Process multiple OCSP responses #3389

tmael · 2020-10-14T08:42:17Z

ZD#10987.

support for OCSP request/response for multiple certificates

wolfcrypt/src/asn.c

…onses.

…original size arg since its required for the ASN elements.

tmael · 2020-10-15T06:15:09Z

Thanks, @dgarske, Nice work!
No issues with the following test configurations.

client and server are able to connect with an OCSP responder with the id-pkix-ocsp-nocheck cert extensions.
- server makes OCSP request and processes the OCSP response from the responder.
- client skips performing OCSP request/response with the OCSP responder.
Verified OcspResponseDecode() can now process multiple SingleResponses OCSP responses and stores it in a CertStatus link list.

wolfcrypt/src/asn.c

dgarske

Todd should do a final on this. Both Tesfa and I worked on the PR.

Process multiple ocsp responses

5ac3e7d

tmael requested a review from dgarske October 14, 2020 14:13

tmael assigned dgarske Oct 14, 2020

dgarske requested changes Oct 14, 2020

View reviewed changes

wolfcrypt/src/asn.c Outdated Show resolved Hide resolved

dgarske added 2 commits October 14, 2020 14:47

Added support for handling an OCSP response with multiple status resp…

10b1884

…onses.

Fix for OCSP single response last optional part handling and restore …

751f64b

…original size arg since its required for the ASN elements.

dgarske assigned tmael and unassigned dgarske Oct 14, 2020

Fix for possible uninitialized use of prev.

b18d43a

tmael commented Oct 15, 2020

View reviewed changes

wolfcrypt/src/asn.c Show resolved Hide resolved

tmael commented Oct 15, 2020

View reviewed changes

wolfcrypt/src/asn.c Show resolved Hide resolved

dgarske approved these changes Oct 15, 2020

View reviewed changes

tmael assigned toddouska and unassigned tmael Oct 15, 2020

toddouska approved these changes Oct 20, 2020

View reviewed changes

toddouska merged commit a1afc6c into wolfSSL:master Oct 20, 2020

Provide feedback