OCSP_REQUEST *req, OCSP_BASICRESP *bs); int OCSP_check_nonce(OCSP_REQUEST *req, OCSP_BASICRESP *bs);
int OCSP_copy_nonce(OCSP_BASICRESP *resp, OCSP_REQUEST *req);
int OCSP_request_set1_name(OCSP_REQUEST *req, X509_NAME *nm); int OCSP_request_set1_name(OCSP_REQUEST *req, X509_NAME *nm);
int OCSP_request_add1_cert(OCSP_REQUEST *req, X509 *cert); int OCSP_request_add1_cert(OCSP_REQUEST *req, X509 *cert);
......
crypto/ocsp/ocsp_ext.c
浏览文件 @ 26e083cc
...@@ -371,16 +371,20 @@ int OCSP_check_nonce(OCSP_REQUEST *req, OCSP_BASICRESP *bs) ...@@ -371,16 +371,20 @@ int OCSP_check_nonce(OCSP_REQUEST *req, OCSP_BASICRESP *bs)
return ret; return ret;
} }
X509_EXTENSION *OCSP_nonce_new(void *p, unsigned int len) /* Copy the nonce value (if any) from an OCSP request to
{ * a response.
X509_EXTENSION *x=NULL; */
if (!(x = X509_EXTENSION_new())) goto err;
if (!(x->object = OBJ_nid2obj(NID_id_pkix_OCSP_Nonce))) goto err; int OCSP_copy_nonce(OCSP_BASICRESP *resp, OCSP_REQUEST *req)
if (!(ASN1_OCTET_STRING_set(x->value, p, len))) goto err; {
return x; X509_EXTENSION *req_ext;
err: int req_idx;
if (x) X509_EXTENSION_free(x); /* Check for nonce in request */
return NULL; req_idx = OCSP_REQUEST_get_ext_by_NID(req, NID_id_pkix_OCSP_Nonce, -1);
/* If no nonce that's OK */
if (req_idx < 0) return 2;
req_ext = OCSP_REQUEST_get_ext(req, req_idx);
return OCSP_BASICRESP_add_ext(resp, req_ext, -1);
} }
X509_EXTENSION *OCSP_crlID_new(char *url, long *n, char *tim) X509_EXTENSION *OCSP_crlID_new(char *url, long *n, char *tim)
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册