diff options
| author | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2021-07-12 15:34:20 +0200 |
|---|---|---|
| committer | Dr. David von Oheimb <dev@ddvo.net> | 2022-01-04 17:04:56 +0100 |
| commit | b971d4198def0b29654e8fbf7987f7157741aed2 (patch) | |
| tree | 34d74016bed13b911d601c9d3ec20d33d528f80b /doc/internal | |
| parent | acef3b2f84b22c7cdb3cbc02fc8fc7b76cbb6ea7 (diff) | |
CMP mock server: add -ref_cert option and corresponding ossl_cmp_mock_srv_set1_refCert()
Fixes #16041
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16050)
Diffstat (limited to 'doc/internal')
| -rw-r--r-- | doc/internal/man3/ossl_cmp_mock_srv_new.pod | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/doc/internal/man3/ossl_cmp_mock_srv_new.pod b/doc/internal/man3/ossl_cmp_mock_srv_new.pod index 837ca06bb3..cf85139e0a 100644 --- a/doc/internal/man3/ossl_cmp_mock_srv_new.pod +++ b/doc/internal/man3/ossl_cmp_mock_srv_new.pod @@ -4,6 +4,7 @@ ossl_cmp_mock_srv_new, ossl_cmp_mock_srv_free, +ossl_cmp_mock_srv_set1_refCert, ossl_cmp_mock_srv_set1_certOut, ossl_cmp_mock_srv_set1_chainOut, ossl_cmp_mock_srv_set1_caPubsOut, @@ -20,6 +21,7 @@ ossl_cmp_mock_srv_set_checkAfterTime OSSL_CMP_SRV_CTX *ossl_cmp_mock_srv_new(OSSL_LIB_CTX *libctx, const char *propq); void ossl_cmp_mock_srv_free(OSSL_CMP_SRV_CTX *srv_ctx); + int ossl_cmp_mock_srv_set1_refCert(OSSL_CMP_SRV_CTX *srv_ctx, X509 *cert); int ossl_cmp_mock_srv_set1_certOut(OSSL_CMP_SRV_CTX *srv_ctx, X509 *cert); int ossl_cmp_mock_srv_set1_chainOut(OSSL_CMP_SRV_CTX *srv_ctx, STACK_OF(X509) *chain); @@ -39,12 +41,18 @@ I<propq>, both of which may be NULL to select the defaults. ossl_cmp_mock_srv_free() deallocates the contexts for the CMP mock server. +OSSL_CMP_SRV_CTX_set1_refCert() sets the reference certificate to be expected +for rr messages and for any oldCertID included in kur messages. + OSSL_CMP_SRV_CTX_set1_certOut() sets the certificate to be returned in cp/ip/kup. +Note that on each certificate request the mock server does not produce +a fresh certificate but just returns the same pre-existing certificate. OSSL_CMP_SRV_CTX_set1_chainOut() sets the certificate chain to be added to the extraCerts in a cp/ip/kup. -It should to useful to validate B<certOut>. +It should be useful for the validation of the certificate given via +OSSL_CMP_SRV_CTX_set1_certOut(). OSSL_CMP_SRV_CTX_set1_caPubsOut() sets the caPubs to be returned in an ip. |