ocsp_client.c File Reference

OCSP client. More...

Go to the source code of this file.

Macros

#define TRACE_LEVEL   OCSP_TRACE_LEVEL
 

Functions

error_t ocspClientInit (OcspClientContext *context)
 OCSP client initialization. More...
 
error_t ocspClientRegisterTlsInitCallback (OcspClientContext *context, OcspClientTlsInitCallback callback)
 Register TLS initialization callback function. More...
 
error_t ocspClientSetPrng (OcspClientContext *context, const PrngAlgo *prngAlgo, void *prngContext)
 Set the pseudo-random number generator to be used. More...
 
error_t ocspClientSetTimeout (OcspClientContext *context, systime_t timeout)
 Set communication timeout. More...
 
error_t ocspClientSetHost (OcspClientContext *context, const char_t *host)
 Set the domain name of the OCSP server. More...
 
error_t ocspClientSetUri (OcspClientContext *context, const char_t *uri)
 Set request URI. More...
 
error_t ocspClientBindToInterface (OcspClientContext *context, NetInterface *interface)
 Bind the OCSP client to a particular network interface. More...
 
error_t ocspClientConnect (OcspClientContext *context, const IpAddr *serverIpAddr, uint16_t serverPort)
 Specify the address of the OCSP server. More...
 
error_t ocspClientCreateRequest (OcspClientContext *context, const char_t *cert, size_t certLen, const char_t *issuerCert, size_t issuerCertLen)
 Create OCSP request. More...
 
error_t ocspClientSendRequest (OcspClientContext *context)
 Perform OCSP request/response transaction. More...
 
error_t ocspClientValidateResponse (OcspClientContext *context, const char_t *cert, size_t certLen, const char_t *issuerCert, size_t issuerCertLen)
 Validate OCSP response. More...
 
const OcspResponseocspClientGetResponse (OcspClientContext *context)
 Get OCSP response. More...
 
OcspResponseStatus ocspClientGetResponseStatus (OcspClientContext *context)
 Get the processing status of the prior request. More...
 
OcspCertStatus ocspClientGetCertificateStatus (OcspClientContext *context)
 Get the revocation status of the certificate. More...
 
error_t ocspClientDisconnect (OcspClientContext *context)
 Gracefully disconnect from the OCSP server. More...
 
error_t ocspClientClose (OcspClientContext *context)
 Close the connection with the OCSP server. More...
 
void ocspClientDeinit (OcspClientContext *context)
 Release OCSP client context. More...
 

Detailed Description

OCSP client.

License

SPDX-License-Identifier: GPL-2.0-or-later

Copyright (C) 2010-2024 Oryx Embedded SARL. All rights reserved.

This file is part of CycloneCRYPTO Open.

This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.

Description

OCSP is a protocol used to determine the current status of a digital certificate without requiring CRLs. Refer to the following RFCs for complete details:

  • RFC 6960: X.509 Internet Public Key Infrastructure OCSP
  • RFC 8954: Online Certificate Status Protocol (OCSP) Nonce Extension
Author
Oryx Embedded SARL (www.oryx-embedded.com)
Version
2.4.4

Definition in file ocsp_client.c.

Macro Definition Documentation

◆ TRACE_LEVEL

#define TRACE_LEVEL   OCSP_TRACE_LEVEL

Definition at line 40 of file ocsp_client.c.

Function Documentation

◆ ocspClientBindToInterface()

error_t ocspClientBindToInterface ( OcspClientContext context,
NetInterface interface 
)

Bind the OCSP client to a particular network interface.

Parameters
[in]contextPointer to the OCSP client context
[in]interfaceNetwork interface to be used
Returns
Error code

Definition at line 222 of file ocsp_client.c.

◆ ocspClientClose()

error_t ocspClientClose ( OcspClientContext context)

Close the connection with the OCSP server.

Parameters
[in]contextPointer to the OCSP client context
Returns
Error code

Definition at line 909 of file ocsp_client.c.

◆ ocspClientConnect()

error_t ocspClientConnect ( OcspClientContext context,
const IpAddr serverIpAddr,
uint16_t  serverPort 
)

Specify the address of the OCSP server.

Parameters
[in]contextPointer to the OCSP client context
[in]serverIpAddrIP address of the OCSP server to connect to
[in]serverPortUDP port number
Returns
Error code

Definition at line 245 of file ocsp_client.c.

◆ ocspClientCreateRequest()

error_t ocspClientCreateRequest ( OcspClientContext context,
const char_t cert,
size_t  certLen,
const char_t issuerCert,
size_t  issuerCertLen 
)

Create OCSP request.

Parameters
[in]contextPointer to the OCSP client context
[in]certCertificate to be checked (PEM or DER format)
[in]certLenLength of the certificate, in bytes
[in]issuerCertIssuer's certificate (PEM or DER format)
[in]issuerCertLenLength of the issuer certificate, in bytes
Returns
Error code

Definition at line 351 of file ocsp_client.c.

◆ ocspClientDeinit()

void ocspClientDeinit ( OcspClientContext context)

Release OCSP client context.

Parameters
[in]contextPointer to the OCSP client context

Definition at line 930 of file ocsp_client.c.

◆ ocspClientDisconnect()

error_t ocspClientDisconnect ( OcspClientContext context)

Gracefully disconnect from the OCSP server.

Parameters
[in]contextPointer to the OCSP client context
Returns
Error code

Definition at line 843 of file ocsp_client.c.

◆ ocspClientGetCertificateStatus()

OcspCertStatus ocspClientGetCertificateStatus ( OcspClientContext context)

Get the revocation status of the certificate.

Parameters
[in]contextPointer to the OCSP client context
Returns
Certificate status

Definition at line 807 of file ocsp_client.c.

◆ ocspClientGetResponse()

const OcspResponse* ocspClientGetResponse ( OcspClientContext context)

Get OCSP response.

Parameters
[in]contextPointer to the OCSP client context
Returns
Pointer to the received OCSP response

Definition at line 747 of file ocsp_client.c.

◆ ocspClientGetResponseStatus()

OcspResponseStatus ocspClientGetResponseStatus ( OcspClientContext context)

Get the processing status of the prior request.

Parameters
[in]contextPointer to the OCSP client context
Returns
Response status

Definition at line 777 of file ocsp_client.c.

◆ ocspClientInit()

error_t ocspClientInit ( OcspClientContext context)

OCSP client initialization.

Parameters
[in]contextPointer to the OCSP client context
Returns
Error code

Definition at line 61 of file ocsp_client.c.

◆ ocspClientRegisterTlsInitCallback()

error_t ocspClientRegisterTlsInitCallback ( OcspClientContext context,
OcspClientTlsInitCallback  callback 
)

Register TLS initialization callback function.

Parameters
[in]contextPointer to the OCSP client context
[in]callbackTLS initialization callback function
Returns
Error code

Definition at line 103 of file ocsp_client.c.

◆ ocspClientSendRequest()

error_t ocspClientSendRequest ( OcspClientContext context)

Perform OCSP request/response transaction.

Parameters
[in]contextPointer to the OCSP client context
Returns
Error code

Definition at line 398 of file ocsp_client.c.

◆ ocspClientSetHost()

error_t ocspClientSetHost ( OcspClientContext context,
const char_t host 
)

Set the domain name of the OCSP server.

Parameters
[in]contextPointer to the OCSP client context
[in]hostNULL-terminated string containing the host name
Returns
Error code

Definition at line 173 of file ocsp_client.c.

◆ ocspClientSetPrng()

error_t ocspClientSetPrng ( OcspClientContext context,
const PrngAlgo prngAlgo,
void *  prngContext 
)

Set the pseudo-random number generator to be used.

Parameters
[in]contextPointer to the OCSP client context
[in]prngAlgoPRNG algorithm
[in]prngContextPointer to the PRNG context
Returns
Error code

Definition at line 128 of file ocsp_client.c.

◆ ocspClientSetTimeout()

error_t ocspClientSetTimeout ( OcspClientContext context,
systime_t  timeout 
)

Set communication timeout.

Parameters
[in]contextPointer to the OCSP client context
[in]timeoutTimeout value, in milliseconds
Returns
Error code

Definition at line 152 of file ocsp_client.c.

◆ ocspClientSetUri()

error_t ocspClientSetUri ( OcspClientContext context,
const char_t uri 
)

Set request URI.

Parameters
[in]contextPointer to the OCSP client context
[in]uriNULL-terminated string that contains the resource name
Returns
Error code

Definition at line 198 of file ocsp_client.c.

◆ ocspClientValidateResponse()

error_t ocspClientValidateResponse ( OcspClientContext context,
const char_t cert,
size_t  certLen,
const char_t issuerCert,
size_t  issuerCertLen 
)

Validate OCSP response.

Parameters
[in]contextPointer to the OCSP client context
[in]certCertificate to be checked (PEM or DER format)
[in]certLenLength of the certificate, in bytes
[in]issuerCertIssuer's certificate (PEM or DER format)
[in]issuerCertLenLength of the issuer certificate, in bytes
Returns
Error code

Definition at line 575 of file ocsp_client.c.