summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authordaurnimator <quae@daurnimator.com>2017-04-03 18:37:14 +1000
committerdaurnimator <quae@daurnimator.com>2017-04-03 18:37:14 +1000
commitb8e6d9e9de0f5431957a1df666cf6c4753a49518 (patch)
treefcca6a7850f754b2176a220425918d7e0bcc93d6
parent1274afbbf57354afd93a925c9ba766a71b47598b (diff)
downloadluaossl-b8e6d9e9de0f5431957a1df666cf6c4753a49518.tar.gz
luaossl-b8e6d9e9de0f5431957a1df666cf6c4753a49518.tar.bz2
luaossl-b8e6d9e9de0f5431957a1df666cf6c4753a49518.zip
Add docs for OCSP functions
-rw-r--r--doc/luaossl.tex72
1 files changed, 72 insertions, 0 deletions
diff --git a/doc/luaossl.tex b/doc/luaossl.tex
index 7db7463..15881a8 100644
--- a/doc/luaossl.tex
+++ b/doc/luaossl.tex
@@ -538,6 +538,10 @@ Returns a copy of the \module{x509.extension} object identified by $key$ where $
538 538
539Returns the integer count of the number of extensions. 539Returns the integer count of the number of extensions.
540 540
541\subsubsection[\fn{x509:getOCSP}]{\fn{x509:getOCSP()}}
542
543Returns the OCSP urls for the certificate.
544
541\subsubsection[\fn{x509:isIssuedBy}]{\fn{x509:isIssuedBy($issuer$)}} 545\subsubsection[\fn{x509:isIssuedBy}]{\fn{x509:isIssuedBy($issuer$)}}
542 546
543Returns a boolean according to whether the specified issuer---an \module{openssl.x509.name} object---signed the instance certificate. 547Returns a boolean according to whether the specified issuer---an \module{openssl.x509.name} object---signed the instance certificate.
@@ -897,6 +901,20 @@ Sets the advertised ALPN protocols. $table$ is an array of protocol string ident
897 901
898\emph{Only supported since OpenSSL 1.0.2.} 902\emph{Only supported since OpenSSL 1.0.2.}
899 903
904\subsubsection[\fn{context:setTLSextStatusType}]{\fn{context:setTLSextStatusType($type$)}}
905
906Sets the default TLS extension status for SSL objects derived from this context.
907See \fn{ssl:setTLSextStatusType}
908
909\emph{Only supported since OpenSSL 1.1.0.}
910
911\subsubsection[\fn{context:getTLSextStatusType}]{\fn{context:getTLSextStatusType()}}
912
913Gets the default TLS extension status for SSL objects derived from this context as a string.
914See \fn{ssl:getTLSextStatusType}
915
916\emph{Only supported since OpenSSL 1.1.0.}
917
900\end{Module} 918\end{Module}
901 919
902 920
@@ -984,6 +1002,30 @@ Sets the advertised ALPN protocols. $table$ is an array of protocol string ident
984 1002
985\emph{Only supported since OpenSSL 1.0.2.} 1003\emph{Only supported since OpenSSL 1.0.2.}
986 1004
1005\subsubsection[\fn{ssl:setTLSextStatusType}]{\fn{ssl:setTLSextStatusType($type$)}}
1006
1007Sets the TLS extension status.
1008
1009Only the $type$ ``ocsp'' is currently supported, this is used by a client to request that a server sends a stapled OCSP response as part of the TLS handshake.
1010
1011See also: \fn{context:setTLSextStatusType()}
1012
1013\subsubsection[\fn{ssl:getTLSextStatusType}]{\fn{ssl:getTLSextStatusType()}}
1014
1015Gets the TLS extension status. As set by \fn{ssl:setTLSextStatusType} or \fn{context:setTLSextStatusType}.
1016
1017Only the type ``ocsp'' is currently known.
1018
1019\emph{Only supported since OpenSSL 1.1.0.}
1020
1021\subsubsection[\fn{ssl:setTLSextStatusOCSPResp}]{\fn{ssl:setTLSextStatusOCSPResp($or$)}}
1022
1023Sets an \module{openssl.ocsp.response}. Used by a server to staple an OCSP response into a TLS handshake.
1024
1025\subsubsection[\fn{ssl:getTLSextStatusOCSPResp}]{\fn{ssl:getTLSextStatusOCSPResp()}}
1026
1027Returns the \module{openssl.ocsp.response} associated with the ssl object (or $nil$ if one has not been set).
1028
987\end{Module} 1029\end{Module}
988 1030
989 1031
@@ -1066,6 +1108,36 @@ Update the cipher with the specified string(s). Returns the final output string
1066\end{Module} 1108\end{Module}
1067 1109
1068 1110
1111\begin{Module}{openssl.ocsp.response}
1112
1113Binds OpenSSL's \texttt{OCSP\_RESPONSE} object.
1114
1115\subsubsection[\fn{response:getBasic}]{\fn{response:getBasic()}}
1116
1117Returns a \module{openssl.ocsp.basic} representation of the object contained within the OCSP response.
1118
1119\subsubsection[\fn{response:tostring}]{\fn{response:tostring()}}
1120
1121Returns a human readable description of the OCSP response as a string.
1122
1123\subsubsection[\fn{response:toPEM}]{\fn{response:toPEM()}}
1124
1125Returns the OCSP response as a PEM encoded string.
1126
1127\end{Module}
1128
1129
1130\begin{Module}{openssl.ocsp.basic}
1131
1132Binds OpenSSL's \texttt{OCSP\_BASICRESP} object.
1133
1134\subsubsection[\fn{basic:verify}]{\fn{basic:verify([$certs$ [, $store$[, $flags$]]])}}
1135
1136Verifies that the OCSP response is signed by a certificate in the \module{openssl.x509.chain} $certs$ or a trusted certificate in \module{openssl.x509.store} $store$.
1137
1138\end{Module}
1139
1140
1069\begin{Module}{openssl.rand} 1141\begin{Module}{openssl.rand}
1070 1142
1071Binds OpenSSL's random number interfaces. 1143Binds OpenSSL's random number interfaces.