Response online_check(const X509_Certificate& issuer, const X509_Certificate& subject, Certificate_Store* trusted_roots, std::chrono::milliseconds timeout) { if(subject.issuer_dn() != issuer.subject_dn()) throw Invalid_Argument("Invalid cert pair to OCSP::online_check (mismatched issuer,subject args?)"); return online_check(issuer, BigInt::decode(subject.serial_number()), subject.ocsp_responder(), trusted_roots, timeout); }
Response online_check(const X509_Certificate& issuer, const X509_Certificate& subject, const Certificate_Store* trusted_roots) { const std::string responder_url = subject.ocsp_responder(); if(responder_url == "") throw std::runtime_error("No OCSP responder specified"); OCSP::Request req(issuer, subject); auto http = HTTP::POST_sync(responder_url, "application/ocsp-request", req.BER_encode()); http.throw_unless_ok(); // Check the MIME type? OCSP::Response response(*trusted_roots, http.body()); return response; }