abc/GmSSL
1
0
Fork 0
mirror of https://github.com/guanzhi/GmSSL.git synced 2026-06-27 15:43:42 +08:00
Code Issues Packages Projects Releases Wiki Activity

Update OCSP

Browse Source
This commit is contained in:
Zhi Guan
2026-06-19 11:56:45 +08:00
parent 12aeed4986
commit 47c9fa8e4f
11 changed files with 302 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
include/gmssl/ocsp.h
View File

@@ -313,6 +313,9 @@ int ocsp_verify(OCSP_SIGN_CTX *ctx,
const uint8_t *signer_cert, size_t signer_cert_len,
const char *signer_id, size_t signer_id_len,
int *reason);
int ocsp_response_get_signer_cert(const uint8_t *resp, size_t resplen,
const uint8_t *certs, size_t certs_len,
const uint8_t **signer_cert, size_t *signer_cert_len);
#ifdef __cplusplus

2
include/gmssl/version.h
View File

@@ -18,7 +18,7 @@ extern "C" {
#define GMSSL_VERSION_NUM 30200
#define GMSSL_VERSION_STR "GmSSL 3.2.0-dev.1102"
#define GMSSL_VERSION_STR "GmSSL 3.2.0-dev.1103"
int gmssl_version_num(void);
const char *gmssl_version_str(void);

6
include/gmssl/x509_cer.h
View File

@@ -329,6 +329,7 @@ typedef enum {
X509_cert_ca,
X509_cert_root_ca,
X509_cert_crl_sign,
X509_cert_ocsp_signing,
} X509_CERT_TYPE;
int x509_cert_check(const uint8_t *cert, size_t certlen, int cert_type);
@@ -338,6 +339,9 @@ int x509_cert_check_name_constraints(const uint8_t *cert, size_t certlen,
int x509_cert_is_self_issued(const uint8_t *cert, size_t certlen);
int x509_tlcp_cert_pair_entity_match(const uint8_t *sign_cert, size_t sign_certlen,
const uint8_t *kenc_cert, size_t kenc_certlen);
int x509_cert_verify_by_ocsp_response(const uint8_t *cert, size_t certlen,
const uint8_t *issuer_cert, size_t issuer_certlen,
const uint8_t *ocsp, size_t ocsp_len);
/*
IssuerAndSerialNumber ::= SEQUENCE {
@@ -382,10 +386,12 @@ typedef enum {
int x509_certs_verify(const uint8_t *certs, size_t certslen, int certs_type,
const uint8_t *rootcerts, size_t rootcertslen,
const uint8_t *crl, size_t crl_len,
const uint8_t *ocsp, size_t ocsp_len,
int depth, int *verify_result);
int x509_certs_verify_tlcp(const uint8_t *certs, size_t certslen, int certs_type,
const uint8_t *rootcerts, size_t rootcertslen,
const uint8_t *crl, size_t crl_len,
const uint8_t *ocsp, size_t ocsp_len,
int depth, int *verify_result);
int x509_certs_check_name_constraints(const uint8_t *cert_chain, size_t cert_chain_len,
const uint8_t *rootcacert, size_t rootcacertlen);