ocsp_client.h File Reference

OCSP client. More...

#include "core/net.h"
#include "http/http_client.h"
#include "ocsp/ocsp_common.h"

Go to the source code of this file.

Data Structures

struct  OcspClientContext
 OCSP client context. More...
 

Macros

#define OCSP_CLIENT_SUPPORT   DISABLED
 
#define OCSP_CLIENT_TLS_SUPPORT   DISABLED
 
#define OCSP_CLIENT_DEFAULT_TIMEOUT   20000
 
#define OCSP_CLIENT_BUFFER_SIZE   2048
 
#define OCSP_CLIENT_MAX_HOST_LEN   64
 
#define OCSP_CLIENT_MAX_URI_LEN   32
 
#define OCSP_CLIENT_NONCE_SIZE   16
 
#define OCSP_CLIENT_PRIVATE_CONTEXT
 

Typedefs

typedef error_t(* OcspClientTlsInitCallback) (HttpClientContext *context, TlsContext *tlsContext)
 TLS initialization callback function. More...
 

Enumerations

enum  OcspClientState {
  OCSP_CLIENT_STATE_DISCONNECTED = 0, OCSP_CLIENT_STATE_CONNECTING = 1, OCSP_CLIENT_STATE_CONNECTED = 2, OCSP_CLIENT_STATE_FORMAT_HEADER = 3,
  OCSP_CLIENT_STATE_SEND_HEADER = 4, OCSP_CLIENT_STATE_SEND_BODY = 5, OCSP_CLIENT_STATE_RECEIVE_HEADER = 6, OCSP_CLIENT_STATE_PARSE_HEADER = 7,
  OCSP_CLIENT_STATE_RECEIVE_BODY = 8, OCSP_CLIENT_STATE_CLOSE_BODY = 9, OCSP_CLIENT_STATE_PARSE_RESP = 10, OCSP_CLIENT_STATE_VALIDATE_RESP = 11,
  OCSP_CLIENT_STATE_RESP_VALIDATED = 12, OCSP_CLIENT_STATE_DISCONNECTING = 13
}
 OCSP client states. More...
 

Functions

error_t ocspClientInit (OcspClientContext *context)
 OCSP client initialization. More...
 
error_t ocspClientRegisterTlsInitCallback (OcspClientContext *context, OcspClientTlsInitCallback callback)
 Register TLS initialization callback function. More...
 
error_t ocspClientSetPrng (OcspClientContext *context, const PrngAlgo *prngAlgo, void *prngContext)
 Set the pseudo-random number generator to be used. More...
 
error_t ocspClientSetTimeout (OcspClientContext *context, systime_t timeout)
 Set communication timeout. More...
 
error_t ocspClientSetHost (OcspClientContext *context, const char_t *host)
 Set the domain name of the OCSP server. More...
 
error_t ocspClientSetUri (OcspClientContext *context, const char_t *uri)
 Set request URI. More...
 
error_t ocspClientBindToInterface (OcspClientContext *context, NetInterface *interface)
 Bind the OCSP client to a particular network interface. More...
 
error_t ocspClientConnect (OcspClientContext *context, const IpAddr *serverIpAddr, uint16_t serverPort)
 Specify the address of the OCSP server. More...
 
error_t ocspClientCreateRequest (OcspClientContext *context, const char_t *cert, size_t certLen, const char_t *issuerCert, size_t issuerCertLen)
 Create OCSP request. More...
 
error_t ocspClientSendRequest (OcspClientContext *context)
 Perform OCSP request/response transaction. More...
 
error_t ocspClientValidateResponse (OcspClientContext *context, const char_t *cert, size_t certLen, const char_t *issuerCert, size_t issuerCertLen)
 Validate OCSP response. More...
 
const OcspResponseocspClientGetResponse (OcspClientContext *context)
 Get OCSP response. More...
 
OcspResponseStatus ocspClientGetResponseStatus (OcspClientContext *context)
 Get the processing status of the prior request. More...
 
OcspCertStatus ocspClientGetCertificateStatus (OcspClientContext *context)
 Get the revocation status of the certificate. More...
 
error_t ocspClientDisconnect (OcspClientContext *context)
 Gracefully disconnect from the OCSP server. More...
 
error_t ocspClientClose (OcspClientContext *context)
 Close the connection with the OCSP server. More...
 
void ocspClientDeinit (OcspClientContext *context)
 Release OCSP client context. More...
 

Detailed Description

OCSP client.

License

SPDX-License-Identifier: GPL-2.0-or-later

Copyright (C) 2010-2024 Oryx Embedded SARL. All rights reserved.

This file is part of CycloneCRYPTO Open.

This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.

Author
Oryx Embedded SARL (www.oryx-embedded.com)
Version
2.4.4

Definition in file ocsp_client.h.

Macro Definition Documentation

◆ OCSP_CLIENT_BUFFER_SIZE

#define OCSP_CLIENT_BUFFER_SIZE   2048

Definition at line 62 of file ocsp_client.h.

◆ OCSP_CLIENT_DEFAULT_TIMEOUT

#define OCSP_CLIENT_DEFAULT_TIMEOUT   20000

Definition at line 55 of file ocsp_client.h.

◆ OCSP_CLIENT_MAX_HOST_LEN

#define OCSP_CLIENT_MAX_HOST_LEN   64

Definition at line 69 of file ocsp_client.h.

◆ OCSP_CLIENT_MAX_URI_LEN

#define OCSP_CLIENT_MAX_URI_LEN   32

Definition at line 76 of file ocsp_client.h.

◆ OCSP_CLIENT_NONCE_SIZE

#define OCSP_CLIENT_NONCE_SIZE   16

Definition at line 83 of file ocsp_client.h.

◆ OCSP_CLIENT_PRIVATE_CONTEXT

#define OCSP_CLIENT_PRIVATE_CONTEXT

Definition at line 90 of file ocsp_client.h.

◆ OCSP_CLIENT_SUPPORT

#define OCSP_CLIENT_SUPPORT   DISABLED

Definition at line 41 of file ocsp_client.h.

◆ OCSP_CLIENT_TLS_SUPPORT

#define OCSP_CLIENT_TLS_SUPPORT   DISABLED

Definition at line 48 of file ocsp_client.h.

Typedef Documentation

◆ OcspClientTlsInitCallback

typedef error_t(* OcspClientTlsInitCallback) (HttpClientContext *context, TlsContext *tlsContext)

TLS initialization callback function.

Definition at line 128 of file ocsp_client.h.

Enumeration Type Documentation

◆ OcspClientState

OCSP client states.

Enumerator
OCSP_CLIENT_STATE_DISCONNECTED 
OCSP_CLIENT_STATE_CONNECTING 
OCSP_CLIENT_STATE_CONNECTED 
OCSP_CLIENT_STATE_FORMAT_HEADER 
OCSP_CLIENT_STATE_SEND_HEADER 
OCSP_CLIENT_STATE_SEND_BODY 
OCSP_CLIENT_STATE_RECEIVE_HEADER 
OCSP_CLIENT_STATE_PARSE_HEADER 
OCSP_CLIENT_STATE_RECEIVE_BODY 
OCSP_CLIENT_STATE_CLOSE_BODY 
OCSP_CLIENT_STATE_PARSE_RESP 
OCSP_CLIENT_STATE_VALIDATE_RESP 
OCSP_CLIENT_STATE_RESP_VALIDATED 
OCSP_CLIENT_STATE_DISCONNECTING 

Definition at line 102 of file ocsp_client.h.

Function Documentation

◆ ocspClientBindToInterface()

error_t ocspClientBindToInterface ( OcspClientContext context,
NetInterface interface 
)

Bind the OCSP client to a particular network interface.

Parameters
[in]contextPointer to the OCSP client context
[in]interfaceNetwork interface to be used
Returns
Error code

Definition at line 222 of file ocsp_client.c.

◆ ocspClientClose()

error_t ocspClientClose ( OcspClientContext context)

Close the connection with the OCSP server.

Parameters
[in]contextPointer to the OCSP client context
Returns
Error code

Definition at line 909 of file ocsp_client.c.

◆ ocspClientConnect()

error_t ocspClientConnect ( OcspClientContext context,
const IpAddr serverIpAddr,
uint16_t  serverPort 
)

Specify the address of the OCSP server.

Parameters
[in]contextPointer to the OCSP client context
[in]serverIpAddrIP address of the OCSP server to connect to
[in]serverPortUDP port number
Returns
Error code

Definition at line 245 of file ocsp_client.c.

◆ ocspClientCreateRequest()

error_t ocspClientCreateRequest ( OcspClientContext context,
const char_t cert,
size_t  certLen,
const char_t issuerCert,
size_t  issuerCertLen 
)

Create OCSP request.

Parameters
[in]contextPointer to the OCSP client context
[in]certCertificate to be checked (PEM or DER format)
[in]certLenLength of the certificate, in bytes
[in]issuerCertIssuer's certificate (PEM or DER format)
[in]issuerCertLenLength of the issuer certificate, in bytes
Returns
Error code

Definition at line 351 of file ocsp_client.c.

◆ ocspClientDeinit()

void ocspClientDeinit ( OcspClientContext context)

Release OCSP client context.

Parameters
[in]contextPointer to the OCSP client context

Definition at line 930 of file ocsp_client.c.

◆ ocspClientDisconnect()

error_t ocspClientDisconnect ( OcspClientContext context)

Gracefully disconnect from the OCSP server.

Parameters
[in]contextPointer to the OCSP client context
Returns
Error code

Definition at line 843 of file ocsp_client.c.

◆ ocspClientGetCertificateStatus()

OcspCertStatus ocspClientGetCertificateStatus ( OcspClientContext context)

Get the revocation status of the certificate.

Parameters
[in]contextPointer to the OCSP client context
Returns
Certificate status

Definition at line 807 of file ocsp_client.c.

◆ ocspClientGetResponse()

const OcspResponse* ocspClientGetResponse ( OcspClientContext context)

Get OCSP response.

Parameters
[in]contextPointer to the OCSP client context
Returns
Pointer to the received OCSP response

Definition at line 747 of file ocsp_client.c.

◆ ocspClientGetResponseStatus()

OcspResponseStatus ocspClientGetResponseStatus ( OcspClientContext context)

Get the processing status of the prior request.

Parameters
[in]contextPointer to the OCSP client context
Returns
Response status

Definition at line 777 of file ocsp_client.c.

◆ ocspClientInit()

error_t ocspClientInit ( OcspClientContext context)

OCSP client initialization.

Parameters
[in]contextPointer to the OCSP client context
Returns
Error code

Definition at line 61 of file ocsp_client.c.

◆ ocspClientRegisterTlsInitCallback()

error_t ocspClientRegisterTlsInitCallback ( OcspClientContext context,
OcspClientTlsInitCallback  callback 
)

Register TLS initialization callback function.

Parameters
[in]contextPointer to the OCSP client context
[in]callbackTLS initialization callback function
Returns
Error code

Definition at line 103 of file ocsp_client.c.

◆ ocspClientSendRequest()

error_t ocspClientSendRequest ( OcspClientContext context)

Perform OCSP request/response transaction.

Parameters
[in]contextPointer to the OCSP client context
Returns
Error code

Definition at line 398 of file ocsp_client.c.

◆ ocspClientSetHost()

error_t ocspClientSetHost ( OcspClientContext context,
const char_t host 
)

Set the domain name of the OCSP server.

Parameters
[in]contextPointer to the OCSP client context
[in]hostNULL-terminated string containing the host name
Returns
Error code

Definition at line 173 of file ocsp_client.c.

◆ ocspClientSetPrng()

error_t ocspClientSetPrng ( OcspClientContext context,
const PrngAlgo prngAlgo,
void *  prngContext 
)

Set the pseudo-random number generator to be used.

Parameters
[in]contextPointer to the OCSP client context
[in]prngAlgoPRNG algorithm
[in]prngContextPointer to the PRNG context
Returns
Error code

Definition at line 128 of file ocsp_client.c.

◆ ocspClientSetTimeout()

error_t ocspClientSetTimeout ( OcspClientContext context,
systime_t  timeout 
)

Set communication timeout.

Parameters
[in]contextPointer to the OCSP client context
[in]timeoutTimeout value, in milliseconds
Returns
Error code

Definition at line 152 of file ocsp_client.c.

◆ ocspClientSetUri()

error_t ocspClientSetUri ( OcspClientContext context,
const char_t uri 
)

Set request URI.

Parameters
[in]contextPointer to the OCSP client context
[in]uriNULL-terminated string that contains the resource name
Returns
Error code

Definition at line 198 of file ocsp_client.c.

◆ ocspClientValidateResponse()

error_t ocspClientValidateResponse ( OcspClientContext context,
const char_t cert,
size_t  certLen,
const char_t issuerCert,
size_t  issuerCertLen 
)

Validate OCSP response.

Parameters
[in]contextPointer to the OCSP client context
[in]certCertificate to be checked (PEM or DER format)
[in]certLenLength of the certificate, in bytes
[in]issuerCertIssuer's certificate (PEM or DER format)
[in]issuerCertLenLength of the issuer certificate, in bytes
Returns
Error code

Definition at line 575 of file ocsp_client.c.