ocsp_resp_validate.h File Reference

OCSP response validation. More...

#include "ocsp/ocsp_common.h"

Go to the source code of this file.

Functions

error_t ocspValidateResponse (const OcspResponse *response, const X509CertInfo *certInfo, const X509CertInfo *issuerCertInfo, const uint8_t *nonce, size_t nonceLen)
 OCSP response validation. More...
 
error_t ocspCheckResponseSignature (const OcspBasicResponse *basicResponse, const X509CertInfo *issuerCertInfo)
 Verify response signature. More...
 
error_t ocspCheckResponderCert (const OcspResponderId *responderId, const X509CertInfo *responderCertInfo, const X509CertInfo *issuerCertInfo)
 Check responder's certificate. More...
 
error_t ocspCheckResponderId (const OcspResponderId *responderId, const X509CertInfo *issuerCertInfo)
 Check responder identifier. More...
 
error_t ocspCheckCertId (const OcspCertId *certId, const X509CertInfo *certInfo, const X509CertInfo *issuerCertInfo)
 Check certificate identifier. More...
 
error_t ocspCheckValidity (const OcspSingleResponse *singleResponse)
 Check the validity interval of the OCSP response. More...
 
error_t ocspCheckNonce (const OcspExtensions *extensions, const uint8_t *nonce, size_t nonceLen)
 Check nonce. More...
 

Detailed Description

OCSP response validation.

License

SPDX-License-Identifier: GPL-2.0-or-later

Copyright (C) 2010-2024 Oryx Embedded SARL. All rights reserved.

This file is part of CycloneCRYPTO Open.

This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.

Author
Oryx Embedded SARL (www.oryx-embedded.com)
Version
2.4.4

Definition in file ocsp_resp_validate.h.

Function Documentation

◆ ocspCheckCertId()

error_t ocspCheckCertId ( const OcspCertId certId,
const X509CertInfo certInfo,
const X509CertInfo issuerCertInfo 
)

Check certificate identifier.

Parameters
[in]certIdPointer to the certificate identifier
[in]certInfoEnd entity certificate
[in]issuerCertInfoIssuer's certificate
Returns
Error code

Definition at line 357 of file ocsp_resp_validate.c.

◆ ocspCheckNonce()

error_t ocspCheckNonce ( const OcspExtensions extensions,
const uint8_t *  nonce,
size_t  nonceLen 
)

Check nonce.

Parameters
[in]extensionsPointer to the OCSP extensions
[in]noncePointer to the random nonce (optional parameter)
[in]nonceLenLength of the nonce, in bytes (optional parameter)
Returns
Error code

Definition at line 483 of file ocsp_resp_validate.c.

◆ ocspCheckResponderCert()

error_t ocspCheckResponderCert ( const OcspResponderId responderId,
const X509CertInfo responderCertInfo,
const X509CertInfo issuerCertInfo 
)

Check responder's certificate.

Parameters
[in]responderIdPointer to the responder identifier
[in]responderCertInfoResponder's certificate
[in]issuerCertInfoIssuer's certificate
Returns
Error code

Definition at line 248 of file ocsp_resp_validate.c.

◆ ocspCheckResponderId()

error_t ocspCheckResponderId ( const OcspResponderId responderId,
const X509CertInfo issuerCertInfo 
)

Check responder identifier.

Parameters
[in]responderIdPointer to the responder identifier
[in]issuerCertInfoIssuer's certificate
Returns
Error code

Definition at line 291 of file ocsp_resp_validate.c.

◆ ocspCheckResponseSignature()

error_t ocspCheckResponseSignature ( const OcspBasicResponse basicResponse,
const X509CertInfo issuerCertInfo 
)

Verify response signature.

Parameters
[in]basicResponsePointer to the basic response
[in]issuerCertInfoIssuer's certificate
Returns
Error code

Definition at line 130 of file ocsp_resp_validate.c.

◆ ocspCheckValidity()

error_t ocspCheckValidity ( const OcspSingleResponse singleResponse)

Check the validity interval of the OCSP response.

Parameters
[in]singleResponsePointer to the OCSP response
Returns
Error code

Definition at line 427 of file ocsp_resp_validate.c.

◆ ocspValidateResponse()

error_t ocspValidateResponse ( const OcspResponse response,
const X509CertInfo certInfo,
const X509CertInfo issuerCertInfo,
const uint8_t *  nonce,
size_t  nonceLen 
)

OCSP response validation.

Parameters
[in]responsePointer to the OCSP response to be verified
[in]certInfoEnd entity certificate
[in]issuerCertInfoIssuer's certificate
[in]noncePointer to the random nonce (optional parameter)
[in]nonceLenLength of the nonce, in bytes (optional parameter)
Returns
Error code

Definition at line 57 of file ocsp_resp_validate.c.