Response online_check(const X509_Certificate& issuer, const BigInt& subject_serial, const std::string& ocsp_responder, Certificate_Store* trusted_roots, std::chrono::milliseconds timeout) { if(ocsp_responder.empty()) throw Invalid_Argument("No OCSP responder specified"); OCSP::Request req(issuer, subject_serial); auto http = HTTP::POST_sync(ocsp_responder, "application/ocsp-request", req.BER_encode(), 1, timeout); http.throw_unless_ok(); // Check the MIME type? OCSP::Response response(http.body()); std::vector<Certificate_Store*> trusted_roots_vec; trusted_roots_vec.push_back(trusted_roots); if(trusted_roots) response.check_signature(trusted_roots_vec); return response; }
Response online_check(const X509_Certificate& issuer, const X509_Certificate& subject, const Certificate_Store* trusted_roots) { const std::string responder_url = subject.ocsp_responder(); if(responder_url == "") throw std::runtime_error("No OCSP responder specified"); OCSP::Request req(issuer, subject); auto http = HTTP::POST_sync(responder_url, "application/ocsp-request", req.BER_encode()); http.throw_unless_ok(); // Check the MIME type? OCSP::Response response(*trusted_roots, http.body()); return response; }