Extracting ResponderID from OCSP in OpenSSL 1.1

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Extracting ResponderID from OCSP in OpenSSL 1.1

Johanna Amann
Hi,

I wanted to check if it is still possible to extract the ResponderID from
a OCSP BasicResponse.

In OpenSSL 1.0 we used this code to do this:

resp_id is of type OCSP_RESPID*:

if (resp_id->type == V_OCSP_RESPID_NAME)
        X509_NAME_print_ex(bio, resp_id->value.byName, 0, XN_FLAG_ONELINE);
else if (resp_id->type == V_OCSP_RESPID_KEY)
        i2a_ASN1_STRING(bio, resp_id->value.byKey, V_ASN1_OCTET_STRING);

In OpenSSL 1.1, OCSP_RESPID seems to be a private type and there do not
seem to be any functions to access the byName/byKey fields.

Is it still possible to get to these values? If yes could someone please
point me to where to look?

Thank you very much,
 Johanna
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|

Re: Extracting ResponderID from OCSP in OpenSSL 1.1

Matt Caswell-2


On 30/04/18 21:47, Johanna Amann wrote:

> Hi,
>
> I wanted to check if it is still possible to extract the ResponderID from
> a OCSP BasicResponse.
>
> In OpenSSL 1.0 we used this code to do this:
>
> resp_id is of type OCSP_RESPID*:
>
> if (resp_id->type == V_OCSP_RESPID_NAME)
> X509_NAME_print_ex(bio, resp_id->value.byName, 0, XN_FLAG_ONELINE);
> else if (resp_id->type == V_OCSP_RESPID_KEY)
> i2a_ASN1_STRING(bio, resp_id->value.byKey, V_ASN1_OCTET_STRING);
>
> In OpenSSL 1.1, OCSP_RESPID seems to be a private type and there do not
> seem to be any functions to access the byName/byKey fields.

The functions OCSP_resp_get0_id() and OCSP_resp_get1_id() give you
access to these fields. See:

https://www.openssl.org/docs/man1.1.0/crypto/OCSP_resp_get0_id.html

Matt


>
> Is it still possible to get to these values? If yes could someone please
> point me to where to look?
>
> Thank you very much,
>  Johanna
>
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users