mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-01-27 13:12:20 +01:00
bca43654df
- Use OcspEntry in OcspResponse instead of CertStatus. OcspEntry is more analogous to an OCSP SingleResponse, which contains issuer name and key hashes. Correspondingly, remove these hashes from OcspResponse, since they'll now be stored per SingleResponse in an OcspEntry. - Add a hashAlgoOID to OcspEntry (corresponds to hashAlgorithm in CertId in RFC 6960). This makes OcspEntry more closely resemble an OCSP SingleResponse. - Change WOLFSSL_OCSP_CERTID to map to OcspEntry. OcspEntry contains all the information that an OCSP CertID contains, and is a better fit than OcspRequest. - Add a pointer to the raw CertId in an OCSP SingleResponse to OcspEntry, along with a size field to indicate how many bytes the CertId occupies. This will be used in an OpenSSL compatibility function, i2d_OCSP_CERTID, which yields the raw bytes of the CertId.