mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-05 18:10:50 +02:00
4578e1390f
OCSP Responder Core API: - Add new public API for creating and managing an OCSP responder - Add public wrappers for internal OCSP request/response functions - OcspRespCheck: fix check when authorized responder is loaded into CM Header Cleanup: - Remove circular dependency when including `#include <wolfssl/wolfcrypt/asn.h>` from wolfssl/wolfcrypt/ecc.h and wolfssl/wolfcrypt/rsa.h OCSP Responder Example (examples/ocsp_responder/): - Add a command-line OCSP responder for interoperability testing with OpenSSL's `openssl ocsp` client Test Scripts (scripts/): - ocsp-responder-openssl-interop.test: Tests wolfSSL OCSP responder with `openssl ocsp` client - ocsp-stapling-with-wolfssl-responder.test: Tests wolfSSL OCSP responder when doing OCSP stapling Certificate Infrastructure (certs/ocsp/): - Add DER-format certificates and keys for OCSP testing - Update renewcerts.sh to generate DER versions Known Limitations (documented in src/ocsp.c header comment): - Single request/response per OCSP exchange only - Key-hash responder ID only (no name-based responder ID) - No singleExtensions support