From be6aeda6474a77e97b344f300334f5fe3612e4b4 Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Fri, 20 Mar 2020 14:54:55 +0000 Subject: Add OCSP_RESPID_set_by_key_ex() and OCSP_RESPID_match_ex() OCSP_RESPID_set_by_key() calculates a SHA1 hash of the supplied certificate. We need to be able to specify which libctx and property query string is used to fetch that algorithm so we introduce OCSP_RESPID_set_by_key_ex() which does the same thing but enables you to speicfy the library context and propery query string explicitly. OCSP_RESPID_match() matches with certificates based on the SHA1 hash. Therefore for the same reason we introduce OCSP_RESPID_match_ex(). Reviewed-by: Shane Lontis (Merged from https://github.com/openssl/openssl/pull/11407) --- include/openssl/ocsp.h | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'include') diff --git a/include/openssl/ocsp.h b/include/openssl/ocsp.h index 5acd04b6ea..b9f55c0123 100644 --- a/include/openssl/ocsp.h +++ b/include/openssl/ocsp.h @@ -277,7 +277,11 @@ int OCSP_basic_sign_ctx(OCSP_BASICRESP *brsp, X509 *signer, EVP_MD_CTX *ctx, STACK_OF(X509) *certs, unsigned long flags); int OCSP_RESPID_set_by_name(OCSP_RESPID *respid, X509 *cert); +int OCSP_RESPID_set_by_key_ex(OCSP_RESPID *respid, X509 *cert, + OPENSSL_CTX *libctx, const char *propq); int OCSP_RESPID_set_by_key(OCSP_RESPID *respid, X509 *cert); +int OCSP_RESPID_match_ex(OCSP_RESPID *respid, X509 *cert, OPENSSL_CTX *libctx, + const char *propq); int OCSP_RESPID_match(OCSP_RESPID *respid, X509 *cert); X509_EXTENSION *OCSP_crlID_new(const char *url, long *n, char *tim); -- cgit v1.2.3