OCSP_CERTID *OCSP_cert_id_new (const EVP_MD * dgst, X509_NAME * issuerName, ASN1_BIT_STRING * issuerKey, ASN1_INTEGER * serialNumber) { int nid; unsigned int i; X509_ALGOR *alg; OCSP_CERTID *cid = NULL; unsigned char md[EVP_MAX_MD_SIZE]; if (!(cid = OCSP_CERTID_new ())) goto err; alg = cid->hashAlgorithm; if (alg->algorithm != NULL) ASN1_OBJECT_free (alg->algorithm); if ((nid = EVP_MD_type (dgst)) == NID_undef) { OCSPerr (OCSP_F_OCSP_CERT_ID_NEW, OCSP_R_UNKNOWN_NID); goto err; } if (!(alg->algorithm = OBJ_nid2obj (nid))) goto err; if ((alg->parameter = ASN1_TYPE_new ()) == NULL) goto err; alg->parameter->type = V_ASN1_NULL; if (!X509_NAME_digest (issuerName, dgst, md, &i)) goto digerr; if (!(ASN1_OCTET_STRING_set (cid->issuerNameHash, md, i))) goto err; /* Calculate the issuerKey hash, excluding tag and length */ if (!EVP_Digest (issuerKey->data, issuerKey->length, md, &i, dgst, NULL)) goto err; if (!(ASN1_OCTET_STRING_set (cid->issuerKeyHash, md, i))) goto err; if (serialNumber) { ASN1_INTEGER_free (cid->serialNumber); if (!(cid->serialNumber = ASN1_INTEGER_dup (serialNumber))) goto err; } return cid; digerr: OCSPerr (OCSP_F_OCSP_CERT_ID_NEW, OCSP_R_DIGEST_ERR); err: if (cid) OCSP_CERTID_free (cid); return NULL; }
/* * OCSP::CertificateId */ static VALUE ossl_ocspcid_alloc(VALUE klass) { OCSP_CERTID *id; VALUE obj; if(!(id = OCSP_CERTID_new())) ossl_raise(eOCSPError, NULL); WrapOCSPCertId(klass, obj, id); return obj; }