diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2001-02-24 13:50:06 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2001-02-24 13:50:06 +0000 |
commit | f196522159a514915e6d749a71febd08e7a09b71 (patch) | |
tree | b493a977d2737a5e5b7972174826b6b7ec867426 /crypto/ocsp/ocsp.h | |
parent | 4ff18c8c3efa9416aabb50fa6e9026c2197c961b (diff) |
New function and options to check OCSP response validity.
Diffstat (limited to 'crypto/ocsp/ocsp.h')
-rw-r--r-- | crypto/ocsp/ocsp.h | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/crypto/ocsp/ocsp.h b/crypto/ocsp/ocsp.h index 18249abc38..bccdf77b4f 100644 --- a/crypto/ocsp/ocsp.h +++ b/crypto/ocsp/ocsp.h @@ -444,6 +444,9 @@ int OCSP_resp_find_status(OCSP_BASICRESP *bs, OCSP_CERTID *id, int *status, ASN1_GENERALIZEDTIME **revtime, ASN1_GENERALIZEDTIME **thisupd, ASN1_GENERALIZEDTIME **nextupd); +int OCSP_check_validity(ASN1_GENERALIZEDTIME *thisupd, + ASN1_GENERALIZEDTIME *nextupd, + long sec, long maxsec); int OCSP_request_verify(OCSP_REQUEST *req, EVP_PKEY *pkey); @@ -569,6 +572,7 @@ void ERR_load_OCSP_strings(void); #define OCSP_F_OCSP_CHECK_DELEGATED 106 #define OCSP_F_OCSP_CHECK_IDS 107 #define OCSP_F_OCSP_CHECK_ISSUER 108 +#define OCSP_F_OCSP_CHECK_VALIDITY 115 #define OCSP_F_OCSP_MATCH_ISSUERID 109 #define OCSP_F_OCSP_PARSE_URL 114 #define OCSP_F_OCSP_REQUEST_SIGN 110 @@ -580,8 +584,11 @@ void ERR_load_OCSP_strings(void); #define OCSP_R_BAD_DATA 100 #define OCSP_R_CERTIFICATE_VERIFY_ERROR 101 #define OCSP_R_DIGEST_ERR 102 +#define OCSP_R_ERROR_IN_NEXTUPDATE_FIELD 122 +#define OCSP_R_ERROR_IN_THISUPDATE_FIELD 123 #define OCSP_R_ERROR_PARSING_URL 121 #define OCSP_R_MISSING_OCSPSIGNING_USAGE 103 +#define OCSP_R_NEXTUPDATE_BEFORE_THISUPDATE 124 #define OCSP_R_NOT_BASIC_RESPONSE 104 #define OCSP_R_NO_CERTIFICATES_IN_CHAIN 105 #define OCSP_R_NO_CONTENT 106 @@ -597,6 +604,9 @@ void ERR_load_OCSP_strings(void); #define OCSP_R_SERVER_WRITE_ERROR 116 #define OCSP_R_SIGNATURE_FAILURE 117 #define OCSP_R_SIGNER_CERTIFICATE_NOT_FOUND 118 +#define OCSP_R_STATUS_EXPIRED 125 +#define OCSP_R_STATUS_NOT_YET_VALID 126 +#define OCSP_R_STATUS_TOO_OLD 127 #define OCSP_R_UNKNOWN_MESSAGE_DIGEST 119 #define OCSP_R_UNKNOWN_NID 120 |