Lines Matching refs:ocsp
65 OCSPBasicOCSPResponse ocsp; member
124 free_ocsp(struct revoke_ocsp *ocsp) in free_ocsp() argument
126 free(ocsp->path); in free_ocsp()
127 free_OCSPBasicOCSPResponse(&ocsp->ocsp); in free_ocsp()
128 hx509_certs_free(&ocsp->certs); in free_ocsp()
129 hx509_cert_free(ocsp->signer); in free_ocsp()
171 struct revoke_ocsp *ocsp, in verify_ocsp() argument
191 switch(ocsp->ocsp.tbsResponseData.responderID.element) { in verify_ocsp()
194 q.subject_name = &ocsp->ocsp.tbsResponseData.responderID.u.byName; in verify_ocsp()
198 q.keyhash_sha1 = &ocsp->ocsp.tbsResponseData.responderID.u.byKey; in verify_ocsp()
203 if (ret && ocsp->certs) in verify_ocsp()
204 ret = hx509_certs_find(context, ocsp->certs, &q, &signer); in verify_ocsp()
244 &ocsp->ocsp.signatureAlgorithm, in verify_ocsp()
245 &ocsp->ocsp.tbsResponseData._save, in verify_ocsp()
246 &ocsp->ocsp.signature); in verify_ocsp()
253 ocsp->signer = signer; in verify_ocsp()
326 load_ocsp(hx509_context context, struct revoke_ocsp *ocsp) in load_ocsp() argument
335 ret = rk_undumpdata(ocsp->path, &data, &length); in load_ocsp()
339 ret = stat(ocsp->path, &sb); in load_ocsp()
375 ocsp->last_modfied = sb.st_mtime; in load_ocsp()
377 free_OCSPBasicOCSPResponse(&ocsp->ocsp); in load_ocsp()
378 hx509_certs_free(&ocsp->certs); in load_ocsp()
379 hx509_cert_free(ocsp->signer); in load_ocsp()
381 ocsp->ocsp = basic; in load_ocsp()
382 ocsp->certs = certs; in load_ocsp()
383 ocsp->signer = NULL; in load_ocsp()
694 struct revoke_ocsp *ocsp = &ctx->ocsps.val[i]; in hx509_revoke_verify() local
700 ret = stat(ocsp->path, &sb); in hx509_revoke_verify()
701 if (ret == 0 && ocsp->last_modfied != sb.st_mtime) { in hx509_revoke_verify()
702 ret = load_ocsp(context, ocsp); in hx509_revoke_verify()
708 if (ocsp->signer == NULL) { in hx509_revoke_verify()
709 ret = verify_ocsp(context, ocsp, now, certs, parent_cert); in hx509_revoke_verify()
714 for (j = 0; j < ocsp->ocsp.tbsResponseData.responses.len; j++) { in hx509_revoke_verify()
717 ret = der_heim_integer_cmp(&ocsp->ocsp.tbsResponseData.responses.val[j].certID.serialNumber, in hx509_revoke_verify()
725 &ocsp->ocsp.tbsResponseData.responses.val[i].certID.hashAlgorithm, in hx509_revoke_verify()
727 &ocsp->ocsp.tbsResponseData.responses.val[i].certID.issuerNameHash); in hx509_revoke_verify()
736 &ocsp->ocsp.tbsResponseData.responses.val[j].certID.hashAlgorithm, in hx509_revoke_verify()
738 &ocsp->ocsp.tbsResponseData.responses.val[j].certID.issuerKeyHash); in hx509_revoke_verify()
742 switch (ocsp->ocsp.tbsResponseData.responses.val[j].certStatus.element) { in hx509_revoke_verify()
755 if (ocsp->ocsp.tbsResponseData.responses.val[j].thisUpdate > in hx509_revoke_verify()
760 if (ocsp->ocsp.tbsResponseData.responses.val[j].nextUpdate) { in hx509_revoke_verify()
761 if (*ocsp->ocsp.tbsResponseData.responses.val[j].nextUpdate < now) in hx509_revoke_verify()
1082 struct revoke_ocsp ocsp; in hx509_revoke_ocsp_print() local
1089 memset(&ocsp, 0, sizeof(ocsp)); in hx509_revoke_ocsp_print()
1091 ocsp.path = strdup(path); in hx509_revoke_ocsp_print()
1092 if (ocsp.path == NULL) in hx509_revoke_ocsp_print()
1095 ret = load_ocsp(context, &ocsp); in hx509_revoke_ocsp_print()
1097 free_ocsp(&ocsp); in hx509_revoke_ocsp_print()
1103 switch(ocsp.ocsp.tbsResponseData.responderID.element) { in hx509_revoke_ocsp_print()
1107 _hx509_name_from_Name(&ocsp.ocsp.tbsResponseData.responderID.u.byName, &n); in hx509_revoke_ocsp_print()
1116 hex_encode(ocsp.ocsp.tbsResponseData.responderID.u.byKey.data, in hx509_revoke_ocsp_print()
1117 ocsp.ocsp.tbsResponseData.responderID.u.byKey.length, in hx509_revoke_ocsp_print()
1129 printable_time(ocsp.ocsp.tbsResponseData.producedAt)); in hx509_revoke_ocsp_print()
1131 fprintf(out, "replies: %d\n", ocsp.ocsp.tbsResponseData.responses.len); in hx509_revoke_ocsp_print()
1133 for (i = 0; i < ocsp.ocsp.tbsResponseData.responses.len; i++) { in hx509_revoke_ocsp_print()
1135 switch (ocsp.ocsp.tbsResponseData.responses.val[i].certStatus.element) { in hx509_revoke_ocsp_print()
1152 printable_time(ocsp.ocsp.tbsResponseData.responses.val[i].thisUpdate)); in hx509_revoke_ocsp_print()
1153 if (ocsp.ocsp.tbsResponseData.responses.val[i].nextUpdate) in hx509_revoke_ocsp_print()
1155 printable_time(ocsp.ocsp.tbsResponseData.responses.val[i].thisUpdate)); in hx509_revoke_ocsp_print()
1160 if (ocsp.certs) in hx509_revoke_ocsp_print()
1161 ret = hx509_certs_iter_f(context, ocsp.certs, hx509_ci_print_names, out); in hx509_revoke_ocsp_print()
1163 free_ocsp(&ocsp); in hx509_revoke_ocsp_print()