diff options
author | Marek Klein <kleinmrk@gmail.com> | 2016-03-01 16:32:10 +0000 |
---|---|---|
committer | Richard Levitte <levitte@openssl.org> | 2017-05-03 09:04:23 +0200 |
commit | f0ef20bf386b5c37ba5a4ce5c1de9a819bbeffb2 (patch) | |
tree | 3fc8f414a3c10883a8a09fbe621a563d7c29f0a8 /crypto/ts/ts_conf.c | |
parent | 0e534337b24ee7b56480d85f01b9dda923fa42fc (diff) |
Added support for ESSCertIDv2
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/771)
Diffstat (limited to 'crypto/ts/ts_conf.c')
-rw-r--r-- | crypto/ts/ts_conf.c | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/crypto/ts/ts_conf.c b/crypto/ts/ts_conf.c index f5f3934dfd..625089a59b 100644 --- a/crypto/ts/ts_conf.c +++ b/crypto/ts/ts_conf.c @@ -37,6 +37,7 @@ #define ENV_CLOCK_PRECISION_DIGITS "clock_precision_digits" #define ENV_VALUE_YES "yes" #define ENV_VALUE_NO "no" +#define ENV_ESS_CERT_ID_ALG "ess_cert_id_alg" /* Function definitions for certificate and key loading. */ @@ -466,3 +467,27 @@ int TS_CONF_set_ess_cert_id_chain(CONF *conf, const char *section, return ts_CONF_add_flag(conf, section, ENV_ESS_CERT_ID_CHAIN, TS_ESS_CERT_ID_CHAIN, ctx); } + +int TS_CONF_set_ess_cert_id_digest(CONF *conf, const char *section, + TS_RESP_CTX *ctx) +{ + int ret = 0; + const EVP_MD *cert_md = NULL; + const char *md = NCONF_get_string(conf, section, ENV_ESS_CERT_ID_ALG); + + if (md == NULL) + md = "sha1"; + + cert_md = EVP_get_digestbyname(md); + if (cert_md == NULL) { + ts_CONF_invalid(section, ENV_ESS_CERT_ID_ALG); + goto err; + } + + if (!TS_RESP_CTX_set_ess_cert_id_digest(ctx, cert_md)) + goto err; + + ret = 1; +err: + return ret; +} |