From 9e5cd4bac777e27ebcdc9aa411f0a63c27500468 Mon Sep 17 00:00:00 2001 From: Rich Salz Date: Sun, 17 Jan 2016 10:34:26 -0500 Subject: [PATCH] Add some accessors. Author: Remi Gacogne GH334: Add an OCSP_SINGLERESP_get0_id() accessor to the OCSP_CERTID of a OCSP_SINGLERESP. It is possible to do it the other way around using OCSP_resp_find(), but this is more efficient when you have a tree indexed by OCSP_CERTID, like haproxy does. (This is also RT4251) Author: Marek Klein GH556: OCSP_resp_get_produced_at() accessor to the producedAt of a OCSP_BASICRESP GH555: TS_STATUS_INFO_get_status(), TS_STATUS_INFO_get_text() and TS_STATUS_INFO_get_failure_info() accessors for a TS_STATUS_INFO Signed-off-by: Rich Salz Reviewed-by: Viktor Dukhovni --- crypto/ocsp/ocsp_cl.c | 12 ++++++++++++ crypto/ts/ts_rsp_utils.c | 15 +++++++++++++++ include/openssl/ocsp.h | 2 ++ include/openssl/ts.h | 5 +++++ util/libeay.num | 5 +++++ 5 files changed, 39 insertions(+) diff --git a/crypto/ocsp/ocsp_cl.c b/crypto/ocsp/ocsp_cl.c index e6e7fc1499..2f3835d9c9 100644 --- a/crypto/ocsp/ocsp_cl.c +++ b/crypto/ocsp/ocsp_cl.c @@ -242,6 +242,13 @@ OCSP_SINGLERESP *OCSP_resp_get0(OCSP_BASICRESP *bs, int idx) return sk_OCSP_SINGLERESP_value(bs->tbsResponseData.responses, idx); } +ASN1_GENERALIZEDTIME *OCSP_resp_get_produced_at(OCSP_BASICRESP* bs) +{ + if (!bs) + return NULL; + return bs->tbsResponseData.producedAt; +} + /* Look single response matching a given certificate ID */ int OCSP_resp_find(OCSP_BASICRESP *bs, OCSP_CERTID *id, int last) @@ -386,3 +393,8 @@ int OCSP_check_validity(ASN1_GENERALIZEDTIME *thisupd, return ret; } + +OCSP_CERTID *OCSP_SINGLERESP_get0_id(OCSP_SINGLERESP *single) +{ + return single->certId; +} diff --git a/crypto/ts/ts_rsp_utils.c b/crypto/ts/ts_rsp_utils.c index 2db3b17678..c3cd1bd327 100644 --- a/crypto/ts/ts_rsp_utils.c +++ b/crypto/ts/ts_rsp_utils.c @@ -397,3 +397,18 @@ int TS_STATUS_INFO_set_status(TS_STATUS_INFO *a, int i) { return ASN1_INTEGER_set(a->status, i); } + +ASN1_INTEGER *TS_STATUS_INFO_get_status(TS_STATUS_INFO *a) +{ + return a->status; +} + +STACK_OF(ASN1_UTF8STRING) *TS_STATUS_INFO_get_text(TS_STATUS_INFO *a) +{ + return a->text; +} + +ASN1_BIT_STRING *TS_STATUS_INFO_get_failure_info(TS_STATUS_INFO *a) +{ + return a->failure_info; +} diff --git a/include/openssl/ocsp.h b/include/openssl/ocsp.h index 3ccd79f148..b0654b0e5c 100644 --- a/include/openssl/ocsp.h +++ b/include/openssl/ocsp.h @@ -259,6 +259,7 @@ ASN1_OCTET_STRING *OCSP_resp_get0_signature(OCSP_BASICRESP *bs); int OCSP_resp_count(OCSP_BASICRESP *bs); OCSP_SINGLERESP *OCSP_resp_get0(OCSP_BASICRESP *bs, int idx); +ASN1_GENERALIZEDTIME *OCSP_resp_get_produced_at(OCSP_BASICRESP* bs); int OCSP_resp_find(OCSP_BASICRESP *bs, OCSP_CERTID *id, int last); int OCSP_single_get0_status(OCSP_SINGLERESP *single, int *reason, ASN1_GENERALIZEDTIME **revtime, @@ -359,6 +360,7 @@ void *OCSP_SINGLERESP_get1_ext_d2i(OCSP_SINGLERESP *x, int nid, int *crit, int OCSP_SINGLERESP_add1_ext_i2d(OCSP_SINGLERESP *x, int nid, void *value, int crit, unsigned long flags); int OCSP_SINGLERESP_add_ext(OCSP_SINGLERESP *x, X509_EXTENSION *ex, int loc); +OCSP_CERTID *OCSP_SINGLERESP_get0_id(OCSP_SINGLERESP *x); DECLARE_ASN1_FUNCTIONS(OCSP_SINGLERESP) DECLARE_ASN1_FUNCTIONS(OCSP_CERTSTATUS) diff --git a/include/openssl/ts.h b/include/openssl/ts.h index e232e62a5d..b59f50b98b 100644 --- a/include/openssl/ts.h +++ b/include/openssl/ts.h @@ -225,6 +225,11 @@ int TS_REQ_set_version(TS_REQ *a, long version); long TS_REQ_get_version(const TS_REQ *a); int TS_STATUS_INFO_set_status(TS_STATUS_INFO *a, int i); +ASN1_INTEGER *TS_STATUS_INFO_get_status(TS_STATUS_INFO *a); + +STACK_OF(ASN1_UTF8STRING) *TS_STATUS_INFO_get_text(TS_STATUS_INFO *a); + +ASN1_BIT_STRING *TS_STATUS_INFO_get_failure_info(TS_STATUS_INFO *a); int TS_REQ_set_msg_imprint(TS_REQ *a, TS_MSG_IMPRINT *msg_imprint); TS_MSG_IMPRINT *TS_REQ_get_msg_imprint(TS_REQ *a); diff --git a/util/libeay.num b/util/libeay.num index acfa34d1da..31a603de1d 100755 --- a/util/libeay.num +++ b/util/libeay.num @@ -4759,3 +4759,8 @@ EC_KEY_set_ex_data 5153 1_1_0 EXIST::FUNCTION:EC EC_KEY_get_ex_data 5154 1_1_0 EXIST::FUNCTION:EC EC_KEY_set_method 5155 1_1_0 EXIST::FUNCTION:EC EC_KEY_get_method 5156 1_1_0 EXIST::FUNCTION:EC +OCSP_SINGLERESP_get0_id 5157 1_1_0 EXIST::FUNCTION: +TS_STATUS_INFO_get_status 5158 1_1_0 EXIST::FUNCTION: +OCSP_resp_get_produced_at 5159 1_1_0 EXIST::FUNCTION: +TS_STATUS_INFO_get_failure_info 5160 1_1_0 EXIST::FUNCTION: +TS_STATUS_INFO_get_text 5161 1_1_0 EXIST::FUNCTION: -- 2.40.0