[openssl-commits] [openssl] OpenSSL_1_1_0-stable update

matthias.st.pierre at ncp-e.com matthias.st.pierre at ncp-e.com
Mon Sep 3 04:21:26 UTC 2018 

The branch OpenSSL_1_1_0-stable has been updated
       via  b50c9f3be062f3af1f6261c87ddb0fbbcb682d09 (commit)
       via  9ba3012387e9b7c93d864fe757290726f92cf6e9 (commit)
      from  f2ce14d6cfa83c16b36319d71b245a388ddcc1ce (commit)


- Log -----------------------------------------------------------------
commit b50c9f3be062f3af1f6261c87ddb0fbbcb682d09
Author: Paul Kehrer <paul.l.kehrer at gmail.com>
Date:   Sat Sep 1 10:50:28 2018 -0400

    add docs for OCSP_resp_get0_signature
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre at ncp-e.com>
    (Merged from https://github.com/openssl/openssl/pull/7082)

commit 9ba3012387e9b7c93d864fe757290726f92cf6e9
Author: Paul Kehrer <paul.l.kehrer at gmail.com>
Date:   Sat Sep 1 00:05:55 2018 -0400

    add getter for tbsResponseData and signatureAlgorithm on OCSP_BASICRESP
    
    fixes #7081
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre at ncp-e.com>
    (Merged from https://github.com/openssl/openssl/pull/7082)

-----------------------------------------------------------------------

Summary of changes:
 crypto/ocsp/ocsp_cl.c                | 10 ++++++++++
 doc/crypto/OCSP_resp_find_status.pod | 12 ++++++++++++
 include/openssl/ocsp.h               |  2 ++
 util/libcrypto.num                   |  2 ++
 4 files changed, 26 insertions(+)

diff --git a/crypto/ocsp/ocsp_cl.c b/crypto/ocsp/ocsp_cl.c
index a42b80f..5d99ae3 100644
--- a/crypto/ocsp/ocsp_cl.c
+++ b/crypto/ocsp/ocsp_cl.c
@@ -166,6 +166,16 @@ const ASN1_OCTET_STRING *OCSP_resp_get0_signature(const OCSP_BASICRESP *bs)
     return bs->signature;
 }
 
+const X509_ALGOR *OCSP_resp_get0_tbs_sigalg(const OCSP_BASICRESP *bs)
+{
+    return &bs->signatureAlgorithm;
+}
+
+const OCSP_RESPDATA *OCSP_resp_get0_respdata(const OCSP_BASICRESP *bs)
+{
+    return &bs->tbsResponseData;
+}
+
 /*
  * Return number of OCSP_SINGLERESP responses present in a basic response.
  */
diff --git a/doc/crypto/OCSP_resp_find_status.pod b/doc/crypto/OCSP_resp_find_status.pod
index e014df5..a4e3c1c 100644
--- a/doc/crypto/OCSP_resp_find_status.pod
+++ b/doc/crypto/OCSP_resp_find_status.pod
@@ -6,6 +6,9 @@ OCSP_resp_get0_certs,
 OCSP_resp_get0_signer,
 OCSP_resp_get0_id,
 OCSP_resp_get0_produced_at,
+OCSP_resp_get0_signature,
+OCSP_resp_get0_tbs_sigalg,
+OCSP_resp_get0_respdata,
 OCSP_resp_find_status, OCSP_resp_count, OCSP_resp_get0, OCSP_resp_find,
 OCSP_single_get0_status, OCSP_check_validity,
 OCSP_basic_verify
@@ -32,6 +35,9 @@ OCSP_basic_verify
  const ASN1_GENERALIZEDTIME *OCSP_resp_get0_produced_at(
                              const OCSP_BASICRESP* single);
 
+ const ASN1_OCTET_STRING *OCSP_resp_get0_signature(const OCSP_BASICRESP *bs);
+ const X509_ALGOR *OCSP_resp_get0_tbs_sigalg(const OCSP_BASICRESP *bs);
+ const OCSP_RESPDATA *OCSP_resp_get0_respdata(const OCSP_BASICRESP *bs);
  const STACK_OF(X509) *OCSP_resp_get0_certs(const OCSP_BASICRESP *bs);
 
  int OCSP_resp_get0_signer(OCSP_BASICRESP *bs, X509 **signer,
@@ -78,6 +84,12 @@ B<*revtime>, B<*thisupd> and B<*nextupd>.
 OCSP_resp_get0_produced_at() extracts the B<producedAt> field from the
 single response B<bs>.
 
+OCSP_resp_get0_signature() returns the signature from B<bs>.
+
+OCSP_resp_get0_tbs_sigalg() returns the B<signatureAlgorithm> from B<bs>.
+
+OCSP_resp_get0_respdata() returns the B<tbsResponseData> from B<bs>.
+
 OCSP_resp_get0_certs() returns any certificates included in B<bs>.
 
 OCSP_resp_get0_signer() attempts to retrieve the certificate that directly
diff --git a/include/openssl/ocsp.h b/include/openssl/ocsp.h
index 90ebe5c..fd172fb 100644
--- a/include/openssl/ocsp.h
+++ b/include/openssl/ocsp.h
@@ -194,6 +194,8 @@ int OCSP_response_status(OCSP_RESPONSE *resp);
 OCSP_BASICRESP *OCSP_response_get1_basic(OCSP_RESPONSE *resp);
 
 const ASN1_OCTET_STRING *OCSP_resp_get0_signature(const OCSP_BASICRESP *bs);
+const X509_ALGOR *OCSP_resp_get0_tbs_sigalg(const OCSP_BASICRESP *bs);
+const OCSP_RESPDATA *OCSP_resp_get0_respdata(const OCSP_BASICRESP *bs);
 int OCSP_resp_get0_signer(OCSP_BASICRESP *bs, X509 **signer,
                           STACK_OF(X509) *extra_certs);
 
diff --git a/util/libcrypto.num b/util/libcrypto.num
index 51f1d7d..c0fe79d 100644
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -4263,3 +4263,5 @@ X509_OBJECT_set1_X509                   4514	1_1_0i	EXIST::FUNCTION:
 X509_LOOKUP_meth_get_get_by_issuer_serial 4515	1_1_0i	EXIST::FUNCTION:
 X509_LOOKUP_meth_set_init               4516	1_1_0i	EXIST::FUNCTION:
 X509_OBJECT_set1_X509_CRL               4517	1_1_0i	EXIST::FUNCTION:
+OCSP_resp_get0_tbs_sigalg               4529	1_1_0j	EXIST::FUNCTION:OCSP
+OCSP_resp_get0_respdata                 4530	1_1_0j	EXIST::FUNCTION:OCSP

More information about the openssl-commits mailing list