Struct OcspResponse 

pub struct OcspResponse { /* private fields */ }

An OCSP response (OCSP_RESPONSE*).

Decode from DER with OcspResponse::from_der. Check the top-level OcspResponse::status, then extract the signed inner response with OcspResponse::basic for per-certificate status lookup.

Implementations

impl OcspResponse

pub fn from_der(der: &[u8]) -> Result<Self, ErrorStack>

Decode an OCSP response from DER bytes.

Errors

pub fn to_der(&self) -> Result<Vec<u8>, ErrorStack>

Encode the OCSP response to DER bytes.

Errors

pub fn status(&self) -> OcspResponseStatus

Overall OCSP response status (top-level packet status, not cert status).

A Successful value means the server processed the request; it does not mean any individual certificate is good. Use Self::basic and then OcspBasicResp::find_status for per-certificate results.

pub fn basic(&self) -> Result<OcspBasicResp, ErrorStack>

Extract the signed inner response (OCSP_BASICRESP*).

Only valid when Self::status is OcspResponseStatus::Successful.

Errors

Returns Err if the response has no basic response body (e.g. the top-level status is not Successful).

pub fn verified_status( &self, store: &X509Store, cert_id: &OcspCertId, ) -> Result<Option<OcspSingleStatus>, ErrorStack>

Convenience: verify the basic response signature and look up a cert status in one call.

Equivalent to resp.basic()?.verify(store, 0)?; resp.basic()?.find_status(id).

Errors

Trait Implementations

impl Drop for OcspResponse

fn drop(&mut self)

Executes the destructor for this type.

impl Send for OcspResponse