67 #include <openssl/x509.h>
68 #include <openssl/x509v3.h>
69 #include <openssl/safestack.h>
77 #define OCSP_DEFAULT_NONCE_LENGTH 16
79 #define OCSP_NOCERTS 0x1
80 #define OCSP_NOINTERN 0x2
81 #define OCSP_NOSIGS 0x4
82 #define OCSP_NOCHAIN 0x8
83 #define OCSP_NOVERIFY 0x10
84 #define OCSP_NOEXPLICIT 0x20
85 #define OCSP_NOCASIGN 0x40
86 #define OCSP_NODELEGATED 0x80
87 #define OCSP_NOCHECKS 0x100
88 #define OCSP_TRUSTOTHER 0x200
89 #define OCSP_RESPID_KEY 0x400
90 #define OCSP_NOTIME 0x800
145 STACK_OF(
X509) *certs;
168 #define OCSP_RESPONSE_STATUS_SUCCESSFUL 0
169 #define OCSP_RESPONSE_STATUS_MALFORMEDREQUEST 1
170 #define OCSP_RESPONSE_STATUS_INTERNALERROR 2
171 #define OCSP_RESPONSE_STATUS_TRYLATER 3
172 #define OCSP_RESPONSE_STATUS_SIGREQUIRED 5
173 #define OCSP_RESPONSE_STATUS_UNAUTHORIZED 6
199 #define V_OCSP_RESPID_NAME 0
200 #define V_OCSP_RESPID_KEY 1
228 #define V_OCSP_CERTSTATUS_GOOD 0
229 #define V_OCSP_CERTSTATUS_REVOKED 1
230 #define V_OCSP_CERTSTATUS_UNKNOWN 2
303 STACK_OF(
X509) *certs;
317 #define OCSP_REVOKED_STATUS_NOSTATUS -1
318 #define OCSP_REVOKED_STATUS_UNSPECIFIED 0
319 #define OCSP_REVOKED_STATUS_KEYCOMPROMISE 1
320 #define OCSP_REVOKED_STATUS_CACOMPROMISE 2
321 #define OCSP_REVOKED_STATUS_AFFILIATIONCHANGED 3
322 #define OCSP_REVOKED_STATUS_SUPERSEDED 4
323 #define OCSP_REVOKED_STATUS_CESSATIONOFOPERATION 5
324 #define OCSP_REVOKED_STATUS_CERTIFICATEHOLD 6
325 #define OCSP_REVOKED_STATUS_REMOVEFROMCRL 8
349 #define PEM_STRING_OCSP_REQUEST "OCSP REQUEST"
350 #define PEM_STRING_OCSP_RESPONSE "OCSP RESPONSE"
352 #define d2i_OCSP_REQUEST_bio(bp,p) ASN1_d2i_bio_of(OCSP_REQUEST,OCSP_REQUEST_new,d2i_OCSP_REQUEST,bp,p)
354 #define d2i_OCSP_RESPONSE_bio(bp,p) ASN1_d2i_bio_of(OCSP_RESPONSE,OCSP_RESPONSE_new,d2i_OCSP_RESPONSE,bp,p)
356 #define PEM_read_bio_OCSP_REQUEST(bp,x,cb) (OCSP_REQUEST *)PEM_ASN1_read_bio( \
357 (char *(*)())d2i_OCSP_REQUEST,PEM_STRING_OCSP_REQUEST,bp,(char **)x,cb,NULL)
359 #define PEM_read_bio_OCSP_RESPONSE(bp,x,cb)(OCSP_RESPONSE *)PEM_ASN1_read_bio(\
360 (char *(*)())d2i_OCSP_RESPONSE,PEM_STRING_OCSP_RESPONSE,bp,(char **)x,cb,NULL)
362 #define PEM_write_bio_OCSP_REQUEST(bp,o) \
363 PEM_ASN1_write_bio((int (*)())i2d_OCSP_REQUEST,PEM_STRING_OCSP_REQUEST,\
364 bp,(char *)o, NULL,NULL,0,NULL,NULL)
366 #define PEM_write_bio_OCSP_RESPONSE(bp,o) \
367 PEM_ASN1_write_bio((int (*)())i2d_OCSP_RESPONSE,PEM_STRING_OCSP_RESPONSE,\
368 bp,(char *)o, NULL,NULL,0,NULL,NULL)
370 #define i2d_OCSP_RESPONSE_bio(bp,o) ASN1_i2d_bio_of(OCSP_RESPONSE,i2d_OCSP_RESPONSE,bp,o)
372 #define i2d_OCSP_REQUEST_bio(bp,o) ASN1_i2d_bio_of(OCSP_REQUEST,i2d_OCSP_REQUEST,bp,o)
374 #define OCSP_REQUEST_sign(o,pkey,md) \
375 ASN1_item_sign(ASN1_ITEM_rptr(OCSP_REQINFO),\
376 o->optionalSignature->signatureAlgorithm,NULL,\
377 o->optionalSignature->signature,o->tbsRequest,pkey,md)
379 #define OCSP_BASICRESP_sign(o,pkey,md,d) \
380 ASN1_item_sign(ASN1_ITEM_rptr(OCSP_RESPDATA),o->signatureAlgorithm,NULL,\
381 o->signature,o->tbsResponseData,pkey,md)
383 #define OCSP_REQUEST_verify(a,r) ASN1_item_verify(ASN1_ITEM_rptr(OCSP_REQINFO),\
384 a->optionalSignature->signatureAlgorithm,\
385 a->optionalSignature->signature,a->tbsRequest,r)
387 #define OCSP_BASICRESP_verify(a,r,d) ASN1_item_verify(ASN1_ITEM_rptr(OCSP_RESPDATA),\
388 a->signatureAlgorithm,a->signature,a->tbsResponseData,r)
390 #define ASN1_BIT_STRING_digest(data,type,md,len) \
391 ASN1_item_digest(ASN1_ITEM_rptr(ASN1_BIT_STRING),type,data,md,len)
393 #define OCSP_CERTID_dup(cid) ASN1_dup_of(OCSP_CERTID,i2d_OCSP_CERTID,d2i_OCSP_CERTID,cid)
395 #define OCSP_CERTSTATUS_dup(cs)\
396 (OCSP_CERTSTATUS*)ASN1_dup((int(*)())i2d_OCSP_CERTSTATUS,\
397 (char *(*)())d2i_OCSP_CERTSTATUS,(char *)(cs))
410 int OCSP_request_add1_nonce(
OCSP_REQUEST *req,
unsigned char *val,
int len);
411 int OCSP_basic_add1_nonce(
OCSP_BASICRESP *resp,
unsigned char *val,
int len);
423 unsigned long flags);
442 long sec,
long maxsec);
446 int OCSP_parse_url(
char *url,
char **phost,
char **pport,
char **ppath,
int *pssl);
461 int status,
int reason,
471 #define ASN1_STRING_encode_of(type,s,i2d,data,sk) \
472 ASN1_STRING_encode(s, CHECKED_I2D_OF(type, i2d), data, sk)
483 int OCSP_REQUEST_get_ext_by_NID(
OCSP_REQUEST *x,
int nid,
int lastpos);
485 int OCSP_REQUEST_get_ext_by_critical(
OCSP_REQUEST *x,
int crit,
int lastpos);
488 void *OCSP_REQUEST_get1_ext_d2i(
OCSP_REQUEST *x,
int nid,
int *crit,
int *idx);
489 int OCSP_REQUEST_add1_ext_i2d(
OCSP_REQUEST *x,
int nid,
void *value,
int crit,
490 unsigned long flags);
494 int OCSP_ONEREQ_get_ext_by_NID(
OCSP_ONEREQ *x,
int nid,
int lastpos);
496 int OCSP_ONEREQ_get_ext_by_critical(
OCSP_ONEREQ *x,
int crit,
int lastpos);
499 void *OCSP_ONEREQ_get1_ext_d2i(
OCSP_ONEREQ *x,
int nid,
int *crit,
int *idx);
500 int OCSP_ONEREQ_add1_ext_i2d(
OCSP_ONEREQ *x,
int nid,
void *value,
int crit,
501 unsigned long flags);
505 int OCSP_BASICRESP_get_ext_by_NID(
OCSP_BASICRESP *x,
int nid,
int lastpos);
507 int OCSP_BASICRESP_get_ext_by_critical(
OCSP_BASICRESP *x,
int crit,
int lastpos);
510 void *OCSP_BASICRESP_get1_ext_d2i(
OCSP_BASICRESP *x,
int nid,
int *crit,
int *idx);
511 int OCSP_BASICRESP_add1_ext_i2d(
OCSP_BASICRESP *x,
int nid,
void *value,
int crit,
512 unsigned long flags);
516 int OCSP_SINGLERESP_get_ext_by_NID(
OCSP_SINGLERESP *x,
int nid,
int lastpos);
518 int OCSP_SINGLERESP_get_ext_by_critical(
OCSP_SINGLERESP *x,
int crit,
int lastpos);
521 void *OCSP_SINGLERESP_get1_ext_d2i(
OCSP_SINGLERESP *x,
int nid,
int *crit,
int *idx);
522 int OCSP_SINGLERESP_add1_ext_i2d(
OCSP_SINGLERESP *x,
int nid,
void *value,
int crit,
523 unsigned long flags);
542 char *OCSP_response_status_str(
long s);
543 char *OCSP_cert_status_str(
long s);
544 char *OCSP_crl_reason_str(
long s);
556 void ERR_load_OCSP_strings(
void);
561 #define OCSP_F_ASN1_STRING_ENCODE 100
562 #define OCSP_F_D2I_OCSP_NONCE 102
563 #define OCSP_F_OCSP_BASIC_ADD1_STATUS 103
564 #define OCSP_F_OCSP_BASIC_SIGN 104
565 #define OCSP_F_OCSP_BASIC_VERIFY 105
566 #define OCSP_F_OCSP_CERT_ID_NEW 101
567 #define OCSP_F_OCSP_CHECK_DELEGATED 106
568 #define OCSP_F_OCSP_CHECK_IDS 107
569 #define OCSP_F_OCSP_CHECK_ISSUER 108
570 #define OCSP_F_OCSP_CHECK_VALIDITY 115
571 #define OCSP_F_OCSP_MATCH_ISSUERID 109
572 #define OCSP_F_OCSP_PARSE_URL 114
573 #define OCSP_F_OCSP_REQUEST_SIGN 110
574 #define OCSP_F_OCSP_REQUEST_VERIFY 116
575 #define OCSP_F_OCSP_RESPONSE_GET1_BASIC 111
576 #define OCSP_F_OCSP_SENDREQ_BIO 112
577 #define OCSP_F_REQUEST_VERIFY 113
580 #define OCSP_R_BAD_DATA 100
581 #define OCSP_R_CERTIFICATE_VERIFY_ERROR 101
582 #define OCSP_R_DIGEST_ERR 102
583 #define OCSP_R_ERROR_IN_NEXTUPDATE_FIELD 122
584 #define OCSP_R_ERROR_IN_THISUPDATE_FIELD 123
585 #define OCSP_R_ERROR_PARSING_URL 121
586 #define OCSP_R_MISSING_OCSPSIGNING_USAGE 103
587 #define OCSP_R_NEXTUPDATE_BEFORE_THISUPDATE 124
588 #define OCSP_R_NOT_BASIC_RESPONSE 104
589 #define OCSP_R_NO_CERTIFICATES_IN_CHAIN 105
590 #define OCSP_R_NO_CONTENT 106
591 #define OCSP_R_NO_PUBLIC_KEY 107
592 #define OCSP_R_NO_RESPONSE_DATA 108
593 #define OCSP_R_NO_REVOKED_TIME 109
594 #define OCSP_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE 110
595 #define OCSP_R_REQUEST_NOT_SIGNED 128
596 #define OCSP_R_RESPONSE_CONTAINS_NO_REVOCATION_DATA 111
597 #define OCSP_R_ROOT_CA_NOT_TRUSTED 112
598 #define OCSP_R_SERVER_READ_ERROR 113
599 #define OCSP_R_SERVER_RESPONSE_ERROR 114
600 #define OCSP_R_SERVER_RESPONSE_PARSE_ERROR 115
601 #define OCSP_R_SERVER_WRITE_ERROR 116
602 #define OCSP_R_SIGNATURE_FAILURE 117
603 #define OCSP_R_SIGNER_CERTIFICATE_NOT_FOUND 118
604 #define OCSP_R_STATUS_EXPIRED 125
605 #define OCSP_R_STATUS_NOT_YET_VALID 126
606 #define OCSP_R_STATUS_TOO_OLD 127
607 #define OCSP_R_UNKNOWN_MESSAGE_DIGEST 119
608 #define OCSP_R_UNKNOWN_NID 120
609 #define OCSP_R_UNSUPPORTED_REQUESTORNAME_TYPE 129
STACK_OF(X509_NAME)
Definition: ssl_cert.c:554
Definition: x509_vfy.h:183