OCSP_CERTID *OCSP_cert_id_new (const EVP_MD * dgst,
X509_NAME * issuerName, ASN1_BIT_STRING * issuerKey, ASN1_INTEGER * serialNumber)
{
int nid;
unsigned int i;
X509_ALGOR *alg;
OCSP_CERTID *cid = NULL;
unsigned char md[EVP_MAX_MD_SIZE];
if (!(cid = OCSP_CERTID_new ()))
goto err;
alg = cid->hashAlgorithm;
if (alg->algorithm != NULL)
ASN1_OBJECT_free (alg->algorithm);
if ((nid = EVP_MD_type (dgst)) == NID_undef)
{
OCSPerr (OCSP_F_OCSP_CERT_ID_NEW, OCSP_R_UNKNOWN_NID);
goto err;
}
if (!(alg->algorithm = OBJ_nid2obj (nid)))
goto err;
if ((alg->parameter = ASN1_TYPE_new ()) == NULL)
goto err;
alg->parameter->type = V_ASN1_NULL;
if (!X509_NAME_digest (issuerName, dgst, md, &i))
goto digerr;
if (!(ASN1_OCTET_STRING_set (cid->issuerNameHash, md, i)))
goto err;
/* Calculate the issuerKey hash, excluding tag and length */
if (!EVP_Digest (issuerKey->data, issuerKey->length, md, &i, dgst, NULL))
goto err;
if (!(ASN1_OCTET_STRING_set (cid->issuerKeyHash, md, i)))
goto err;
if (serialNumber)
{
ASN1_INTEGER_free (cid->serialNumber);
if (!(cid->serialNumber = ASN1_INTEGER_dup (serialNumber)))
goto err;
}
return cid;
digerr:
OCSPerr (OCSP_F_OCSP_CERT_ID_NEW, OCSP_R_DIGEST_ERR);
err:
if (cid)
OCSP_CERTID_free (cid);
return NULL;
}
/*
* OCSP::CertificateId
*/
static VALUE
ossl_ocspcid_alloc(VALUE klass)
{
OCSP_CERTID *id;
VALUE obj;
if(!(id = OCSP_CERTID_new()))
ossl_raise(eOCSPError, NULL);
WrapOCSPCertId(klass, obj, id);
return obj;
}
