1 /* 2 * WARNING: do not edit! 3 * Generated by Makefile from include/openssl/ocsp.h.in 4 * 5 * Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved. 6 * 7 * Licensed under the Apache License 2.0 (the "License"). You may not use 8 * this file except in compliance with the License. You can obtain a copy 9 * in the file LICENSE in the source distribution or at 10 * https://www.openssl.org/source/license.html 11 */ 12 13 14 15 #ifndef OPENSSL_OCSP_H 16 # define OPENSSL_OCSP_H 17 # pragma once 18 19 # include <openssl/macros.h> 20 # ifndef OPENSSL_NO_DEPRECATED_3_0 21 # define HEADER_OCSP_H 22 # endif 23 24 # include <openssl/opensslconf.h> 25 # include <openssl/http.h> 26 # include <openssl/asn1.h> 27 28 /* 29 * These definitions are outside the OPENSSL_NO_OCSP guard because although for 30 * historical reasons they have OCSP_* names, they can actually be used 31 * independently of OCSP. E.g. see RFC5280 32 */ 33 /*- 34 * CRLReason ::= ENUMERATED { 35 * unspecified (0), 36 * keyCompromise (1), 37 * cACompromise (2), 38 * affiliationChanged (3), 39 * superseded (4), 40 * cessationOfOperation (5), 41 * certificateHold (6), 42 * -- value 7 is not used 43 * removeFromCRL (8), 44 * privilegeWithdrawn (9), 45 * aACompromise (10) } 46 */ 47 # define OCSP_REVOKED_STATUS_NOSTATUS -1 48 # define OCSP_REVOKED_STATUS_UNSPECIFIED 0 49 # define OCSP_REVOKED_STATUS_KEYCOMPROMISE 1 50 # define OCSP_REVOKED_STATUS_CACOMPROMISE 2 51 # define OCSP_REVOKED_STATUS_AFFILIATIONCHANGED 3 52 # define OCSP_REVOKED_STATUS_SUPERSEDED 4 53 # define OCSP_REVOKED_STATUS_CESSATIONOFOPERATION 5 54 # define OCSP_REVOKED_STATUS_CERTIFICATEHOLD 6 55 # define OCSP_REVOKED_STATUS_REMOVEFROMCRL 8 56 # define OCSP_REVOKED_STATUS_PRIVILEGEWITHDRAWN 9 57 # define OCSP_REVOKED_STATUS_AACOMPROMISE 10 58 59 60 # ifndef OPENSSL_NO_OCSP 61 62 # include <openssl/x509.h> 63 # include <openssl/x509v3.h> 64 # include <openssl/safestack.h> 65 # include <openssl/ocsperr.h> 66 67 # ifdef __cplusplus 68 extern "C" { 69 # endif 70 71 /* Various flags and values */ 72 73 # define OCSP_DEFAULT_NONCE_LENGTH 16 74 75 # define OCSP_NOCERTS 0x1 76 # define OCSP_NOINTERN 0x2 77 # define OCSP_NOSIGS 0x4 78 # define OCSP_NOCHAIN 0x8 79 # define OCSP_NOVERIFY 0x10 80 # define OCSP_NOEXPLICIT 0x20 81 # define OCSP_NOCASIGN 0x40 82 # define OCSP_NODELEGATED 0x80 83 # define OCSP_NOCHECKS 0x100 84 # define OCSP_TRUSTOTHER 0x200 85 # define OCSP_RESPID_KEY 0x400 86 # define OCSP_NOTIME 0x800 87 # define OCSP_PARTIAL_CHAIN 0x1000 88 89 typedef struct ocsp_cert_id_st OCSP_CERTID; 90 typedef struct ocsp_one_request_st OCSP_ONEREQ; 91 typedef struct ocsp_req_info_st OCSP_REQINFO; 92 typedef struct ocsp_signature_st OCSP_SIGNATURE; 93 typedef struct ocsp_request_st OCSP_REQUEST; 94 95 SKM_DEFINE_STACK_OF_INTERNAL(OCSP_CERTID, OCSP_CERTID, OCSP_CERTID) 96 #define sk_OCSP_CERTID_num(sk) OPENSSL_sk_num(ossl_check_const_OCSP_CERTID_sk_type(sk)) 97 #define sk_OCSP_CERTID_value(sk, idx) ((OCSP_CERTID *)OPENSSL_sk_value(ossl_check_const_OCSP_CERTID_sk_type(sk), (idx))) 98 #define sk_OCSP_CERTID_new(cmp) ((STACK_OF(OCSP_CERTID) *)OPENSSL_sk_new(ossl_check_OCSP_CERTID_compfunc_type(cmp))) 99 #define sk_OCSP_CERTID_new_null() ((STACK_OF(OCSP_CERTID) *)OPENSSL_sk_new_null()) 100 #define sk_OCSP_CERTID_new_reserve(cmp, n) ((STACK_OF(OCSP_CERTID) *)OPENSSL_sk_new_reserve(ossl_check_OCSP_CERTID_compfunc_type(cmp), (n))) 101 #define sk_OCSP_CERTID_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_OCSP_CERTID_sk_type(sk), (n)) 102 #define sk_OCSP_CERTID_free(sk) OPENSSL_sk_free(ossl_check_OCSP_CERTID_sk_type(sk)) 103 #define sk_OCSP_CERTID_zero(sk) OPENSSL_sk_zero(ossl_check_OCSP_CERTID_sk_type(sk)) 104 #define sk_OCSP_CERTID_delete(sk, i) ((OCSP_CERTID *)OPENSSL_sk_delete(ossl_check_OCSP_CERTID_sk_type(sk), (i))) 105 #define sk_OCSP_CERTID_delete_ptr(sk, ptr) ((OCSP_CERTID *)OPENSSL_sk_delete_ptr(ossl_check_OCSP_CERTID_sk_type(sk), ossl_check_OCSP_CERTID_type(ptr))) 106 #define sk_OCSP_CERTID_push(sk, ptr) OPENSSL_sk_push(ossl_check_OCSP_CERTID_sk_type(sk), ossl_check_OCSP_CERTID_type(ptr)) 107 #define sk_OCSP_CERTID_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_OCSP_CERTID_sk_type(sk), ossl_check_OCSP_CERTID_type(ptr)) 108 #define sk_OCSP_CERTID_pop(sk) ((OCSP_CERTID *)OPENSSL_sk_pop(ossl_check_OCSP_CERTID_sk_type(sk))) 109 #define sk_OCSP_CERTID_shift(sk) ((OCSP_CERTID *)OPENSSL_sk_shift(ossl_check_OCSP_CERTID_sk_type(sk))) 110 #define sk_OCSP_CERTID_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_OCSP_CERTID_sk_type(sk),ossl_check_OCSP_CERTID_freefunc_type(freefunc)) 111 #define sk_OCSP_CERTID_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_OCSP_CERTID_sk_type(sk), ossl_check_OCSP_CERTID_type(ptr), (idx)) 112 #define sk_OCSP_CERTID_set(sk, idx, ptr) ((OCSP_CERTID *)OPENSSL_sk_set(ossl_check_OCSP_CERTID_sk_type(sk), (idx), ossl_check_OCSP_CERTID_type(ptr))) 113 #define sk_OCSP_CERTID_find(sk, ptr) OPENSSL_sk_find(ossl_check_OCSP_CERTID_sk_type(sk), ossl_check_OCSP_CERTID_type(ptr)) 114 #define sk_OCSP_CERTID_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_OCSP_CERTID_sk_type(sk), ossl_check_OCSP_CERTID_type(ptr)) 115 #define sk_OCSP_CERTID_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_OCSP_CERTID_sk_type(sk), ossl_check_OCSP_CERTID_type(ptr), pnum) 116 #define sk_OCSP_CERTID_sort(sk) OPENSSL_sk_sort(ossl_check_OCSP_CERTID_sk_type(sk)) 117 #define sk_OCSP_CERTID_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_OCSP_CERTID_sk_type(sk)) 118 #define sk_OCSP_CERTID_dup(sk) ((STACK_OF(OCSP_CERTID) *)OPENSSL_sk_dup(ossl_check_const_OCSP_CERTID_sk_type(sk))) 119 #define sk_OCSP_CERTID_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(OCSP_CERTID) *)OPENSSL_sk_deep_copy(ossl_check_const_OCSP_CERTID_sk_type(sk), ossl_check_OCSP_CERTID_copyfunc_type(copyfunc), ossl_check_OCSP_CERTID_freefunc_type(freefunc))) 120 #define sk_OCSP_CERTID_set_cmp_func(sk, cmp) ((sk_OCSP_CERTID_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_OCSP_CERTID_sk_type(sk), ossl_check_OCSP_CERTID_compfunc_type(cmp))) 121 SKM_DEFINE_STACK_OF_INTERNAL(OCSP_ONEREQ, OCSP_ONEREQ, OCSP_ONEREQ) 122 #define sk_OCSP_ONEREQ_num(sk) OPENSSL_sk_num(ossl_check_const_OCSP_ONEREQ_sk_type(sk)) 123 #define sk_OCSP_ONEREQ_value(sk, idx) ((OCSP_ONEREQ *)OPENSSL_sk_value(ossl_check_const_OCSP_ONEREQ_sk_type(sk), (idx))) 124 #define sk_OCSP_ONEREQ_new(cmp) ((STACK_OF(OCSP_ONEREQ) *)OPENSSL_sk_new(ossl_check_OCSP_ONEREQ_compfunc_type(cmp))) 125 #define sk_OCSP_ONEREQ_new_null() ((STACK_OF(OCSP_ONEREQ) *)OPENSSL_sk_new_null()) 126 #define sk_OCSP_ONEREQ_new_reserve(cmp, n) ((STACK_OF(OCSP_ONEREQ) *)OPENSSL_sk_new_reserve(ossl_check_OCSP_ONEREQ_compfunc_type(cmp), (n))) 127 #define sk_OCSP_ONEREQ_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_OCSP_ONEREQ_sk_type(sk), (n)) 128 #define sk_OCSP_ONEREQ_free(sk) OPENSSL_sk_free(ossl_check_OCSP_ONEREQ_sk_type(sk)) 129 #define sk_OCSP_ONEREQ_zero(sk) OPENSSL_sk_zero(ossl_check_OCSP_ONEREQ_sk_type(sk)) 130 #define sk_OCSP_ONEREQ_delete(sk, i) ((OCSP_ONEREQ *)OPENSSL_sk_delete(ossl_check_OCSP_ONEREQ_sk_type(sk), (i))) 131 #define sk_OCSP_ONEREQ_delete_ptr(sk, ptr) ((OCSP_ONEREQ *)OPENSSL_sk_delete_ptr(ossl_check_OCSP_ONEREQ_sk_type(sk), ossl_check_OCSP_ONEREQ_type(ptr))) 132 #define sk_OCSP_ONEREQ_push(sk, ptr) OPENSSL_sk_push(ossl_check_OCSP_ONEREQ_sk_type(sk), ossl_check_OCSP_ONEREQ_type(ptr)) 133 #define sk_OCSP_ONEREQ_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_OCSP_ONEREQ_sk_type(sk), ossl_check_OCSP_ONEREQ_type(ptr)) 134 #define sk_OCSP_ONEREQ_pop(sk) ((OCSP_ONEREQ *)OPENSSL_sk_pop(ossl_check_OCSP_ONEREQ_sk_type(sk))) 135 #define sk_OCSP_ONEREQ_shift(sk) ((OCSP_ONEREQ *)OPENSSL_sk_shift(ossl_check_OCSP_ONEREQ_sk_type(sk))) 136 #define sk_OCSP_ONEREQ_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_OCSP_ONEREQ_sk_type(sk),ossl_check_OCSP_ONEREQ_freefunc_type(freefunc)) 137 #define sk_OCSP_ONEREQ_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_OCSP_ONEREQ_sk_type(sk), ossl_check_OCSP_ONEREQ_type(ptr), (idx)) 138 #define sk_OCSP_ONEREQ_set(sk, idx, ptr) ((OCSP_ONEREQ *)OPENSSL_sk_set(ossl_check_OCSP_ONEREQ_sk_type(sk), (idx), ossl_check_OCSP_ONEREQ_type(ptr))) 139 #define sk_OCSP_ONEREQ_find(sk, ptr) OPENSSL_sk_find(ossl_check_OCSP_ONEREQ_sk_type(sk), ossl_check_OCSP_ONEREQ_type(ptr)) 140 #define sk_OCSP_ONEREQ_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_OCSP_ONEREQ_sk_type(sk), ossl_check_OCSP_ONEREQ_type(ptr)) 141 #define sk_OCSP_ONEREQ_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_OCSP_ONEREQ_sk_type(sk), ossl_check_OCSP_ONEREQ_type(ptr), pnum) 142 #define sk_OCSP_ONEREQ_sort(sk) OPENSSL_sk_sort(ossl_check_OCSP_ONEREQ_sk_type(sk)) 143 #define sk_OCSP_ONEREQ_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_OCSP_ONEREQ_sk_type(sk)) 144 #define sk_OCSP_ONEREQ_dup(sk) ((STACK_OF(OCSP_ONEREQ) *)OPENSSL_sk_dup(ossl_check_const_OCSP_ONEREQ_sk_type(sk))) 145 #define sk_OCSP_ONEREQ_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(OCSP_ONEREQ) *)OPENSSL_sk_deep_copy(ossl_check_const_OCSP_ONEREQ_sk_type(sk), ossl_check_OCSP_ONEREQ_copyfunc_type(copyfunc), ossl_check_OCSP_ONEREQ_freefunc_type(freefunc))) 146 #define sk_OCSP_ONEREQ_set_cmp_func(sk, cmp) ((sk_OCSP_ONEREQ_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_OCSP_ONEREQ_sk_type(sk), ossl_check_OCSP_ONEREQ_compfunc_type(cmp))) 147 148 149 # define OCSP_RESPONSE_STATUS_SUCCESSFUL 0 150 # define OCSP_RESPONSE_STATUS_MALFORMEDREQUEST 1 151 # define OCSP_RESPONSE_STATUS_INTERNALERROR 2 152 # define OCSP_RESPONSE_STATUS_TRYLATER 3 153 # define OCSP_RESPONSE_STATUS_SIGREQUIRED 5 154 # define OCSP_RESPONSE_STATUS_UNAUTHORIZED 6 155 156 typedef struct ocsp_resp_bytes_st OCSP_RESPBYTES; 157 158 # define V_OCSP_RESPID_NAME 0 159 # define V_OCSP_RESPID_KEY 1 160 161 SKM_DEFINE_STACK_OF_INTERNAL(OCSP_RESPID, OCSP_RESPID, OCSP_RESPID) 162 #define sk_OCSP_RESPID_num(sk) OPENSSL_sk_num(ossl_check_const_OCSP_RESPID_sk_type(sk)) 163 #define sk_OCSP_RESPID_value(sk, idx) ((OCSP_RESPID *)OPENSSL_sk_value(ossl_check_const_OCSP_RESPID_sk_type(sk), (idx))) 164 #define sk_OCSP_RESPID_new(cmp) ((STACK_OF(OCSP_RESPID) *)OPENSSL_sk_new(ossl_check_OCSP_RESPID_compfunc_type(cmp))) 165 #define sk_OCSP_RESPID_new_null() ((STACK_OF(OCSP_RESPID) *)OPENSSL_sk_new_null()) 166 #define sk_OCSP_RESPID_new_reserve(cmp, n) ((STACK_OF(OCSP_RESPID) *)OPENSSL_sk_new_reserve(ossl_check_OCSP_RESPID_compfunc_type(cmp), (n))) 167 #define sk_OCSP_RESPID_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_OCSP_RESPID_sk_type(sk), (n)) 168 #define sk_OCSP_RESPID_free(sk) OPENSSL_sk_free(ossl_check_OCSP_RESPID_sk_type(sk)) 169 #define sk_OCSP_RESPID_zero(sk) OPENSSL_sk_zero(ossl_check_OCSP_RESPID_sk_type(sk)) 170 #define sk_OCSP_RESPID_delete(sk, i) ((OCSP_RESPID *)OPENSSL_sk_delete(ossl_check_OCSP_RESPID_sk_type(sk), (i))) 171 #define sk_OCSP_RESPID_delete_ptr(sk, ptr) ((OCSP_RESPID *)OPENSSL_sk_delete_ptr(ossl_check_OCSP_RESPID_sk_type(sk), ossl_check_OCSP_RESPID_type(ptr))) 172 #define sk_OCSP_RESPID_push(sk, ptr) OPENSSL_sk_push(ossl_check_OCSP_RESPID_sk_type(sk), ossl_check_OCSP_RESPID_type(ptr)) 173 #define sk_OCSP_RESPID_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_OCSP_RESPID_sk_type(sk), ossl_check_OCSP_RESPID_type(ptr)) 174 #define sk_OCSP_RESPID_pop(sk) ((OCSP_RESPID *)OPENSSL_sk_pop(ossl_check_OCSP_RESPID_sk_type(sk))) 175 #define sk_OCSP_RESPID_shift(sk) ((OCSP_RESPID *)OPENSSL_sk_shift(ossl_check_OCSP_RESPID_sk_type(sk))) 176 #define sk_OCSP_RESPID_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_OCSP_RESPID_sk_type(sk),ossl_check_OCSP_RESPID_freefunc_type(freefunc)) 177 #define sk_OCSP_RESPID_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_OCSP_RESPID_sk_type(sk), ossl_check_OCSP_RESPID_type(ptr), (idx)) 178 #define sk_OCSP_RESPID_set(sk, idx, ptr) ((OCSP_RESPID *)OPENSSL_sk_set(ossl_check_OCSP_RESPID_sk_type(sk), (idx), ossl_check_OCSP_RESPID_type(ptr))) 179 #define sk_OCSP_RESPID_find(sk, ptr) OPENSSL_sk_find(ossl_check_OCSP_RESPID_sk_type(sk), ossl_check_OCSP_RESPID_type(ptr)) 180 #define sk_OCSP_RESPID_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_OCSP_RESPID_sk_type(sk), ossl_check_OCSP_RESPID_type(ptr)) 181 #define sk_OCSP_RESPID_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_OCSP_RESPID_sk_type(sk), ossl_check_OCSP_RESPID_type(ptr), pnum) 182 #define sk_OCSP_RESPID_sort(sk) OPENSSL_sk_sort(ossl_check_OCSP_RESPID_sk_type(sk)) 183 #define sk_OCSP_RESPID_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_OCSP_RESPID_sk_type(sk)) 184 #define sk_OCSP_RESPID_dup(sk) ((STACK_OF(OCSP_RESPID) *)OPENSSL_sk_dup(ossl_check_const_OCSP_RESPID_sk_type(sk))) 185 #define sk_OCSP_RESPID_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(OCSP_RESPID) *)OPENSSL_sk_deep_copy(ossl_check_const_OCSP_RESPID_sk_type(sk), ossl_check_OCSP_RESPID_copyfunc_type(copyfunc), ossl_check_OCSP_RESPID_freefunc_type(freefunc))) 186 #define sk_OCSP_RESPID_set_cmp_func(sk, cmp) ((sk_OCSP_RESPID_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_OCSP_RESPID_sk_type(sk), ossl_check_OCSP_RESPID_compfunc_type(cmp))) 187 188 189 typedef struct ocsp_revoked_info_st OCSP_REVOKEDINFO; 190 191 # define V_OCSP_CERTSTATUS_GOOD 0 192 # define V_OCSP_CERTSTATUS_REVOKED 1 193 # define V_OCSP_CERTSTATUS_UNKNOWN 2 194 195 typedef struct ocsp_cert_status_st OCSP_CERTSTATUS; 196 typedef struct ocsp_single_response_st OCSP_SINGLERESP; 197 198 SKM_DEFINE_STACK_OF_INTERNAL(OCSP_SINGLERESP, OCSP_SINGLERESP, OCSP_SINGLERESP) 199 #define sk_OCSP_SINGLERESP_num(sk) OPENSSL_sk_num(ossl_check_const_OCSP_SINGLERESP_sk_type(sk)) 200 #define sk_OCSP_SINGLERESP_value(sk, idx) ((OCSP_SINGLERESP *)OPENSSL_sk_value(ossl_check_const_OCSP_SINGLERESP_sk_type(sk), (idx))) 201 #define sk_OCSP_SINGLERESP_new(cmp) ((STACK_OF(OCSP_SINGLERESP) *)OPENSSL_sk_new(ossl_check_OCSP_SINGLERESP_compfunc_type(cmp))) 202 #define sk_OCSP_SINGLERESP_new_null() ((STACK_OF(OCSP_SINGLERESP) *)OPENSSL_sk_new_null()) 203 #define sk_OCSP_SINGLERESP_new_reserve(cmp, n) ((STACK_OF(OCSP_SINGLERESP) *)OPENSSL_sk_new_reserve(ossl_check_OCSP_SINGLERESP_compfunc_type(cmp), (n))) 204 #define sk_OCSP_SINGLERESP_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_OCSP_SINGLERESP_sk_type(sk), (n)) 205 #define sk_OCSP_SINGLERESP_free(sk) OPENSSL_sk_free(ossl_check_OCSP_SINGLERESP_sk_type(sk)) 206 #define sk_OCSP_SINGLERESP_zero(sk) OPENSSL_sk_zero(ossl_check_OCSP_SINGLERESP_sk_type(sk)) 207 #define sk_OCSP_SINGLERESP_delete(sk, i) ((OCSP_SINGLERESP *)OPENSSL_sk_delete(ossl_check_OCSP_SINGLERESP_sk_type(sk), (i))) 208 #define sk_OCSP_SINGLERESP_delete_ptr(sk, ptr) ((OCSP_SINGLERESP *)OPENSSL_sk_delete_ptr(ossl_check_OCSP_SINGLERESP_sk_type(sk), ossl_check_OCSP_SINGLERESP_type(ptr))) 209 #define sk_OCSP_SINGLERESP_push(sk, ptr) OPENSSL_sk_push(ossl_check_OCSP_SINGLERESP_sk_type(sk), ossl_check_OCSP_SINGLERESP_type(ptr)) 210 #define sk_OCSP_SINGLERESP_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_OCSP_SINGLERESP_sk_type(sk), ossl_check_OCSP_SINGLERESP_type(ptr)) 211 #define sk_OCSP_SINGLERESP_pop(sk) ((OCSP_SINGLERESP *)OPENSSL_sk_pop(ossl_check_OCSP_SINGLERESP_sk_type(sk))) 212 #define sk_OCSP_SINGLERESP_shift(sk) ((OCSP_SINGLERESP *)OPENSSL_sk_shift(ossl_check_OCSP_SINGLERESP_sk_type(sk))) 213 #define sk_OCSP_SINGLERESP_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_OCSP_SINGLERESP_sk_type(sk),ossl_check_OCSP_SINGLERESP_freefunc_type(freefunc)) 214 #define sk_OCSP_SINGLERESP_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_OCSP_SINGLERESP_sk_type(sk), ossl_check_OCSP_SINGLERESP_type(ptr), (idx)) 215 #define sk_OCSP_SINGLERESP_set(sk, idx, ptr) ((OCSP_SINGLERESP *)OPENSSL_sk_set(ossl_check_OCSP_SINGLERESP_sk_type(sk), (idx), ossl_check_OCSP_SINGLERESP_type(ptr))) 216 #define sk_OCSP_SINGLERESP_find(sk, ptr) OPENSSL_sk_find(ossl_check_OCSP_SINGLERESP_sk_type(sk), ossl_check_OCSP_SINGLERESP_type(ptr)) 217 #define sk_OCSP_SINGLERESP_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_OCSP_SINGLERESP_sk_type(sk), ossl_check_OCSP_SINGLERESP_type(ptr)) 218 #define sk_OCSP_SINGLERESP_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_OCSP_SINGLERESP_sk_type(sk), ossl_check_OCSP_SINGLERESP_type(ptr), pnum) 219 #define sk_OCSP_SINGLERESP_sort(sk) OPENSSL_sk_sort(ossl_check_OCSP_SINGLERESP_sk_type(sk)) 220 #define sk_OCSP_SINGLERESP_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_OCSP_SINGLERESP_sk_type(sk)) 221 #define sk_OCSP_SINGLERESP_dup(sk) ((STACK_OF(OCSP_SINGLERESP) *)OPENSSL_sk_dup(ossl_check_const_OCSP_SINGLERESP_sk_type(sk))) 222 #define sk_OCSP_SINGLERESP_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(OCSP_SINGLERESP) *)OPENSSL_sk_deep_copy(ossl_check_const_OCSP_SINGLERESP_sk_type(sk), ossl_check_OCSP_SINGLERESP_copyfunc_type(copyfunc), ossl_check_OCSP_SINGLERESP_freefunc_type(freefunc))) 223 #define sk_OCSP_SINGLERESP_set_cmp_func(sk, cmp) ((sk_OCSP_SINGLERESP_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_OCSP_SINGLERESP_sk_type(sk), ossl_check_OCSP_SINGLERESP_compfunc_type(cmp))) 224 225 226 typedef struct ocsp_response_data_st OCSP_RESPDATA; 227 228 typedef struct ocsp_basic_response_st OCSP_BASICRESP; 229 230 typedef struct ocsp_crl_id_st OCSP_CRLID; 231 typedef struct ocsp_service_locator_st OCSP_SERVICELOC; 232 233 # define PEM_STRING_OCSP_REQUEST "OCSP REQUEST" 234 # define PEM_STRING_OCSP_RESPONSE "OCSP RESPONSE" 235 236 # define d2i_OCSP_REQUEST_bio(bp,p) ASN1_d2i_bio_of(OCSP_REQUEST,OCSP_REQUEST_new,d2i_OCSP_REQUEST,bp,p) 237 238 # define d2i_OCSP_RESPONSE_bio(bp,p) ASN1_d2i_bio_of(OCSP_RESPONSE,OCSP_RESPONSE_new,d2i_OCSP_RESPONSE,bp,p) 239 240 # define PEM_read_bio_OCSP_REQUEST(bp,x,cb) (OCSP_REQUEST *)PEM_ASN1_read_bio( \ 241 (char *(*)())d2i_OCSP_REQUEST,PEM_STRING_OCSP_REQUEST, \ 242 bp,(char **)(x),cb,NULL) 243 244 # define PEM_read_bio_OCSP_RESPONSE(bp,x,cb) (OCSP_RESPONSE *)PEM_ASN1_read_bio(\ 245 (char *(*)())d2i_OCSP_RESPONSE,PEM_STRING_OCSP_RESPONSE, \ 246 bp,(char **)(x),cb,NULL) 247 248 # define PEM_write_bio_OCSP_REQUEST(bp,o) \ 249 PEM_ASN1_write_bio((int (*)())i2d_OCSP_REQUEST,PEM_STRING_OCSP_REQUEST,\ 250 bp,(char *)(o), NULL,NULL,0,NULL,NULL) 251 252 # define PEM_write_bio_OCSP_RESPONSE(bp,o) \ 253 PEM_ASN1_write_bio((int (*)())i2d_OCSP_RESPONSE,PEM_STRING_OCSP_RESPONSE,\ 254 bp,(char *)(o), NULL,NULL,0,NULL,NULL) 255 256 # define i2d_OCSP_RESPONSE_bio(bp,o) ASN1_i2d_bio_of(OCSP_RESPONSE,i2d_OCSP_RESPONSE,bp,o) 257 258 # define i2d_OCSP_REQUEST_bio(bp,o) ASN1_i2d_bio_of(OCSP_REQUEST,i2d_OCSP_REQUEST,bp,o) 259 260 # define ASN1_BIT_STRING_digest(data,type,md,len) \ 261 ASN1_item_digest(ASN1_ITEM_rptr(ASN1_BIT_STRING),type,data,md,len) 262 263 # define OCSP_CERTSTATUS_dup(cs)\ 264 (OCSP_CERTSTATUS*)ASN1_dup((i2d_of_void *)i2d_OCSP_CERTSTATUS,\ 265 (d2i_of_void *)d2i_OCSP_CERTSTATUS,(char *)(cs)) 266 267 DECLARE_ASN1_DUP_FUNCTION(OCSP_CERTID) 268 269 OSSL_HTTP_REQ_CTX *OCSP_sendreq_new(BIO *io, const char *path, 270 const OCSP_REQUEST *req, int buf_size); 271 OCSP_RESPONSE *OCSP_sendreq_bio(BIO *b, const char *path, OCSP_REQUEST *req); 272 273 # ifndef OPENSSL_NO_DEPRECATED_3_0 274 typedef OSSL_HTTP_REQ_CTX OCSP_REQ_CTX; 275 # define OCSP_REQ_CTX_new(io, buf_size) \ 276 OSSL_HTTP_REQ_CTX_new(io, io, buf_size) 277 # define OCSP_REQ_CTX_free OSSL_HTTP_REQ_CTX_free 278 # define OCSP_REQ_CTX_http(rctx, op, path) \ 279 (OSSL_HTTP_REQ_CTX_set_expected(rctx, NULL, 1 /* asn1 */, 0, 0) && \ 280 OSSL_HTTP_REQ_CTX_set_request_line(rctx, strcmp(op, "POST") == 0, \ 281 NULL, NULL, path)) 282 # define OCSP_REQ_CTX_add1_header OSSL_HTTP_REQ_CTX_add1_header 283 # define OCSP_REQ_CTX_i2d(r, it, req) \ 284 OSSL_HTTP_REQ_CTX_set1_req(r, "application/ocsp-request", it, req) 285 # define OCSP_REQ_CTX_set1_req(r, req) \ 286 OCSP_REQ_CTX_i2d(r, ASN1_ITEM_rptr(OCSP_REQUEST), (ASN1_VALUE *)(req)) 287 # define OCSP_REQ_CTX_nbio OSSL_HTTP_REQ_CTX_nbio 288 # define OCSP_REQ_CTX_nbio_d2i OSSL_HTTP_REQ_CTX_nbio_d2i 289 # define OCSP_sendreq_nbio(p, r) \ 290 OSSL_HTTP_REQ_CTX_nbio_d2i(r, (ASN1_VALUE **)(p), \ 291 ASN1_ITEM_rptr(OCSP_RESPONSE)) 292 # define OCSP_REQ_CTX_get0_mem_bio OSSL_HTTP_REQ_CTX_get0_mem_bio 293 # define OCSP_set_max_response_length OSSL_HTTP_REQ_CTX_set_max_response_length 294 # endif 295 296 OCSP_CERTID *OCSP_cert_to_id(const EVP_MD *dgst, const X509 *subject, 297 const X509 *issuer); 298 299 OCSP_CERTID *OCSP_cert_id_new(const EVP_MD *dgst, 300 const X509_NAME *issuerName, 301 const ASN1_BIT_STRING *issuerKey, 302 const ASN1_INTEGER *serialNumber); 303 304 OCSP_ONEREQ *OCSP_request_add0_id(OCSP_REQUEST *req, OCSP_CERTID *cid); 305 306 int OCSP_request_add1_nonce(OCSP_REQUEST *req, unsigned char *val, int len); 307 int OCSP_basic_add1_nonce(OCSP_BASICRESP *resp, unsigned char *val, int len); 308 int OCSP_check_nonce(OCSP_REQUEST *req, OCSP_BASICRESP *bs); 309 int OCSP_copy_nonce(OCSP_BASICRESP *resp, OCSP_REQUEST *req); 310 311 int OCSP_request_set1_name(OCSP_REQUEST *req, const X509_NAME *nm); 312 int OCSP_request_add1_cert(OCSP_REQUEST *req, X509 *cert); 313 314 int OCSP_request_sign(OCSP_REQUEST *req, 315 X509 *signer, 316 EVP_PKEY *key, 317 const EVP_MD *dgst, 318 STACK_OF(X509) *certs, unsigned long flags); 319 320 int OCSP_response_status(OCSP_RESPONSE *resp); 321 OCSP_BASICRESP *OCSP_response_get1_basic(OCSP_RESPONSE *resp); 322 323 const ASN1_OCTET_STRING *OCSP_resp_get0_signature(const OCSP_BASICRESP *bs); 324 const X509_ALGOR *OCSP_resp_get0_tbs_sigalg(const OCSP_BASICRESP *bs); 325 const OCSP_RESPDATA *OCSP_resp_get0_respdata(const OCSP_BASICRESP *bs); 326 int OCSP_resp_get0_signer(OCSP_BASICRESP *bs, X509 **signer, 327 STACK_OF(X509) *extra_certs); 328 329 int OCSP_resp_count(OCSP_BASICRESP *bs); 330 OCSP_SINGLERESP *OCSP_resp_get0(OCSP_BASICRESP *bs, int idx); 331 const ASN1_GENERALIZEDTIME *OCSP_resp_get0_produced_at(const OCSP_BASICRESP* bs); 332 const STACK_OF(X509) *OCSP_resp_get0_certs(const OCSP_BASICRESP *bs); 333 int OCSP_resp_get0_id(const OCSP_BASICRESP *bs, 334 const ASN1_OCTET_STRING **pid, 335 const X509_NAME **pname); 336 int OCSP_resp_get1_id(const OCSP_BASICRESP *bs, 337 ASN1_OCTET_STRING **pid, 338 X509_NAME **pname); 339 340 int OCSP_resp_find(OCSP_BASICRESP *bs, OCSP_CERTID *id, int last); 341 int OCSP_single_get0_status(OCSP_SINGLERESP *single, int *reason, 342 ASN1_GENERALIZEDTIME **revtime, 343 ASN1_GENERALIZEDTIME **thisupd, 344 ASN1_GENERALIZEDTIME **nextupd); 345 int OCSP_resp_find_status(OCSP_BASICRESP *bs, OCSP_CERTID *id, int *status, 346 int *reason, 347 ASN1_GENERALIZEDTIME **revtime, 348 ASN1_GENERALIZEDTIME **thisupd, 349 ASN1_GENERALIZEDTIME **nextupd); 350 int OCSP_check_validity(ASN1_GENERALIZEDTIME *thisupd, 351 ASN1_GENERALIZEDTIME *nextupd, long sec, long maxsec); 352 353 int OCSP_request_verify(OCSP_REQUEST *req, STACK_OF(X509) *certs, 354 X509_STORE *store, unsigned long flags); 355 356 # define OCSP_parse_url(url, host, port, path, ssl) \ 357 OSSL_HTTP_parse_url(url, ssl, NULL, host, port, NULL, path, NULL, NULL) 358 359 int OCSP_id_issuer_cmp(const OCSP_CERTID *a, const OCSP_CERTID *b); 360 int OCSP_id_cmp(const OCSP_CERTID *a, const OCSP_CERTID *b); 361 362 int OCSP_request_onereq_count(OCSP_REQUEST *req); 363 OCSP_ONEREQ *OCSP_request_onereq_get0(OCSP_REQUEST *req, int i); 364 OCSP_CERTID *OCSP_onereq_get0_id(OCSP_ONEREQ *one); 365 int OCSP_id_get0_info(ASN1_OCTET_STRING **piNameHash, ASN1_OBJECT **pmd, 366 ASN1_OCTET_STRING **pikeyHash, 367 ASN1_INTEGER **pserial, OCSP_CERTID *cid); 368 int OCSP_request_is_signed(OCSP_REQUEST *req); 369 OCSP_RESPONSE *OCSP_response_create(int status, OCSP_BASICRESP *bs); 370 OCSP_SINGLERESP *OCSP_basic_add1_status(OCSP_BASICRESP *rsp, 371 OCSP_CERTID *cid, 372 int status, int reason, 373 ASN1_TIME *revtime, 374 ASN1_TIME *thisupd, 375 ASN1_TIME *nextupd); 376 int OCSP_basic_add1_cert(OCSP_BASICRESP *resp, X509 *cert); 377 int OCSP_basic_sign(OCSP_BASICRESP *brsp, 378 X509 *signer, EVP_PKEY *key, const EVP_MD *dgst, 379 STACK_OF(X509) *certs, unsigned long flags); 380 int OCSP_basic_sign_ctx(OCSP_BASICRESP *brsp, 381 X509 *signer, EVP_MD_CTX *ctx, 382 STACK_OF(X509) *certs, unsigned long flags); 383 int OCSP_RESPID_set_by_name(OCSP_RESPID *respid, X509 *cert); 384 int OCSP_RESPID_set_by_key_ex(OCSP_RESPID *respid, X509 *cert, 385 OSSL_LIB_CTX *libctx, const char *propq); 386 int OCSP_RESPID_set_by_key(OCSP_RESPID *respid, X509 *cert); 387 int OCSP_RESPID_match_ex(OCSP_RESPID *respid, X509 *cert, OSSL_LIB_CTX *libctx, 388 const char *propq); 389 int OCSP_RESPID_match(OCSP_RESPID *respid, X509 *cert); 390 391 X509_EXTENSION *OCSP_crlID_new(const char *url, long *n, char *tim); 392 393 X509_EXTENSION *OCSP_accept_responses_new(char **oids); 394 395 X509_EXTENSION *OCSP_archive_cutoff_new(char *tim); 396 397 X509_EXTENSION *OCSP_url_svcloc_new(const X509_NAME *issuer, const char **urls); 398 399 int OCSP_REQUEST_get_ext_count(OCSP_REQUEST *x); 400 int OCSP_REQUEST_get_ext_by_NID(OCSP_REQUEST *x, int nid, int lastpos); 401 int OCSP_REQUEST_get_ext_by_OBJ(OCSP_REQUEST *x, const ASN1_OBJECT *obj, 402 int lastpos); 403 int OCSP_REQUEST_get_ext_by_critical(OCSP_REQUEST *x, int crit, int lastpos); 404 X509_EXTENSION *OCSP_REQUEST_get_ext(OCSP_REQUEST *x, int loc); 405 X509_EXTENSION *OCSP_REQUEST_delete_ext(OCSP_REQUEST *x, int loc); 406 void *OCSP_REQUEST_get1_ext_d2i(OCSP_REQUEST *x, int nid, int *crit, 407 int *idx); 408 int OCSP_REQUEST_add1_ext_i2d(OCSP_REQUEST *x, int nid, void *value, int crit, 409 unsigned long flags); 410 int OCSP_REQUEST_add_ext(OCSP_REQUEST *x, X509_EXTENSION *ex, int loc); 411 412 int OCSP_ONEREQ_get_ext_count(OCSP_ONEREQ *x); 413 int OCSP_ONEREQ_get_ext_by_NID(OCSP_ONEREQ *x, int nid, int lastpos); 414 int OCSP_ONEREQ_get_ext_by_OBJ(OCSP_ONEREQ *x, const ASN1_OBJECT *obj, int lastpos); 415 int OCSP_ONEREQ_get_ext_by_critical(OCSP_ONEREQ *x, int crit, int lastpos); 416 X509_EXTENSION *OCSP_ONEREQ_get_ext(OCSP_ONEREQ *x, int loc); 417 X509_EXTENSION *OCSP_ONEREQ_delete_ext(OCSP_ONEREQ *x, int loc); 418 void *OCSP_ONEREQ_get1_ext_d2i(OCSP_ONEREQ *x, int nid, int *crit, int *idx); 419 int OCSP_ONEREQ_add1_ext_i2d(OCSP_ONEREQ *x, int nid, void *value, int crit, 420 unsigned long flags); 421 int OCSP_ONEREQ_add_ext(OCSP_ONEREQ *x, X509_EXTENSION *ex, int loc); 422 423 int OCSP_BASICRESP_get_ext_count(OCSP_BASICRESP *x); 424 int OCSP_BASICRESP_get_ext_by_NID(OCSP_BASICRESP *x, int nid, int lastpos); 425 int OCSP_BASICRESP_get_ext_by_OBJ(OCSP_BASICRESP *x, const ASN1_OBJECT *obj, 426 int lastpos); 427 int OCSP_BASICRESP_get_ext_by_critical(OCSP_BASICRESP *x, int crit, 428 int lastpos); 429 X509_EXTENSION *OCSP_BASICRESP_get_ext(OCSP_BASICRESP *x, int loc); 430 X509_EXTENSION *OCSP_BASICRESP_delete_ext(OCSP_BASICRESP *x, int loc); 431 void *OCSP_BASICRESP_get1_ext_d2i(OCSP_BASICRESP *x, int nid, int *crit, 432 int *idx); 433 int OCSP_BASICRESP_add1_ext_i2d(OCSP_BASICRESP *x, int nid, void *value, 434 int crit, unsigned long flags); 435 int OCSP_BASICRESP_add_ext(OCSP_BASICRESP *x, X509_EXTENSION *ex, int loc); 436 437 int OCSP_SINGLERESP_get_ext_count(OCSP_SINGLERESP *x); 438 int OCSP_SINGLERESP_get_ext_by_NID(OCSP_SINGLERESP *x, int nid, int lastpos); 439 int OCSP_SINGLERESP_get_ext_by_OBJ(OCSP_SINGLERESP *x, const ASN1_OBJECT *obj, 440 int lastpos); 441 int OCSP_SINGLERESP_get_ext_by_critical(OCSP_SINGLERESP *x, int crit, 442 int lastpos); 443 X509_EXTENSION *OCSP_SINGLERESP_get_ext(OCSP_SINGLERESP *x, int loc); 444 X509_EXTENSION *OCSP_SINGLERESP_delete_ext(OCSP_SINGLERESP *x, int loc); 445 void *OCSP_SINGLERESP_get1_ext_d2i(OCSP_SINGLERESP *x, int nid, int *crit, 446 int *idx); 447 int OCSP_SINGLERESP_add1_ext_i2d(OCSP_SINGLERESP *x, int nid, void *value, 448 int crit, unsigned long flags); 449 int OCSP_SINGLERESP_add_ext(OCSP_SINGLERESP *x, X509_EXTENSION *ex, int loc); 450 const OCSP_CERTID *OCSP_SINGLERESP_get0_id(const OCSP_SINGLERESP *x); 451 452 DECLARE_ASN1_FUNCTIONS(OCSP_SINGLERESP) 453 DECLARE_ASN1_FUNCTIONS(OCSP_CERTSTATUS) 454 DECLARE_ASN1_FUNCTIONS(OCSP_REVOKEDINFO) 455 DECLARE_ASN1_FUNCTIONS(OCSP_BASICRESP) 456 DECLARE_ASN1_FUNCTIONS(OCSP_RESPDATA) 457 DECLARE_ASN1_FUNCTIONS(OCSP_RESPID) 458 DECLARE_ASN1_FUNCTIONS(OCSP_RESPONSE) 459 DECLARE_ASN1_FUNCTIONS(OCSP_RESPBYTES) 460 DECLARE_ASN1_FUNCTIONS(OCSP_ONEREQ) 461 DECLARE_ASN1_FUNCTIONS(OCSP_CERTID) 462 DECLARE_ASN1_FUNCTIONS(OCSP_REQUEST) 463 DECLARE_ASN1_FUNCTIONS(OCSP_SIGNATURE) 464 DECLARE_ASN1_FUNCTIONS(OCSP_REQINFO) 465 DECLARE_ASN1_FUNCTIONS(OCSP_CRLID) 466 DECLARE_ASN1_FUNCTIONS(OCSP_SERVICELOC) 467 468 const char *OCSP_response_status_str(long s); 469 const char *OCSP_cert_status_str(long s); 470 const char *OCSP_crl_reason_str(long s); 471 472 int OCSP_REQUEST_print(BIO *bp, OCSP_REQUEST *a, unsigned long flags); 473 int OCSP_RESPONSE_print(BIO *bp, OCSP_RESPONSE *o, unsigned long flags); 474 475 int OCSP_basic_verify(OCSP_BASICRESP *bs, STACK_OF(X509) *certs, 476 X509_STORE *st, unsigned long flags); 477 478 479 # ifdef __cplusplus 480 } 481 # endif 482 # endif /* !defined(OPENSSL_NO_OCSP) */ 483 #endif 484