New OCSP extension functions.

CHANGES

@@ -3,6 +3,10 @@
 
  Changes between 0.9.6 and 0.9.7  [xx XXX 2000]
 
+  *) New extension functions for OCSP structures, these follow the
+     same conventions as certificates and CRLs.
+     [Steve Henson]
+
   *) New function X509V3_add1_i2d(). This automatically encodes and
      adds an extension. Its behaviour can be customised with various
      flags to append, replace or delete. Various wrappers added for

crypto/ocsp/ocsp.h

@@ -444,6 +444,50 @@ X509_EXTENSION *OCSP_archive_cutoff_new(char* tim);
 
 X509_EXTENSION *OCSP_url_svcloc_new(X509_NAME* issuer, char **urls);
 
+int OCSP_REQUEST_get_ext_count(OCSP_REQUEST *x);
+int OCSP_REQUEST_get_ext_by_NID(OCSP_REQUEST *x, int nid, int lastpos);
+int OCSP_REQUEST_get_ext_by_OBJ(OCSP_REQUEST *x, ASN1_OBJECT *obj, int lastpos);
+int OCSP_REQUEST_get_ext_by_critical(OCSP_REQUEST *x, int crit, int lastpos);
+X509_EXTENSION *OCSP_REQUEST_get_ext(OCSP_REQUEST *x, int loc);
+X509_EXTENSION *OCSP_REQUEST_delete_ext(OCSP_REQUEST *x, int loc);
+void *OCSP_REQUEST_get1_ext_d2i(OCSP_REQUEST *x, int nid, int *crit, int *idx);
+int OCSP_REQUEST_add1_ext_i2d(OCSP_REQUEST *x, int nid, void *value, int crit,
+							unsigned long flags);
+int OCSP_REQUEST_add_ext(OCSP_REQUEST *x, X509_EXTENSION *ex, int loc);
+
+int OCSP_ONEREQ_get_ext_count(OCSP_ONEREQ *x);
+int OCSP_ONEREQ_get_ext_by_NID(OCSP_ONEREQ *x, int nid, int lastpos);
+int OCSP_ONEREQ_get_ext_by_OBJ(OCSP_ONEREQ *x, ASN1_OBJECT *obj, int lastpos);
+int OCSP_ONEREQ_get_ext_by_critical(OCSP_ONEREQ *x, int crit, int lastpos);
+X509_EXTENSION *OCSP_ONEREQ_get_ext(OCSP_ONEREQ *x, int loc);
+X509_EXTENSION *OCSP_ONEREQ_delete_ext(OCSP_ONEREQ *x, int loc);
+void *OCSP_ONEREQ_get1_ext_d2i(OCSP_ONEREQ *x, int nid, int *crit, int *idx);
+int OCSP_ONEREQ_add1_ext_i2d(OCSP_ONEREQ *x, int nid, void *value, int crit,
+							unsigned long flags);
+int OCSP_ONEREQ_add_ext(OCSP_ONEREQ *x, X509_EXTENSION *ex, int loc);
+
+int OCSP_BASICRESP_get_ext_count(OCSP_BASICRESP *x);
+int OCSP_BASICRESP_get_ext_by_NID(OCSP_BASICRESP *x, int nid, int lastpos);
+int OCSP_BASICRESP_get_ext_by_OBJ(OCSP_BASICRESP *x, ASN1_OBJECT *obj, int lastpos);
+int OCSP_BASICRESP_get_ext_by_critical(OCSP_BASICRESP *x, int crit, int lastpos);
+X509_EXTENSION *OCSP_BASICRESP_get_ext(OCSP_BASICRESP *x, int loc);
+X509_EXTENSION *OCSP_BASICRESP_delete_ext(OCSP_BASICRESP *x, int loc);
+void *OCSP_BASICRESP_get1_ext_d2i(OCSP_BASICRESP *x, int nid, int *crit, int *idx);
+int OCSP_BASICRESP_add1_ext_i2d(OCSP_BASICRESP *x, int nid, void *value, int crit,
+							unsigned long flags);
+int OCSP_BASICRESP_add_ext(OCSP_BASICRESP *x, X509_EXTENSION *ex, int loc);
+
+int OCSP_SINGLERESP_get_ext_count(OCSP_SINGLERESP *x);
+int OCSP_SINGLERESP_get_ext_by_NID(OCSP_SINGLERESP *x, int nid, int lastpos);
+int OCSP_SINGLERESP_get_ext_by_OBJ(OCSP_SINGLERESP *x, ASN1_OBJECT *obj, int lastpos);
+int OCSP_SINGLERESP_get_ext_by_critical(OCSP_SINGLERESP *x, int crit, int lastpos);
+X509_EXTENSION *OCSP_SINGLERESP_get_ext(OCSP_SINGLERESP *x, int loc);
+X509_EXTENSION *OCSP_SINGLERESP_delete_ext(OCSP_SINGLERESP *x, int loc);
+void *OCSP_SINGLERESP_get1_ext_d2i(OCSP_SINGLERESP *x, int nid, int *crit, int *idx);
+int OCSP_SINGLERESP_add1_ext_i2d(OCSP_SINGLERESP *x, int nid, void *value, int crit,
+							unsigned long flags);
+int OCSP_SINGLERESP_add_ext(OCSP_SINGLERESP *x, X509_EXTENSION *ex, int loc);
+
 DECLARE_ASN1_FUNCTIONS(OCSP_SINGLERESP)
 
 OCSP_CERTSTATUS *OCSP_CERTSTATUS_new(void);

crypto/ocsp/ocsp_ext.c

@@ -64,21 +64,203 @@
 #include <stdio.h>
 #include <cryptlib.h>
 #include <openssl/objects.h>
-#include <openssl/asn1_mac.h>
 #include <openssl/x509.h>
 #include <openssl/ocsp.h>
 #include <openssl/x509v3.h>
 
-/* Make sure we work well with older variants of OpenSSL */
+/* Standard wrapper functions for extensions */
-#ifndef OPENSSL_malloc
+
-#define OPENSSL_malloc Malloc
+/* OCSP request extensions */
-#endif
+
-#ifndef OPENSSL_realloc
+int OCSP_REQUEST_get_ext_count(OCSP_REQUEST *x)
-#define OPENSSL_realloc Realloc
+	{
-#endif
+	return(X509v3_get_ext_count(x->tbsRequest->requestExtensions));
-#ifndef OPENSSL_free
+	}
-#define OPENSSL_free Free
+
-#endif
+int OCSP_REQUEST_get_ext_by_NID(OCSP_REQUEST *x, int nid, int lastpos)
+	{
+	return(X509v3_get_ext_by_NID(x->tbsRequest->requestExtensions,nid,lastpos));
+	}
+
+int OCSP_REQUEST_get_ext_by_OBJ(OCSP_REQUEST *x, ASN1_OBJECT *obj, int lastpos)
+	{
+	return(X509v3_get_ext_by_OBJ(x->tbsRequest->requestExtensions,obj,lastpos));
+	}
+
+int OCSP_REQUEST_get_ext_by_critical(OCSP_REQUEST *x, int crit, int lastpos)
+	{
+	return(X509v3_get_ext_by_critical(x->tbsRequest->requestExtensions,crit,lastpos));
+	}
+
+X509_EXTENSION *OCSP_REQUEST_get_ext(OCSP_REQUEST *x, int loc)
+	{
+	return(X509v3_get_ext(x->tbsRequest->requestExtensions,loc));
+	}
+
+X509_EXTENSION *OCSP_REQUEST_delete_ext(OCSP_REQUEST *x, int loc)
+	{
+	return(X509v3_delete_ext(x->tbsRequest->requestExtensions,loc));
+	}
+
+void *OCSP_REQUEST_get1_ext_d2i(OCSP_REQUEST *x, int nid, int *crit, int *idx)
+	{
+	return X509V3_get_d2i(x->tbsRequest->requestExtensions, nid, crit, idx);
+	}
+
+int OCSP_REQUEST_add1_ext_i2d(OCSP_REQUEST *x, int nid, void *value, int crit,
+							unsigned long flags)
+	{
+	return X509V3_add1_i2d(&x->tbsRequest->requestExtensions, nid, value, crit, flags);
+	}
+
+int OCSP_REQUEST_add_ext(OCSP_REQUEST *x, X509_EXTENSION *ex, int loc)
+	{
+	return(X509v3_add_ext(&(x->tbsRequest->requestExtensions),ex,loc) != NULL);
+	}
+
+/* Single extensions */
+
+int OCSP_ONEREQ_get_ext_count(OCSP_ONEREQ *x)
+	{
+	return(X509v3_get_ext_count(x->singleRequestExtensions));
+	}
+
+int OCSP_ONEREQ_get_ext_by_NID(OCSP_ONEREQ *x, int nid, int lastpos)
+	{
+	return(X509v3_get_ext_by_NID(x->singleRequestExtensions,nid,lastpos));
+	}
+
+int OCSP_ONEREQ_get_ext_by_OBJ(OCSP_ONEREQ *x, ASN1_OBJECT *obj, int lastpos)
+	{
+	return(X509v3_get_ext_by_OBJ(x->singleRequestExtensions,obj,lastpos));
+	}
+
+int OCSP_ONEREQ_get_ext_by_critical(OCSP_ONEREQ *x, int crit, int lastpos)
+	{
+	return(X509v3_get_ext_by_critical(x->singleRequestExtensions,crit,lastpos));
+	}
+
+X509_EXTENSION *OCSP_ONEREQ_get_ext(OCSP_ONEREQ *x, int loc)
+	{
+	return(X509v3_get_ext(x->singleRequestExtensions,loc));
+	}
+
+X509_EXTENSION *OCSP_ONEREQ_delete_ext(OCSP_ONEREQ *x, int loc)
+	{
+	return(X509v3_delete_ext(x->singleRequestExtensions,loc));
+	}
+
+void *OCSP_ONEREQ_get1_ext_d2i(OCSP_ONEREQ *x, int nid, int *crit, int *idx)
+	{
+	return X509V3_get_d2i(x->singleRequestExtensions, nid, crit, idx);
+	}
+
+int OCSP_ONEREQ_add1_ext_i2d(OCSP_ONEREQ *x, int nid, void *value, int crit,
+							unsigned long flags)
+	{
+	return X509V3_add1_i2d(&x->singleRequestExtensions, nid, value, crit, flags);
+	}
+
+int OCSP_ONEREQ_add_ext(OCSP_ONEREQ *x, X509_EXTENSION *ex, int loc)
+	{
+	return(X509v3_add_ext(&(x->singleRequestExtensions),ex,loc) != NULL);
+	}
+
+/* OCSP Basic response */
+
+int OCSP_BASICRESP_get_ext_count(OCSP_BASICRESP *x)
+	{
+	return(X509v3_get_ext_count(x->tbsResponseData->responseExtensions));
+	}
+
+int OCSP_BASICRESP_get_ext_by_NID(OCSP_BASICRESP *x, int nid, int lastpos)
+	{
+	return(X509v3_get_ext_by_NID(x->tbsResponseData->responseExtensions,nid,lastpos));
+	}
+
+int OCSP_BASICRESP_get_ext_by_OBJ(OCSP_BASICRESP *x, ASN1_OBJECT *obj, int lastpos)
+	{
+	return(X509v3_get_ext_by_OBJ(x->tbsResponseData->responseExtensions,obj,lastpos));
+	}
+
+int OCSP_BASICRESP_get_ext_by_critical(OCSP_BASICRESP *x, int crit, int lastpos)
+	{
+	return(X509v3_get_ext_by_critical(x->tbsResponseData->responseExtensions,crit,lastpos));
+	}
+
+X509_EXTENSION *OCSP_BASICRESP_get_ext(OCSP_BASICRESP *x, int loc)
+	{
+	return(X509v3_get_ext(x->tbsResponseData->responseExtensions,loc));
+	}
+
+X509_EXTENSION *OCSP_BASICRESP_delete_ext(OCSP_BASICRESP *x, int loc)
+	{
+	return(X509v3_delete_ext(x->tbsResponseData->responseExtensions,loc));
+	}
+
+void *OCSP_BASICRESP_get1_ext_d2i(OCSP_BASICRESP *x, int nid, int *crit, int *idx)
+	{
+	return X509V3_get_d2i(x->tbsResponseData->responseExtensions, nid, crit, idx);
+	}
+
+int OCSP_BASICRESP_add1_ext_i2d(OCSP_BASICRESP *x, int nid, void *value, int crit,
+							unsigned long flags)
+	{
+	return X509V3_add1_i2d(&x->tbsResponseData->responseExtensions, nid, value, crit, flags);
+	}
+
+int OCSP_BASICRESP_add_ext(OCSP_BASICRESP *x, X509_EXTENSION *ex, int loc)
+	{
+	return(X509v3_add_ext(&(x->tbsResponseData->responseExtensions),ex,loc) != NULL);
+	}
+
+/* OCSP single response extensions */
+
+int OCSP_SINGLERESP_get_ext_count(OCSP_SINGLERESP *x)
+	{
+	return(X509v3_get_ext_count(x->singleExtensions));
+	}
+
+int OCSP_SINGLERESP_get_ext_by_NID(OCSP_SINGLERESP *x, int nid, int lastpos)
+	{
+	return(X509v3_get_ext_by_NID(x->singleExtensions,nid,lastpos));
+	}
+
+int OCSP_SINGLERESP_get_ext_by_OBJ(OCSP_SINGLERESP *x, ASN1_OBJECT *obj, int lastpos)
+	{
+	return(X509v3_get_ext_by_OBJ(x->singleExtensions,obj,lastpos));
+	}
+
+int OCSP_SINGLERESP_get_ext_by_critical(OCSP_SINGLERESP *x, int crit, int lastpos)
+	{
+	return(X509v3_get_ext_by_critical(x->singleExtensions,crit,lastpos));
+	}
+
+X509_EXTENSION *OCSP_SINGLERESP_get_ext(OCSP_SINGLERESP *x, int loc)
+	{
+	return(X509v3_get_ext(x->singleExtensions,loc));
+	}
+
+X509_EXTENSION *OCSP_SINGLERESP_delete_ext(OCSP_SINGLERESP *x, int loc)
+	{
+	return(X509v3_delete_ext(x->singleExtensions,loc));
+	}
+
+void *OCSP_SINGLERESP_get1_ext_d2i(OCSP_SINGLERESP *x, int nid, int *crit, int *idx)
+	{
+	return X509V3_get_d2i(x->singleExtensions, nid, crit, idx);
+	}
+
+int OCSP_SINGLERESP_add1_ext_i2d(OCSP_SINGLERESP *x, int nid, void *value, int crit,
+							unsigned long flags)
+	{
+	return X509V3_add1_i2d(&x->singleExtensions, nid, value, crit, flags);
+	}
+
+int OCSP_SINGLERESP_add_ext(OCSP_SINGLERESP *x, X509_EXTENSION *ex, int loc)
+	{
+	return(X509v3_add_ext(&(x->singleExtensions),ex,loc) != NULL);
+	}
 
 /* also CRL Entry Extensions */