Sortix volatile manual
This manual documents Sortix volatile, a development build that has not been officially released. You can instead view this document in the latest official manual.
| OCSP_RESPONSE_STATUS(3) | Library Functions Manual | OCSP_RESPONSE_STATUS(3) |
NAME
OCSP_RESPONSE_new,
OCSP_RESPONSE_free,
OCSP_RESPBYTES_new,
OCSP_RESPBYTES_free,
OCSP_BASICRESP_new,
OCSP_BASICRESP_free,
OCSP_RESPDATA_new,
OCSP_RESPDATA_free,
OCSP_RESPID_new,
OCSP_RESPID_free,
OCSP_response_create,
OCSP_response_status,
OCSP_response_status_str,
OCSP_response_get1_basic,
OCSP_basic_sign — OCSP
response functions
SYNOPSIS
#include
<openssl/ocsp.h>
OCSP_RESPONSE *
OCSP_RESPONSE_new(void);
void
OCSP_RESPONSE_free(OCSP_RESPONSE
*resp);
OCSP_RESPBYTES *
OCSP_RESPBYTES_new(void);
void
OCSP_RESPBYTES_free(OCSP_RESPBYTES
*respbytes);
OCSP_BASICRESP *
OCSP_BASICRESP_new(void);
void
OCSP_BASICRESP_free(OCSP_BASICRESP
*bs);
OCSP_RESPDATA *
OCSP_RESPDATA_new(void);
void
OCSP_RESPDATA_free(OCSP_RESPDATA
*respdata);
OCSP_RESPID *
OCSP_RESPID_new(void);
void
OCSP_RESPID_free(OCSP_RESPID
*respid);
OCSP_RESPONSE *
OCSP_response_create(int status,
OCSP_BASICRESP *bs);
int
OCSP_response_status(OCSP_RESPONSE
*resp);
const char *
OCSP_response_status_str(long
code);
OCSP_BASICRESP *
OCSP_response_get1_basic(OCSP_RESPONSE
*resp);
int
OCSP_basic_sign(OCSP_BASICRESP
*bs, X509 *signer, EVP_PKEY
*key, const EVP_MD *dgst,
STACK_OF(X509) *certs, unsigned long
flags);
DESCRIPTION
OCSP_RESPONSE_new()
allocates and initializes an empty OCSP_RESPONSE
object, representing an ASN.1 OCSPResponse structure
defined in RFC 6960.
OCSP_RESPONSE_free()
frees resp.
OCSP_RESPBYTES_new()
allocates and initializes an empty OCSP_RESPBYTES
object, representing an ASN.1 ResponseBytes structure
defined in RFC 6960. Such an object is used inside
OCSP_RESPONSE.
OCSP_RESPBYTES_free()
frees respbytes.
OCSP_BASICRESP_new()
allocates and initializes an empty OCSP_BASICRESP
object, representing an ASN.1 BasicOCSPResponse
structure defined in RFC 6960. OCSP_RESPBYTES contains
the DER-encoded form of an OCSP_BASICRESP object.
OCSP_BASICRESP_free()
frees bs.
OCSP_RESPDATA_new()
allocates and initializes an empty OCSP_RESPDATA
object, representing an ASN.1 ResponseData structure
defined in RFC 6960. Such an object is used inside
OCSP_BASICRESP.
OCSP_RESPDATA_free()
frees respdata.
OCSP_RESPID_new()
allocates and initializes an empty OCSP_RESPID object,
representing an ASN.1 ResponderID structure defined in
RFC 6960. Such an object is used inside OCSP_RESPDATA.
OCSP_RESPID_free()
frees respid.
OCSP_response_create()
creates an OCSP_RESPONSE object for
status and optionally including the basic response
bs.
OCSP_response_status()
returns the OCSP response status of resp. It returns
one of the values OCSP_RESPONSE_STATUS_SUCCESSFUL,
OCSP_RESPONSE_STATUS_MALFORMEDREQUEST,
OCSP_RESPONSE_STATUS_INTERNALERROR,
OCSP_RESPONSE_STATUS_TRYLATER,
OCSP_RESPONSE_STATUS_SIGREQUIRED, or
OCSP_RESPONSE_STATUS_UNAUTHORIZED.
OCSP_response_status_str()
converts one of the status codes returned by
OCSP_response_status() to a string consisting of one
word.
OCSP_response_get1_basic()
decodes and returns the OCSP_BASICRESP object
contained in resp. It is only called if the status of
a response is OCSP_RESPONSE_STATUS_SUCCESSFUL.
OCSP_basic_sign()
signs the OCSP response bs using the certificate
signer, the private key key, the
digest dgst, and the additional certificates
certs. If the flags option
OCSP_NOCERTS is set, then no certificates will be
included in the request. If the flags option
OCSP_RESPID_KEY is set, then the responder is
identified by key ID rather than by name.
RETURN VALUES
OCSP_RESPONSE_new() and
OCSP_response_create() return a pointer to an
OCSP_RESPONSE object or NULL
if an error occurred.
OCSP_BASICRESP_new() and
OCSP_response_get1_basic() return a pointer to an
OCSP_BASICRESP object or NULL
if an error occurred.
OCSP_RESPBYTES_new(),
OCSP_RESPDATA_new(), and
OCSP_RESPID_new() return a pointer to an empty
OCSP_RESPBYTES, OCSP_RESPDATA,
or OCSP_RESPID object, respectively, or
NULL if an error occurred.
OCSP_response_status() returns a status
value.
OCSP_response_status_str() returns a
pointer to a static string.
OCSP_basic_sign() return 1 on success or 0
on failure.
SEE ALSO
EVP_DigestInit(3), OCSP_cert_to_id(3), OCSP_request_add1_nonce(3), OCSP_REQUEST_new(3), OCSP_resp_find_status(3), OCSP_sendreq_new(3)
STANDARDS
RFC 6960: X.509 Internet Public Key Infrastructure Online Certificate Status Protocol, section 4.2: Response Syntax
HISTORY
These functions first appeared in OpenSSL 0.9.7 and have been available since OpenBSD 3.2.
| August 27, 2019 | Sortix 1.1.0-dev |