diff --git a/src/ocsp.c b/src/ocsp.c index 6afb8e458..c3a5bc4ec 100644 --- a/src/ocsp.c +++ b/src/ocsp.c @@ -383,6 +383,24 @@ end: return ret; } +WOLFSSL_API int wolfSSL_CertManagerCheckOCSP_Staple(WOLFSSL_CERT_MANAGER *cm, + byte *response, int responseSz, buffer *responseBuffer, + CertStatus *status, OcspEntry *entry, OcspRequest *ocspRequest) +{ + int ret; + + WOLFSSL_ENTER("wolfSSL_CertManagerCheckOCSP_Staple"); + if (cm == NULL) + return BAD_FUNC_ARG; + if (cm->ocspEnabled == 0) + return WOLFSSL_SUCCESS; + + ret = CheckResponse(cm->ocsp, response, responseSz, responseBuffer, status, + entry, ocspRequest); + + return ret == 0 ? WOLFSSL_SUCCESS : ret; +} + /* 0 on success */ int CheckOcspRequest(WOLFSSL_OCSP* ocsp, OcspRequest* ocspRequest, buffer* responseBuffer) diff --git a/wolfssl/internal.h b/wolfssl/internal.h index 7ba309354..f3d395549 100644 --- a/wolfssl/internal.h +++ b/wolfssl/internal.h @@ -1791,6 +1791,7 @@ struct WOLFSSL_CIPHER { #endif /* wolfSSL OCSP controller */ +#ifdef HAVE_OCSP struct WOLFSSL_OCSP { WOLFSSL_CERT_MANAGER* cm; /* pointer back to cert manager */ OcspEntry* ocspList; /* OCSP response list */ @@ -1800,6 +1801,7 @@ struct WOLFSSL_OCSP { int(*statusCb)(WOLFSSL*, void*); #endif }; +#endif #ifndef MAX_DATE_SIZE #define MAX_DATE_SIZE 32 diff --git a/wolfssl/ocsp.h b/wolfssl/ocsp.h index f482bfc03..7bc359ec6 100644 --- a/wolfssl/ocsp.h +++ b/wolfssl/ocsp.h @@ -54,7 +54,9 @@ WOLFSSL_LOCAL int CheckCertOCSP_ex(WOLFSSL_OCSP*, DecodedCert*, WOLFSSL_BUFFER_INFO* responseBuffer, WOLFSSL* ssl); WOLFSSL_LOCAL int CheckOcspRequest(WOLFSSL_OCSP* ocsp, OcspRequest* ocspRequest, WOLFSSL_BUFFER_INFO* responseBuffer); - +WOLFSSL_API int wolfSSL_CertManagerCheckOCSP_Staple(WOLFSSL_CERT_MANAGER *, + byte *response, int responseSz, WOLFSSL_BUFFER_INFO *responseBuffer, + CertStatus *status, OcspEntry *entry, OcspRequest *ocspRequest); #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)