The Tor Browser: security/nss/lib/certhigh/ocsp.c@b8a032363ba2 (annotated)

security/nss/lib/certhigh/ocsp.c@b8a032363ba2 (annotated)

security/nss/lib/certhigh/ocsp.c

Thu, 22 Jan 2015 13:21:57 +0100

author: Michael Schloh von Bennewitz <michael@schloh.com>
date: Thu, 22 Jan 2015 13:21:57 +0100
branch: TOR_BUG_9701
changeset 15: b8a032363ba2
permissions: -rw-r--r--

Incorporate requested changes from Mozilla in review:
https://bugzilla.mozilla.org/show_bug.cgi?id=1123480#c6

 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 /*
  * Implementation of OCSP services, for both client and server.
  * (XXX, really, mostly just for client right now, but intended to do both.)
  */
 #include "prerror.h"
 #include "prprf.h"
 #include "plarena.h"
 #include "prnetdb.h"
 #include "seccomon.h"
 #include "secitem.h"
 #include "secoidt.h"
 #include "secasn1.h"
 #include "secder.h"
 #include "cert.h"
 #include "certi.h"
 #include "xconst.h"
 #include "secerr.h"
 #include "secoid.h"
 #include "hasht.h"
 #include "sechash.h"
 #include "secasn1.h"
 #include "plbase64.h"
 #include "keyhi.h"
 #include "cryptohi.h"
 #include "ocsp.h"
 #include "ocspti.h"
 #include "ocspi.h"
 #include "genname.h"
 #include "certxutl.h"
 #include "pk11func.h"	/* for PK11_HashBuf */
 #include <stdarg.h>
 #include <plhash.h>
 #define DEFAULT_OCSP_CACHE_SIZE 1000
 #define DEFAULT_MINIMUM_SECONDS_TO_NEXT_OCSP_FETCH_ATTEMPT 1*60*60L
 #define DEFAULT_MAXIMUM_SECONDS_TO_NEXT_OCSP_FETCH_ATTEMPT 24*60*60L
 #define DEFAULT_OSCP_TIMEOUT_SECONDS 60
 #define MICROSECONDS_PER_SECOND 1000000L
 typedef struct OCSPCacheItemStr OCSPCacheItem;
 typedef struct OCSPCacheDataStr OCSPCacheData;
 struct OCSPCacheItemStr {
     /* LRU linking */
     OCSPCacheItem *moreRecent;
     OCSPCacheItem *lessRecent;
     /* key */
     CERTOCSPCertID *certID;
     /* CertID's arena also used to allocate "this" cache item */
     /* cache control information */
     PRTime nextFetchAttemptTime;
     /* Cached contents. Use a separate arena, because lifetime is different */
     PLArenaPool *certStatusArena; /* NULL means: no cert status cached */
     ocspCertStatus certStatus;
     /* This may contain an error code when no OCSP response is available. */
     SECErrorCodes missingResponseError;
     PRPackedBool haveThisUpdate;
     PRPackedBool haveNextUpdate;
     PRTime thisUpdate;
     PRTime nextUpdate;
 };
 struct OCSPCacheDataStr {
     PLHashTable *entries;
     PRUint32 numberOfEntries;
     OCSPCacheItem *MRUitem; /* most recently used cache item */
     OCSPCacheItem *LRUitem; /* least recently used cache item */
 };
 static struct OCSPGlobalStruct {
     PRMonitor *monitor;
     const SEC_HttpClientFcn *defaultHttpClientFcn;
     PRInt32 maxCacheEntries;
     PRUint32 minimumSecondsToNextFetchAttempt;
     PRUint32 maximumSecondsToNextFetchAttempt;
     PRUint32 timeoutSeconds;
     OCSPCacheData cache;
     SEC_OcspFailureMode ocspFailureMode;
     CERT_StringFromCertFcn alternateOCSPAIAFcn;
     PRBool forcePost;
 } OCSP_Global = { NULL,
                   NULL,
                   DEFAULT_OCSP_CACHE_SIZE,
                   DEFAULT_MINIMUM_SECONDS_TO_NEXT_OCSP_FETCH_ATTEMPT,
                   DEFAULT_MAXIMUM_SECONDS_TO_NEXT_OCSP_FETCH_ATTEMPT,
                   DEFAULT_OSCP_TIMEOUT_SECONDS,
                   {NULL, 0, NULL, NULL},
                   ocspMode_FailureIsVerificationFailure,
                   NULL,
                   PR_FALSE
                 };
 /* Forward declarations */
 static SECItem *
 ocsp_GetEncodedOCSPResponseFromRequest(PLArenaPool *arena,
                                        CERTOCSPRequest *request,
                                        const char *location,
 				       const char *method,
 				       PRTime time,
                                        PRBool addServiceLocator,
                                        void *pwArg,
                                        CERTOCSPRequest **pRequest);
 static SECStatus
 ocsp_GetOCSPStatusFromNetwork(CERTCertDBHandle *handle,
                               CERTOCSPCertID *certID,
                               CERTCertificate *cert,
                               PRTime time,
                               void *pwArg,
                               PRBool *certIDWasConsumed,
                               SECStatus *rv_ocsp);
 static SECStatus
 ocsp_GetDecodedVerifiedSingleResponseForID(CERTCertDBHandle *handle,
 					   CERTOCSPCertID *certID,
 					   CERTCertificate *cert,
 					   PRTime time,
 					   void *pwArg,
 					   const SECItem *encodedResponse,
 					   CERTOCSPResponse **pDecodedResponse,
 					   CERTOCSPSingleResponse **pSingle);
 static SECStatus
 ocsp_CertRevokedAfter(ocspRevokedInfo *revokedInfo, PRTime time);
 static CERTOCSPCertID *
 cert_DupOCSPCertID(const CERTOCSPCertID *src);
 #ifndef DEBUG
 #define OCSP_TRACE(msg)
 #define OCSP_TRACE_TIME(msg, time)
 #define OCSP_TRACE_CERT(cert)
 #define OCSP_TRACE_CERTID(certid)
 #else
 #define OCSP_TRACE(msg) ocsp_Trace msg
 #define OCSP_TRACE_TIME(msg, time) ocsp_dumpStringWithTime(msg, time)
 #define OCSP_TRACE_CERT(cert) dumpCertificate(cert)
 #define OCSP_TRACE_CERTID(certid) dumpCertID(certid)
 #if defined(XP_UNIX) || defined(XP_WIN32) || defined(XP_BEOS) \
      || defined(XP_MACOSX)
 #define NSS_HAVE_GETENV 1
 #endif
 static PRBool wantOcspTrace(void)
 {
     static PRBool firstTime = PR_TRUE;
     static PRBool wantTrace = PR_FALSE;
 #ifdef NSS_HAVE_GETENV
     if (firstTime) {
         char *ev = getenv("NSS_TRACE_OCSP");
         if (ev && ev[0]) {
             wantTrace = PR_TRUE;
         }
         firstTime = PR_FALSE;
     }
 #endif
     return wantTrace;
 }
 static void
 ocsp_Trace(const char *format, ...)
 {
     char buf[2000];
     va_list args;
     if (!wantOcspTrace())
         return;
     va_start(args, format);
     PR_vsnprintf(buf, sizeof(buf), format, args);
     va_end(args);
     PR_LogPrint("%s", buf);
 }
 static void
 ocsp_dumpStringWithTime(const char *str, PRTime time)
 {
     PRExplodedTime timePrintable;
     char timestr[256];
     if (!wantOcspTrace())
         return;
     PR_ExplodeTime(time, PR_GMTParameters, &timePrintable);
     if (PR_FormatTime(timestr, 256, "%a %b %d %H:%M:%S %Y", &timePrintable)) {
         ocsp_Trace("OCSP %s %s\n", str, timestr);
     }
 }
 static void
 printHexString(const char *prefix, SECItem *hexval)
 {
     unsigned int i;
     char *hexbuf = NULL;
     for (i = 0; i < hexval->len; i++) {
         if (i != hexval->len - 1) {
             hexbuf = PR_sprintf_append(hexbuf, "%02x:", hexval->data[i]);
         } else {
             hexbuf = PR_sprintf_append(hexbuf, "%02x", hexval->data[i]);
         }
     }
     if (hexbuf) {
         ocsp_Trace("%s %s\n", prefix, hexbuf);
         PR_smprintf_free(hexbuf);
     }
 }
 static void
 dumpCertificate(CERTCertificate *cert)
 {
     if (!wantOcspTrace())
         return;
     ocsp_Trace("OCSP ----------------\n");
     ocsp_Trace("OCSP ## SUBJECT:  %s\n", cert->subjectName);
     {
         PRTime timeBefore, timeAfter;
         PRExplodedTime beforePrintable, afterPrintable;
         char beforestr[256], afterstr[256];
         PRStatus rv1, rv2;
         DER_DecodeTimeChoice(&timeBefore, &cert->validity.notBefore);
         DER_DecodeTimeChoice(&timeAfter, &cert->validity.notAfter);
         PR_ExplodeTime(timeBefore, PR_GMTParameters, &beforePrintable);
         PR_ExplodeTime(timeAfter, PR_GMTParameters, &afterPrintable);
         rv1 = PR_FormatTime(beforestr, 256, "%a %b %d %H:%M:%S %Y",
                       &beforePrintable);
         rv2 = PR_FormatTime(afterstr, 256, "%a %b %d %H:%M:%S %Y",
                       &afterPrintable);
         ocsp_Trace("OCSP ## VALIDITY:  %s to %s\n", rv1 ? beforestr : "",
                    rv2 ? afterstr : "");
     }
     ocsp_Trace("OCSP ## ISSUER:  %s\n", cert->issuerName);
     printHexString("OCSP ## SERIAL NUMBER:", &cert->serialNumber);
 }
 static void
 dumpCertID(CERTOCSPCertID *certID)
 {
     if (!wantOcspTrace())
         return;
     printHexString("OCSP certID issuer", &certID->issuerNameHash);
     printHexString("OCSP certID serial", &certID->serialNumber);
 }
 #endif
 SECStatus
 SEC_RegisterDefaultHttpClient(const SEC_HttpClientFcn *fcnTable)
 {
     if (!OCSP_Global.monitor) {
       PORT_SetError(SEC_ERROR_NOT_INITIALIZED);
       return SECFailure;
     }
     PR_EnterMonitor(OCSP_Global.monitor);
     OCSP_Global.defaultHttpClientFcn = fcnTable;
     PR_ExitMonitor(OCSP_Global.monitor);
     return SECSuccess;
 }
 SECStatus
 CERT_RegisterAlternateOCSPAIAInfoCallBack(
 			CERT_StringFromCertFcn   newCallback,
 			CERT_StringFromCertFcn * oldCallback)
 {
     CERT_StringFromCertFcn old;
     if (!OCSP_Global.monitor) {
       PORT_SetError(SEC_ERROR_NOT_INITIALIZED);
       return SECFailure;
     }
     PR_EnterMonitor(OCSP_Global.monitor);
     old = OCSP_Global.alternateOCSPAIAFcn;
     OCSP_Global.alternateOCSPAIAFcn = newCallback;
     PR_ExitMonitor(OCSP_Global.monitor);
     if (oldCallback)
     	*oldCallback = old;
     return SECSuccess;
 }
 static PLHashNumber PR_CALLBACK
 ocsp_CacheKeyHashFunction(const void *key)
 {
     CERTOCSPCertID *cid = (CERTOCSPCertID *)key;
     PLHashNumber hash = 0;
     unsigned int i;
     unsigned char *walk;
     /* a very simple hash calculation for the initial coding phase */
     walk = (unsigned char*)cid->issuerNameHash.data;
     for (i=0; i < cid->issuerNameHash.len; ++i, ++walk) {
         hash += *walk;
     }
     walk = (unsigned char*)cid->issuerKeyHash.data;
     for (i=0; i < cid->issuerKeyHash.len; ++i, ++walk) {
         hash += *walk;
     }
     walk = (unsigned char*)cid->serialNumber.data;
     for (i=0; i < cid->serialNumber.len; ++i, ++walk) {
         hash += *walk;
     }
     return hash;
 }
 static PRIntn PR_CALLBACK
 ocsp_CacheKeyCompareFunction(const void *v1, const void *v2)
 {
     CERTOCSPCertID *cid1 = (CERTOCSPCertID *)v1;
     CERTOCSPCertID *cid2 = (CERTOCSPCertID *)v2;
     return (SECEqual == SECITEM_CompareItem(&cid1->issuerNameHash,
                                             &cid2->issuerNameHash)
             && SECEqual == SECITEM_CompareItem(&cid1->issuerKeyHash,
                                                &cid2->issuerKeyHash)
             && SECEqual == SECITEM_CompareItem(&cid1->serialNumber,
                                                &cid2->serialNumber));
 }
 static SECStatus
 ocsp_CopyRevokedInfo(PLArenaPool *arena, ocspCertStatus *dest,
                      ocspRevokedInfo *src)
 {
     SECStatus rv = SECFailure;
     void *mark;
     mark = PORT_ArenaMark(arena);
     dest->certStatusInfo.revokedInfo =
         (ocspRevokedInfo *) PORT_ArenaZAlloc(arena, sizeof(ocspRevokedInfo));
     if (!dest->certStatusInfo.revokedInfo) {
         goto loser;
     }
     rv = SECITEM_CopyItem(arena,
                           &dest->certStatusInfo.revokedInfo->revocationTime,
                           &src->revocationTime);
     if (rv != SECSuccess) {
         goto loser;
     }
     if (src->revocationReason) {
         dest->certStatusInfo.revokedInfo->revocationReason =
             SECITEM_ArenaDupItem(arena, src->revocationReason);
         if (!dest->certStatusInfo.revokedInfo->revocationReason) {
             goto loser;
         }
     }  else {
         dest->certStatusInfo.revokedInfo->revocationReason = NULL;
     }
     PORT_ArenaUnmark(arena, mark);
     return SECSuccess;
 loser:
     PORT_ArenaRelease(arena, mark);
     return SECFailure;
 }
 static SECStatus
 ocsp_CopyCertStatus(PLArenaPool *arena, ocspCertStatus *dest,
                     ocspCertStatus*src)
 {
     SECStatus rv = SECFailure;
     dest->certStatusType = src->certStatusType;
     switch (src->certStatusType) {
     case ocspCertStatus_good:
         dest->certStatusInfo.goodInfo =
             SECITEM_ArenaDupItem(arena, src->certStatusInfo.goodInfo);
         if (dest->certStatusInfo.goodInfo != NULL) {
             rv = SECSuccess;
         }
         break;
     case ocspCertStatus_revoked:
         rv = ocsp_CopyRevokedInfo(arena, dest,
                                   src->certStatusInfo.revokedInfo);
         break;
     case ocspCertStatus_unknown:
         dest->certStatusInfo.unknownInfo =
             SECITEM_ArenaDupItem(arena, src->certStatusInfo.unknownInfo);
         if (dest->certStatusInfo.unknownInfo != NULL) {
             rv = SECSuccess;
         }
         break;
     case ocspCertStatus_other:
     default:
         PORT_Assert(src->certStatusType == ocspCertStatus_other);
         dest->certStatusInfo.otherInfo =
             SECITEM_ArenaDupItem(arena, src->certStatusInfo.otherInfo);
         if (dest->certStatusInfo.otherInfo != NULL) {
             rv = SECSuccess;
         }
         break;
     }
     return rv;
 }
 static void
 ocsp_AddCacheItemToLinkedList(OCSPCacheData *cache, OCSPCacheItem *new_most_recent)
 {
     PR_EnterMonitor(OCSP_Global.monitor);
     if (!cache->LRUitem) {
         cache->LRUitem = new_most_recent;
     }
     new_most_recent->lessRecent = cache->MRUitem;
     new_most_recent->moreRecent = NULL;
     if (cache->MRUitem) {
         cache->MRUitem->moreRecent = new_most_recent;
     }
     cache->MRUitem = new_most_recent;
     PR_ExitMonitor(OCSP_Global.monitor);
 }
 static void
 ocsp_RemoveCacheItemFromLinkedList(OCSPCacheData *cache, OCSPCacheItem *item)
 {
     PR_EnterMonitor(OCSP_Global.monitor);
     if (!item->lessRecent && !item->moreRecent) {
         /*
          * Fail gracefully on attempts to remove an item from the list,
          * which is currently not part of the list.
          * But check for the edge case it is the single entry in the list.
          */
         if (item == cache->LRUitem &&
             item == cache->MRUitem) {
             /* remove the single entry */
             PORT_Assert(cache->numberOfEntries == 1);
             PORT_Assert(item->moreRecent == NULL);
             cache->MRUitem = NULL;
             cache->LRUitem = NULL;
         }
         PR_ExitMonitor(OCSP_Global.monitor);
         return;
     }
     PORT_Assert(cache->numberOfEntries > 1);
     if (item == cache->LRUitem) {
         PORT_Assert(item != cache->MRUitem);
         PORT_Assert(item->lessRecent == NULL);
         PORT_Assert(item->moreRecent != NULL);
         PORT_Assert(item->moreRecent->lessRecent == item);
         cache->LRUitem = item->moreRecent;
         cache->LRUitem->lessRecent = NULL;
     }
     else if (item == cache->MRUitem) {
         PORT_Assert(item->moreRecent == NULL);
         PORT_Assert(item->lessRecent != NULL);
         PORT_Assert(item->lessRecent->moreRecent == item);
         cache->MRUitem = item->lessRecent;
         cache->MRUitem->moreRecent = NULL;
     } else {
         /* remove an entry in the middle of the list */
         PORT_Assert(item->moreRecent != NULL);
         PORT_Assert(item->lessRecent != NULL);
         PORT_Assert(item->lessRecent->moreRecent == item);
         PORT_Assert(item->moreRecent->lessRecent == item);
         item->moreRecent->lessRecent = item->lessRecent;
         item->lessRecent->moreRecent = item->moreRecent;
     }
     item->lessRecent = NULL;
     item->moreRecent = NULL;
     PR_ExitMonitor(OCSP_Global.monitor);
 }
 static void
 ocsp_MakeCacheEntryMostRecent(OCSPCacheData *cache, OCSPCacheItem *new_most_recent)
 {
     OCSP_TRACE(("OCSP ocsp_MakeCacheEntryMostRecent THREADID %p\n",
                 PR_GetCurrentThread()));
     PR_EnterMonitor(OCSP_Global.monitor);
     if (cache->MRUitem == new_most_recent) {
         OCSP_TRACE(("OCSP ocsp_MakeCacheEntryMostRecent ALREADY MOST\n"));
         PR_ExitMonitor(OCSP_Global.monitor);
         return;
     }
     OCSP_TRACE(("OCSP ocsp_MakeCacheEntryMostRecent NEW entry\n"));
     ocsp_RemoveCacheItemFromLinkedList(cache, new_most_recent);
     ocsp_AddCacheItemToLinkedList(cache, new_most_recent);
     PR_ExitMonitor(OCSP_Global.monitor);
 }
 static PRBool
 ocsp_IsCacheDisabled(void)
 {
     /*
      * maxCacheEntries == 0 means unlimited cache entries
      * maxCacheEntries  < 0 means cache is disabled
      */
     PRBool retval;
     PR_EnterMonitor(OCSP_Global.monitor);
     retval = (OCSP_Global.maxCacheEntries < 0);
     PR_ExitMonitor(OCSP_Global.monitor);
     return retval;
 }
 static OCSPCacheItem *
 ocsp_FindCacheEntry(OCSPCacheData *cache, CERTOCSPCertID *certID)
 {
     OCSPCacheItem *found_ocsp_item = NULL;
     OCSP_TRACE(("OCSP ocsp_FindCacheEntry\n"));
     OCSP_TRACE_CERTID(certID);
     PR_EnterMonitor(OCSP_Global.monitor);
     if (ocsp_IsCacheDisabled())
         goto loser;
     found_ocsp_item = (OCSPCacheItem *)PL_HashTableLookup(
                           cache->entries, certID);
     if (!found_ocsp_item)
         goto loser;
     OCSP_TRACE(("OCSP ocsp_FindCacheEntry FOUND!\n"));
     ocsp_MakeCacheEntryMostRecent(cache, found_ocsp_item);
 loser:
     PR_ExitMonitor(OCSP_Global.monitor);
     return found_ocsp_item;
 }
 static void
 ocsp_FreeCacheItem(OCSPCacheItem *item)
 {
     OCSP_TRACE(("OCSP ocsp_FreeCacheItem\n"));
     if (item->certStatusArena) {
         PORT_FreeArena(item->certStatusArena, PR_FALSE);
     }
     if (item->certID->poolp) {
         /* freeing this poolp arena will also free item */
         PORT_FreeArena(item->certID->poolp, PR_FALSE);
     }
 }
 static void
 ocsp_RemoveCacheItem(OCSPCacheData *cache, OCSPCacheItem *item)
 {
     /* The item we're removing could be either the least recently used item,
      * or it could be an item that couldn't get updated with newer status info
      * because of an allocation failure, or it could get removed because we're
      * cleaning up.
      */
     PRBool couldRemoveFromHashTable;
     OCSP_TRACE(("OCSP ocsp_RemoveCacheItem, THREADID %p\n", PR_GetCurrentThread()));
     PR_EnterMonitor(OCSP_Global.monitor);
     ocsp_RemoveCacheItemFromLinkedList(cache, item);
     couldRemoveFromHashTable = PL_HashTableRemove(cache->entries,
                                                   item->certID);
     PORT_Assert(couldRemoveFromHashTable);
     --cache->numberOfEntries;
     ocsp_FreeCacheItem(item);
     PR_ExitMonitor(OCSP_Global.monitor);
 }
 static void
 ocsp_CheckCacheSize(OCSPCacheData *cache)
 {
     OCSP_TRACE(("OCSP ocsp_CheckCacheSize\n"));
     PR_EnterMonitor(OCSP_Global.monitor);
     if (OCSP_Global.maxCacheEntries > 0) {
         /* Cache is not disabled. Number of cache entries is limited.
          * The monitor ensures that maxCacheEntries remains positive.
          */
         while (cache->numberOfEntries >
                      (PRUint32)OCSP_Global.maxCacheEntries) {
             ocsp_RemoveCacheItem(cache, cache->LRUitem);
         }
     }
     PR_ExitMonitor(OCSP_Global.monitor);
 }
 SECStatus
 CERT_ClearOCSPCache(void)
 {
     OCSP_TRACE(("OCSP CERT_ClearOCSPCache\n"));
     PR_EnterMonitor(OCSP_Global.monitor);
     while (OCSP_Global.cache.numberOfEntries > 0) {
         ocsp_RemoveCacheItem(&OCSP_Global.cache,
                              OCSP_Global.cache.LRUitem);
     }
     PR_ExitMonitor(OCSP_Global.monitor);
     return SECSuccess;
 }
 static SECStatus
 ocsp_CreateCacheItemAndConsumeCertID(OCSPCacheData *cache,
                                      CERTOCSPCertID *certID,
                                      OCSPCacheItem **pCacheItem)
 {
     PLArenaPool *arena;
     void *mark;
     PLHashEntry *new_hash_entry;
     OCSPCacheItem *item;
     PORT_Assert(pCacheItem != NULL);
     *pCacheItem = NULL;
     PR_EnterMonitor(OCSP_Global.monitor);
     arena = certID->poolp;
     mark = PORT_ArenaMark(arena);
     /* ZAlloc will init all Bools to False and all Pointers to NULL
        and all error codes to zero/good. */
     item = (OCSPCacheItem *)PORT_ArenaZAlloc(certID->poolp,
                                              sizeof(OCSPCacheItem));
     if (!item) {
         goto loser;
     }
     item->certID = certID;
     new_hash_entry = PL_HashTableAdd(cache->entries, item->certID,
                                      item);
     if (!new_hash_entry) {
         goto loser;
     }
     ++cache->numberOfEntries;
     PORT_ArenaUnmark(arena, mark);
     ocsp_AddCacheItemToLinkedList(cache, item);
     *pCacheItem = item;
     PR_ExitMonitor(OCSP_Global.monitor);
     return SECSuccess;
 loser:
     PORT_ArenaRelease(arena, mark);
     PR_ExitMonitor(OCSP_Global.monitor);
     return SECFailure;
 }
 static SECStatus
 ocsp_SetCacheItemResponse(OCSPCacheItem *item,
                           const CERTOCSPSingleResponse *response)
 {
     if (item->certStatusArena) {
         PORT_FreeArena(item->certStatusArena, PR_FALSE);
         item->certStatusArena = NULL;
     }
     item->haveThisUpdate = item->haveNextUpdate = PR_FALSE;
     if (response) {
         SECStatus rv;
         item->certStatusArena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
         if (item->certStatusArena == NULL) {
             return SECFailure;
         }
         rv = ocsp_CopyCertStatus(item->certStatusArena, &item->certStatus,
                                  response->certStatus);
         if (rv != SECSuccess) {
             PORT_FreeArena(item->certStatusArena, PR_FALSE);
             item->certStatusArena = NULL;
             return rv;
         }
         item->missingResponseError = 0;
         rv = DER_GeneralizedTimeToTime(&item->thisUpdate,
                                        &response->thisUpdate);
         item->haveThisUpdate = (rv == SECSuccess);
         if (response->nextUpdate) {
             rv = DER_GeneralizedTimeToTime(&item->nextUpdate,
                                            response->nextUpdate);
             item->haveNextUpdate = (rv == SECSuccess);
         } else {
             item->haveNextUpdate = PR_FALSE;
         }
     }
     return SECSuccess;
 }
 static void
 ocsp_FreshenCacheItemNextFetchAttemptTime(OCSPCacheItem *cacheItem)
 {
     PRTime now;
     PRTime earliestAllowedNextFetchAttemptTime;
     PRTime latestTimeWhenResponseIsConsideredFresh;
     OCSP_TRACE(("OCSP ocsp_FreshenCacheItemNextFetchAttemptTime\n"));
     PR_EnterMonitor(OCSP_Global.monitor);
     now = PR_Now();
     OCSP_TRACE_TIME("now:", now);
     if (cacheItem->haveThisUpdate) {
         OCSP_TRACE_TIME("thisUpdate:", cacheItem->thisUpdate);
         latestTimeWhenResponseIsConsideredFresh = cacheItem->thisUpdate +
             OCSP_Global.maximumSecondsToNextFetchAttempt *
                 MICROSECONDS_PER_SECOND;
         OCSP_TRACE_TIME("latestTimeWhenResponseIsConsideredFresh:",
                         latestTimeWhenResponseIsConsideredFresh);
     } else {
         latestTimeWhenResponseIsConsideredFresh = now +
             OCSP_Global.minimumSecondsToNextFetchAttempt *
                 MICROSECONDS_PER_SECOND;
         OCSP_TRACE_TIME("no thisUpdate, "
                         "latestTimeWhenResponseIsConsideredFresh:",
                         latestTimeWhenResponseIsConsideredFresh);
     }
     if (cacheItem->haveNextUpdate) {
         OCSP_TRACE_TIME("have nextUpdate:", cacheItem->nextUpdate);
     }
     if (cacheItem->haveNextUpdate &&
         cacheItem->nextUpdate < latestTimeWhenResponseIsConsideredFresh) {
         latestTimeWhenResponseIsConsideredFresh = cacheItem->nextUpdate;
         OCSP_TRACE_TIME("nextUpdate is smaller than latestFresh, setting "
                         "latestTimeWhenResponseIsConsideredFresh:",
                         latestTimeWhenResponseIsConsideredFresh);
     }
     earliestAllowedNextFetchAttemptTime = now +
         OCSP_Global.minimumSecondsToNextFetchAttempt *
             MICROSECONDS_PER_SECOND;
     OCSP_TRACE_TIME("earliestAllowedNextFetchAttemptTime:",
                     earliestAllowedNextFetchAttemptTime);
     if (latestTimeWhenResponseIsConsideredFresh <
         earliestAllowedNextFetchAttemptTime) {
         latestTimeWhenResponseIsConsideredFresh =
             earliestAllowedNextFetchAttemptTime;
         OCSP_TRACE_TIME("latest < earliest, setting latest to:",
                         latestTimeWhenResponseIsConsideredFresh);
     }
     cacheItem->nextFetchAttemptTime =
         latestTimeWhenResponseIsConsideredFresh;
     OCSP_TRACE_TIME("nextFetchAttemptTime",
         latestTimeWhenResponseIsConsideredFresh);
     PR_ExitMonitor(OCSP_Global.monitor);
 }
 static PRBool
 ocsp_IsCacheItemFresh(OCSPCacheItem *cacheItem)
 {
     PRTime now;
     PRBool fresh;
     now = PR_Now();
     fresh = cacheItem->nextFetchAttemptTime > now;
     /* Work around broken OCSP responders that return unknown responses for
      * certificates, especially certificates that were just recently issued.
      */
     if (fresh && cacheItem->certStatusArena &&
         cacheItem->certStatus.certStatusType == ocspCertStatus_unknown) {
         fresh = PR_FALSE;
     }
     OCSP_TRACE(("OCSP ocsp_IsCacheItemFresh: %d\n", fresh));
     return fresh;
 }
 /*
  * Status in *certIDWasConsumed will always be correct, regardless of
  * return value.
  * If the caller is unable to transfer ownership of certID,
  * then the caller must set certIDWasConsumed to NULL,
  * and this function will potentially duplicate the certID object.
  */
 static SECStatus
 ocsp_CreateOrUpdateCacheEntry(OCSPCacheData *cache,
                               CERTOCSPCertID *certID,
                               CERTOCSPSingleResponse *single,
                               PRBool *certIDWasConsumed)
 {
     SECStatus rv;
     OCSPCacheItem *cacheItem;
     OCSP_TRACE(("OCSP ocsp_CreateOrUpdateCacheEntry\n"));
     if (certIDWasConsumed)
         *certIDWasConsumed = PR_FALSE;
     PR_EnterMonitor(OCSP_Global.monitor);
     PORT_Assert(OCSP_Global.maxCacheEntries >= 0);
     cacheItem = ocsp_FindCacheEntry(cache, certID);
     /* Don't replace an unknown or revoked entry with an error entry, even if
      * the existing entry is expired. Instead, we'll continue to use the
      * existing (possibly expired) cache entry until we receive a valid signed
      * response to replace it.
      */
     if (!single && cacheItem && cacheItem->certStatusArena &&
         (cacheItem->certStatus.certStatusType == ocspCertStatus_revoked ||
          cacheItem->certStatus.certStatusType == ocspCertStatus_unknown)) {
         PR_ExitMonitor(OCSP_Global.monitor);
         return SECSuccess;
     }
     if (!cacheItem) {
         CERTOCSPCertID *myCertID;
         if (certIDWasConsumed) {
             myCertID = certID;
             *certIDWasConsumed = PR_TRUE;
         } else {
             myCertID = cert_DupOCSPCertID(certID);
             if (!myCertID) {
                 PR_ExitMonitor(OCSP_Global.monitor);
                 PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
                 return SECFailure;
             }
         }
         rv = ocsp_CreateCacheItemAndConsumeCertID(cache, myCertID,
                                                   &cacheItem);
         if (rv != SECSuccess) {
             PR_ExitMonitor(OCSP_Global.monitor);
             return rv;
         }
     }
     if (single) {
         PRTime thisUpdate;
         rv = DER_GeneralizedTimeToTime(&thisUpdate, &single->thisUpdate);
         if (!cacheItem->haveThisUpdate ||
             (rv == SECSuccess && cacheItem->thisUpdate < thisUpdate)) {
             rv = ocsp_SetCacheItemResponse(cacheItem, single);
             if (rv != SECSuccess) {
                 ocsp_RemoveCacheItem(cache, cacheItem);
                 PR_ExitMonitor(OCSP_Global.monitor);
                 return rv;
             }
         } else {
             OCSP_TRACE(("Not caching response because the response is not "
                         "newer than the cache"));
         }
     } else {
         cacheItem->missingResponseError = PORT_GetError();
         if (cacheItem->certStatusArena) {
             PORT_FreeArena(cacheItem->certStatusArena, PR_FALSE);
             cacheItem->certStatusArena = NULL;
         }
     }
     ocsp_FreshenCacheItemNextFetchAttemptTime(cacheItem);
     ocsp_CheckCacheSize(cache);
     PR_ExitMonitor(OCSP_Global.monitor);
     return SECSuccess;
 }
 extern SECStatus
 CERT_SetOCSPFailureMode(SEC_OcspFailureMode ocspFailureMode)
 {
     switch (ocspFailureMode) {
     case ocspMode_FailureIsVerificationFailure:
     case ocspMode_FailureIsNotAVerificationFailure:
         break;
     default:
         PORT_SetError(SEC_ERROR_INVALID_ARGS);
         return SECFailure;
     }
     PR_EnterMonitor(OCSP_Global.monitor);
     OCSP_Global.ocspFailureMode = ocspFailureMode;
     PR_ExitMonitor(OCSP_Global.monitor);
     return SECSuccess;
 }
 SECStatus
 CERT_OCSPCacheSettings(PRInt32 maxCacheEntries,
                        PRUint32 minimumSecondsToNextFetchAttempt,
                        PRUint32 maximumSecondsToNextFetchAttempt)
 {
     if (minimumSecondsToNextFetchAttempt > maximumSecondsToNextFetchAttempt
         || maxCacheEntries < -1) {
         PORT_SetError(SEC_ERROR_INVALID_ARGS);
         return SECFailure;
     }
     PR_EnterMonitor(OCSP_Global.monitor);
     if (maxCacheEntries < 0) {
         OCSP_Global.maxCacheEntries = -1; /* disable cache */
     } else if (maxCacheEntries == 0) {
         OCSP_Global.maxCacheEntries = 0; /* unlimited cache entries */
     } else {
         OCSP_Global.maxCacheEntries = maxCacheEntries;
     }
     if (minimumSecondsToNextFetchAttempt <
             OCSP_Global.minimumSecondsToNextFetchAttempt
         || maximumSecondsToNextFetchAttempt <
             OCSP_Global.maximumSecondsToNextFetchAttempt) {
         /*
          * Ensure our existing cache entries are not used longer than the
          * new settings allow, we're lazy and just clear the cache
          */
         CERT_ClearOCSPCache();
     }
     OCSP_Global.minimumSecondsToNextFetchAttempt =
         minimumSecondsToNextFetchAttempt;
     OCSP_Global.maximumSecondsToNextFetchAttempt =
         maximumSecondsToNextFetchAttempt;
     ocsp_CheckCacheSize(&OCSP_Global.cache);
     PR_ExitMonitor(OCSP_Global.monitor);
     return SECSuccess;
 }
 SECStatus
 CERT_SetOCSPTimeout(PRUint32 seconds)
 {
     /* no locking, see bug 406120 */
     OCSP_Global.timeoutSeconds = seconds;
     return SECSuccess;
 }
 /* this function is called at NSS initialization time */
 SECStatus OCSP_InitGlobal(void)
 {
     SECStatus rv = SECFailure;
     if (OCSP_Global.monitor == NULL) {
         OCSP_Global.monitor = PR_NewMonitor();
     }
     if (!OCSP_Global.monitor)
         return SECFailure;
     PR_EnterMonitor(OCSP_Global.monitor);
     if (!OCSP_Global.cache.entries) {
         OCSP_Global.cache.entries =
             PL_NewHashTable(0,
                             ocsp_CacheKeyHashFunction,
                             ocsp_CacheKeyCompareFunction,
                             PL_CompareValues,
                             NULL,
                             NULL);
         OCSP_Global.ocspFailureMode = ocspMode_FailureIsVerificationFailure;
         OCSP_Global.cache.numberOfEntries = 0;
         OCSP_Global.cache.MRUitem = NULL;
         OCSP_Global.cache.LRUitem = NULL;
     } else {
         /*
          * NSS might call this function twice while attempting to init.
          * But it's not allowed to call this again after any activity.
          */
         PORT_Assert(OCSP_Global.cache.numberOfEntries == 0);
         PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
     }
     if (OCSP_Global.cache.entries)
         rv = SECSuccess;
     PR_ExitMonitor(OCSP_Global.monitor);
     return rv;
 }
 SECStatus OCSP_ShutdownGlobal(void)
 {
     if (!OCSP_Global.monitor)
         return SECSuccess;
     PR_EnterMonitor(OCSP_Global.monitor);
     if (OCSP_Global.cache.entries) {
         CERT_ClearOCSPCache();
         PL_HashTableDestroy(OCSP_Global.cache.entries);
         OCSP_Global.cache.entries = NULL;
     }
     PORT_Assert(OCSP_Global.cache.numberOfEntries == 0);
     OCSP_Global.cache.MRUitem = NULL;
     OCSP_Global.cache.LRUitem = NULL;
     OCSP_Global.defaultHttpClientFcn = NULL;
     OCSP_Global.maxCacheEntries = DEFAULT_OCSP_CACHE_SIZE;
     OCSP_Global.minimumSecondsToNextFetchAttempt =
       DEFAULT_MINIMUM_SECONDS_TO_NEXT_OCSP_FETCH_ATTEMPT;
     OCSP_Global.maximumSecondsToNextFetchAttempt =
       DEFAULT_MAXIMUM_SECONDS_TO_NEXT_OCSP_FETCH_ATTEMPT;
     OCSP_Global.ocspFailureMode =
       ocspMode_FailureIsVerificationFailure;
     PR_ExitMonitor(OCSP_Global.monitor);
     PR_DestroyMonitor(OCSP_Global.monitor);
     OCSP_Global.monitor = NULL;
     return SECSuccess;
 }
 /*
  * A return value of NULL means:
  *   The application did not register it's own HTTP client.
  */
 const SEC_HttpClientFcn *SEC_GetRegisteredHttpClient(void)
 {
     const SEC_HttpClientFcn *retval;
     if (!OCSP_Global.monitor) {
       PORT_SetError(SEC_ERROR_NOT_INITIALIZED);
       return NULL;
     }
     PR_EnterMonitor(OCSP_Global.monitor);
     retval = OCSP_Global.defaultHttpClientFcn;
     PR_ExitMonitor(OCSP_Global.monitor);
     return retval;
 }
 /*
  * The following structure is only used internally.  It is allocated when
  * someone turns on OCSP checking, and hangs off of the status-configuration
  * structure in the certdb structure.  We use it to keep configuration
  * information specific to OCSP checking.
  */
 typedef struct ocspCheckingContextStr {
     PRBool useDefaultResponder;
     char *defaultResponderURI;
     char *defaultResponderNickname;
     CERTCertificate *defaultResponderCert;
 } ocspCheckingContext;
 SEC_ASN1_MKSUB(SEC_AnyTemplate)
 SEC_ASN1_MKSUB(SEC_IntegerTemplate)
 SEC_ASN1_MKSUB(SEC_NullTemplate)
 SEC_ASN1_MKSUB(SEC_OctetStringTemplate)
 SEC_ASN1_MKSUB(SEC_PointerToAnyTemplate)
 SEC_ASN1_MKSUB(SECOID_AlgorithmIDTemplate)
 SEC_ASN1_MKSUB(SEC_SequenceOfAnyTemplate)
 SEC_ASN1_MKSUB(SEC_PointerToGeneralizedTimeTemplate)
 SEC_ASN1_MKSUB(SEC_PointerToEnumeratedTemplate)
 /*
  * Forward declarations of sub-types, so I can lay out the types in the
  * same order as the ASN.1 is laid out in the OCSP spec itself.
  *
  * These are in alphabetical order (case-insensitive); please keep it that way!
  */
 extern const SEC_ASN1Template ocsp_CertIDTemplate[];
 extern const SEC_ASN1Template ocsp_PointerToSignatureTemplate[];
 extern const SEC_ASN1Template ocsp_PointerToResponseBytesTemplate[];
 extern const SEC_ASN1Template ocsp_ResponseDataTemplate[];
 extern const SEC_ASN1Template ocsp_RevokedInfoTemplate[];
 extern const SEC_ASN1Template ocsp_SingleRequestTemplate[];
 extern const SEC_ASN1Template ocsp_SingleResponseTemplate[];
 extern const SEC_ASN1Template ocsp_TBSRequestTemplate[];
 /*
  * Request-related templates...
  */
 /*
  * OCSPRequest	::=	SEQUENCE {
  *	tbsRequest		TBSRequest,
  *	optionalSignature	[0] EXPLICIT Signature OPTIONAL }
  */
 static const SEC_ASN1Template ocsp_OCSPRequestTemplate[] = {
     { SEC_ASN1_SEQUENCE,
 , NULL, sizeof(CERTOCSPRequest) },
     { SEC_ASN1_POINTER,
 	offsetof(CERTOCSPRequest, tbsRequest),
 	ocsp_TBSRequestTemplate },
     { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
       SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
 	offsetof(CERTOCSPRequest, optionalSignature),
 	ocsp_PointerToSignatureTemplate },
     { 0 }
 };
 /*
  * TBSRequest	::=	SEQUENCE {
  *	version			[0] EXPLICIT Version DEFAULT v1,
  *	requestorName		[1] EXPLICIT GeneralName OPTIONAL,
  *	requestList		SEQUENCE OF Request,
  *	requestExtensions	[2] EXPLICIT Extensions OPTIONAL }
  *
  * Version	::=	INTEGER { v1(0) }
  *
  * Note: this should be static but the AIX compiler doesn't like it (because it
  * was forward-declared above); it is not meant to be exported, but this
  * is the only way it will compile.
  */
 const SEC_ASN1Template ocsp_TBSRequestTemplate[] = {
     { SEC_ASN1_SEQUENCE,
 , NULL, sizeof(ocspTBSRequest) },
     { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |		/* XXX DER_DEFAULT */
       SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
 	offsetof(ocspTBSRequest, version),
 	SEC_ASN1_SUB(SEC_IntegerTemplate) },
     { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
       SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 1,
 	offsetof(ocspTBSRequest, derRequestorName),
 	SEC_ASN1_SUB(SEC_PointerToAnyTemplate) },
     { SEC_ASN1_SEQUENCE_OF,
 	offsetof(ocspTBSRequest, requestList),
 	ocsp_SingleRequestTemplate },
     { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
       SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 2,
 	offsetof(ocspTBSRequest, requestExtensions),
 	CERT_SequenceOfCertExtensionTemplate },
     { 0 }
 };
 /*
  * Signature	::=	SEQUENCE {
  *	signatureAlgorithm	AlgorithmIdentifier,
  *	signature		BIT STRING,
  *	certs			[0] EXPLICIT SEQUENCE OF Certificate OPTIONAL }
  */
 static const SEC_ASN1Template ocsp_SignatureTemplate[] = {
     { SEC_ASN1_SEQUENCE,
 , NULL, sizeof(ocspSignature) },
     { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
 	offsetof(ocspSignature, signatureAlgorithm),
 	SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
     { SEC_ASN1_BIT_STRING,
 	offsetof(ocspSignature, signature) },
     { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
       SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
 	offsetof(ocspSignature, derCerts),
 	SEC_ASN1_SUB(SEC_SequenceOfAnyTemplate) },
     { 0 }
 };
 /*
  * This template is just an extra level to use in an explicitly-tagged
  * reference to a Signature.
  *
  * Note: this should be static but the AIX compiler doesn't like it (because it
  * was forward-declared above); it is not meant to be exported, but this
  * is the only way it will compile.
  */
 const SEC_ASN1Template ocsp_PointerToSignatureTemplate[] = {
     { SEC_ASN1_POINTER, 0, ocsp_SignatureTemplate }
 };
 /*
  * Request	::=	SEQUENCE {
  *	reqCert			CertID,
  *	singleRequestExtensions	[0] EXPLICIT Extensions OPTIONAL }
  *
  * Note: this should be static but the AIX compiler doesn't like it (because it
  * was forward-declared above); it is not meant to be exported, but this
  * is the only way it will compile.
  */
 const SEC_ASN1Template ocsp_SingleRequestTemplate[] = {
     { SEC_ASN1_SEQUENCE,
 , NULL, sizeof(ocspSingleRequest) },
     { SEC_ASN1_POINTER,
 	offsetof(ocspSingleRequest, reqCert),
 	ocsp_CertIDTemplate },
     { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
       SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
 	offsetof(ocspSingleRequest, singleRequestExtensions),
 	CERT_SequenceOfCertExtensionTemplate },
     { 0 }
 };
 /*
  * This data structure and template (CertID) is used by both OCSP
  * requests and responses.  It is the only one that is shared.
  *
  * CertID	::=	SEQUENCE {
  *	hashAlgorithm		AlgorithmIdentifier,
  *	issuerNameHash		OCTET STRING,	-- Hash of Issuer DN
  *	issuerKeyHash		OCTET STRING,	-- Hash of Issuer public key
  *	serialNumber		CertificateSerialNumber }
  *
  * CertificateSerialNumber ::=	INTEGER
  *
  * Note: this should be static but the AIX compiler doesn't like it (because it
  * was forward-declared above); it is not meant to be exported, but this
  * is the only way it will compile.
  */
 const SEC_ASN1Template ocsp_CertIDTemplate[] = {
     { SEC_ASN1_SEQUENCE,
 , NULL, sizeof(CERTOCSPCertID) },
     { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
 	offsetof(CERTOCSPCertID, hashAlgorithm),
 	SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
     { SEC_ASN1_OCTET_STRING,
 	offsetof(CERTOCSPCertID, issuerNameHash) },
     { SEC_ASN1_OCTET_STRING,
 	offsetof(CERTOCSPCertID, issuerKeyHash) },
     { SEC_ASN1_INTEGER,
 	offsetof(CERTOCSPCertID, serialNumber) },
     { 0 }
 };
 /*
  * Response-related templates...
  */
 /*
  * OCSPResponse	::=	SEQUENCE {
  *	responseStatus		OCSPResponseStatus,
  *	responseBytes		[0] EXPLICIT ResponseBytes OPTIONAL }
  */
 const SEC_ASN1Template ocsp_OCSPResponseTemplate[] = {
     { SEC_ASN1_SEQUENCE,
 , NULL, sizeof(CERTOCSPResponse) },
     { SEC_ASN1_ENUMERATED,
 	offsetof(CERTOCSPResponse, responseStatus) },
     { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
       SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
 	offsetof(CERTOCSPResponse, responseBytes),
 	ocsp_PointerToResponseBytesTemplate },
     { 0 }
 };
 /*
  * ResponseBytes	::=	SEQUENCE {
  *	responseType		OBJECT IDENTIFIER,
  *	response		OCTET STRING }
  */
 const SEC_ASN1Template ocsp_ResponseBytesTemplate[] = {
     { SEC_ASN1_SEQUENCE,
 , NULL, sizeof(ocspResponseBytes) },
     { SEC_ASN1_OBJECT_ID,
 	offsetof(ocspResponseBytes, responseType) },
     { SEC_ASN1_OCTET_STRING,
 	offsetof(ocspResponseBytes, response) },
     { 0 }
 };
 /*
  * This template is just an extra level to use in an explicitly-tagged
  * reference to a ResponseBytes.
  *
  * Note: this should be static but the AIX compiler doesn't like it (because it
  * was forward-declared above); it is not meant to be exported, but this
  * is the only way it will compile.
  */
 const SEC_ASN1Template ocsp_PointerToResponseBytesTemplate[] = {
     { SEC_ASN1_POINTER, 0, ocsp_ResponseBytesTemplate }
 };
 /*
  * BasicOCSPResponse	::=	SEQUENCE {
  *	tbsResponseData		ResponseData,
  *	signatureAlgorithm	AlgorithmIdentifier,
  *	signature		BIT STRING,
  *	certs			[0] EXPLICIT SEQUENCE OF Certificate OPTIONAL }
  */
 static const SEC_ASN1Template ocsp_BasicOCSPResponseTemplate[] = {
     { SEC_ASN1_SEQUENCE,
 , NULL, sizeof(ocspBasicOCSPResponse) },
     { SEC_ASN1_ANY | SEC_ASN1_SAVE,
 	offsetof(ocspBasicOCSPResponse, tbsResponseDataDER) },
     { SEC_ASN1_POINTER,
 	offsetof(ocspBasicOCSPResponse, tbsResponseData),
 	ocsp_ResponseDataTemplate },
     { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
 	offsetof(ocspBasicOCSPResponse, responseSignature.signatureAlgorithm),
 	SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
     { SEC_ASN1_BIT_STRING,
 	offsetof(ocspBasicOCSPResponse, responseSignature.signature) },
     { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
       SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
 	offsetof(ocspBasicOCSPResponse, responseSignature.derCerts),
 	SEC_ASN1_SUB(SEC_SequenceOfAnyTemplate) },
     { 0 }
 };
 /*
  * ResponseData	::=	SEQUENCE {
  *	version			[0] EXPLICIT Version DEFAULT v1,
  *	responderID		ResponderID,
  *	producedAt		GeneralizedTime,
  *	responses		SEQUENCE OF SingleResponse,
  *	responseExtensions	[1] EXPLICIT Extensions OPTIONAL }
  *
  * Note: this should be static but the AIX compiler doesn't like it (because it
  * was forward-declared above); it is not meant to be exported, but this
  * is the only way it will compile.
  */
 const SEC_ASN1Template ocsp_ResponseDataTemplate[] = {
     { SEC_ASN1_SEQUENCE,
 , NULL, sizeof(ocspResponseData) },
     { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |		/* XXX DER_DEFAULT */
       SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
 	offsetof(ocspResponseData, version),
 	SEC_ASN1_SUB(SEC_IntegerTemplate) },
     { SEC_ASN1_ANY,
 	offsetof(ocspResponseData, derResponderID) },
     { SEC_ASN1_GENERALIZED_TIME,
 	offsetof(ocspResponseData, producedAt) },
     { SEC_ASN1_SEQUENCE_OF,
 	offsetof(ocspResponseData, responses),
 	ocsp_SingleResponseTemplate },
     { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
       SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
 	offsetof(ocspResponseData, responseExtensions),
 	CERT_SequenceOfCertExtensionTemplate },
     { 0 }
 };
 /*
  * ResponderID	::=	CHOICE {
  *	byName			[1] EXPLICIT Name,
  *	byKey			[2] EXPLICIT KeyHash }
  *
  * KeyHash ::=	OCTET STRING -- SHA-1 hash of responder's public key
  * (excluding the tag and length fields)
  *
  * XXX Because the ASN.1 encoder and decoder currently do not provide
  * a way to automatically handle a CHOICE, we need to do it in two
  * steps, looking at the type tag and feeding the exact choice back
  * to the ASN.1 code.  Hopefully that will change someday and this
  * can all be simplified down into a single template.  Anyway, for
  * now we list each choice as its own template:
  */
 const SEC_ASN1Template ocsp_ResponderIDByNameTemplate[] = {
     { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
 	offsetof(ocspResponderID, responderIDValue.name),
 	CERT_NameTemplate }
 };
 const SEC_ASN1Template ocsp_ResponderIDByKeyTemplate[] = {
     { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
         SEC_ASN1_XTRN | 2,
 	offsetof(ocspResponderID, responderIDValue.keyHash),
 	SEC_ASN1_SUB(SEC_OctetStringTemplate) }
 };
 static const SEC_ASN1Template ocsp_ResponderIDOtherTemplate[] = {
     { SEC_ASN1_ANY,
 	offsetof(ocspResponderID, responderIDValue.other) }
 };
 /* Decode choice container, but leave x509 name object encoded */
 static const SEC_ASN1Template ocsp_ResponderIDDerNameTemplate[] = {
     { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
         SEC_ASN1_XTRN | 1, 0, SEC_ASN1_SUB(SEC_AnyTemplate) }
 };
 /*
  * SingleResponse	::=	SEQUENCE {
  *	certID			CertID,
  *	certStatus		CertStatus,
  *	thisUpdate		GeneralizedTime,
  *	nextUpdate		[0] EXPLICIT GeneralizedTime OPTIONAL,
  *	singleExtensions	[1] EXPLICIT Extensions OPTIONAL }
  *
  * Note: this should be static but the AIX compiler doesn't like it (because it
  * was forward-declared above); it is not meant to be exported, but this
  * is the only way it will compile.
  */
 const SEC_ASN1Template ocsp_SingleResponseTemplate[] = {
     { SEC_ASN1_SEQUENCE,
 , NULL, sizeof(CERTOCSPSingleResponse) },
     { SEC_ASN1_POINTER,
 	offsetof(CERTOCSPSingleResponse, certID),
 	ocsp_CertIDTemplate },
     { SEC_ASN1_ANY,
 	offsetof(CERTOCSPSingleResponse, derCertStatus) },
     { SEC_ASN1_GENERALIZED_TIME,
 	offsetof(CERTOCSPSingleResponse, thisUpdate) },
     { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
       SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
 	offsetof(CERTOCSPSingleResponse, nextUpdate),
 	SEC_ASN1_SUB(SEC_PointerToGeneralizedTimeTemplate) },
     { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
       SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
 	offsetof(CERTOCSPSingleResponse, singleExtensions),
 	CERT_SequenceOfCertExtensionTemplate },
     { 0 }
 };
 /*
  * CertStatus	::=	CHOICE {
  *	good			[0] IMPLICIT NULL,
  *	revoked			[1] IMPLICIT RevokedInfo,
  *	unknown			[2] IMPLICIT UnknownInfo }
  *
  * Because the ASN.1 encoder and decoder currently do not provide
  * a way to automatically handle a CHOICE, we need to do it in two
  * steps, looking at the type tag and feeding the exact choice back
  * to the ASN.1 code.  Hopefully that will change someday and this
  * can all be simplified down into a single template.  Anyway, for
  * now we list each choice as its own template:
  */
 static const SEC_ASN1Template ocsp_CertStatusGoodTemplate[] = {
     { SEC_ASN1_POINTER | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
 	offsetof(ocspCertStatus, certStatusInfo.goodInfo),
 	SEC_ASN1_SUB(SEC_NullTemplate) }
 };
 static const SEC_ASN1Template ocsp_CertStatusRevokedTemplate[] = {
     { SEC_ASN1_POINTER | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
 	offsetof(ocspCertStatus, certStatusInfo.revokedInfo),
 	ocsp_RevokedInfoTemplate }
 };
 static const SEC_ASN1Template ocsp_CertStatusUnknownTemplate[] = {
     { SEC_ASN1_POINTER | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 2,
 	offsetof(ocspCertStatus, certStatusInfo.unknownInfo),
 	SEC_ASN1_SUB(SEC_NullTemplate) }
 };
 static const SEC_ASN1Template ocsp_CertStatusOtherTemplate[] = {
     { SEC_ASN1_POINTER | SEC_ASN1_XTRN,
 	offsetof(ocspCertStatus, certStatusInfo.otherInfo),
 	SEC_ASN1_SUB(SEC_AnyTemplate) }
 };
 /*
  * RevokedInfo	::=	SEQUENCE {
  *	revocationTime		GeneralizedTime,
  *	revocationReason	[0] EXPLICIT CRLReason OPTIONAL }
  *
  * Note: this should be static but the AIX compiler doesn't like it (because it
  * was forward-declared above); it is not meant to be exported, but this
  * is the only way it will compile.
  */
 const SEC_ASN1Template ocsp_RevokedInfoTemplate[] = {
     { SEC_ASN1_SEQUENCE,
 , NULL, sizeof(ocspRevokedInfo) },
     { SEC_ASN1_GENERALIZED_TIME,
 	offsetof(ocspRevokedInfo, revocationTime) },
     { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
       SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
         SEC_ASN1_XTRN | 0,
 	offsetof(ocspRevokedInfo, revocationReason),
 	SEC_ASN1_SUB(SEC_PointerToEnumeratedTemplate) },
     { 0 }
 };
 /*
  * OCSP-specific extension templates:
  */
 /*
  * ServiceLocator	::=	SEQUENCE {
  *	issuer			Name,
  *	locator			AuthorityInfoAccessSyntax OPTIONAL }
  */
 static const SEC_ASN1Template ocsp_ServiceLocatorTemplate[] = {
     { SEC_ASN1_SEQUENCE,
 , NULL, sizeof(ocspServiceLocator) },
     { SEC_ASN1_POINTER,
 	offsetof(ocspServiceLocator, issuer),
 	CERT_NameTemplate },
     { SEC_ASN1_OPTIONAL | SEC_ASN1_ANY,
 	offsetof(ocspServiceLocator, locator) },
     { 0 }
 };
 /*
  * REQUEST SUPPORT FUNCTIONS (encode/create/decode/destroy):
  */
 /*
  * FUNCTION: CERT_EncodeOCSPRequest
  *   DER encodes an OCSP Request, possibly adding a signature as well.
  *   XXX Signing is not yet supported, however; see comments in code.
  * INPUTS:
  *   PLArenaPool *arena
  *     The return value is allocated from here.
  *     If a NULL is passed in, allocation is done from the heap instead.
  *   CERTOCSPRequest *request
  *     The request to be encoded.
  *   void *pwArg
  *     Pointer to argument for password prompting, if needed.  (Definitely
  *     not needed if not signing.)
  * RETURN:
  *   Returns a NULL on error and a pointer to the SECItem with the
  *   encoded value otherwise.  Any error is likely to be low-level
  *   (e.g. no memory).
  */
 SECItem *
 CERT_EncodeOCSPRequest(PLArenaPool *arena, CERTOCSPRequest *request,
 		       void *pwArg)
 {
     SECStatus rv;
     /* XXX All of these should generate errors if they fail. */
     PORT_Assert(request);
     PORT_Assert(request->tbsRequest);
     if (request->tbsRequest->extensionHandle != NULL) {
 	rv = CERT_FinishExtensions(request->tbsRequest->extensionHandle);
 	request->tbsRequest->extensionHandle = NULL;
 	if (rv != SECSuccess)
 	    return NULL;
     }
     /*
      * XXX When signed requests are supported and request->optionalSignature
      * is not NULL:
      *  - need to encode tbsRequest->requestorName
      *  - need to encode tbsRequest
      *  - need to sign that encoded result (using cert in sig), filling in the
      *    request->optionalSignature structure with the result, the signing
      *    algorithm and (perhaps?) the cert (and its chain?) in derCerts
      */
     return SEC_ASN1EncodeItem(arena, NULL, request, ocsp_OCSPRequestTemplate);
 }
 /*
  * FUNCTION: CERT_DecodeOCSPRequest
  *   Decode a DER encoded OCSP Request.
  * INPUTS:
  *   SECItem *src
  *     Pointer to a SECItem holding DER encoded OCSP Request.
  * RETURN:
  *   Returns a pointer to a CERTOCSPRequest containing the decoded request.
  *   On error, returns NULL.  Most likely error is trouble decoding
  *   (SEC_ERROR_OCSP_MALFORMED_REQUEST), or low-level problem (no memory).
  */
 CERTOCSPRequest *
 CERT_DecodeOCSPRequest(const SECItem *src)
 {
     PLArenaPool *arena = NULL;
     SECStatus rv = SECFailure;
     CERTOCSPRequest *dest = NULL;
     int i;
     SECItem newSrc;
     arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
     if (arena == NULL) {
 	goto loser;
     }
     dest = (CERTOCSPRequest *) PORT_ArenaZAlloc(arena,
 						sizeof(CERTOCSPRequest));
     if (dest == NULL) {
 	goto loser;
     }
     dest->arena = arena;
     /* copy the DER into the arena, since Quick DER returns data that points
        into the DER input, which may get freed by the caller */
     rv = SECITEM_CopyItem(arena, &newSrc, src);
     if ( rv != SECSuccess ) {
 	goto loser;
     }
     rv = SEC_QuickDERDecodeItem(arena, dest, ocsp_OCSPRequestTemplate, &newSrc);
     if (rv != SECSuccess) {
 	if (PORT_GetError() == SEC_ERROR_BAD_DER)
 	    PORT_SetError(SEC_ERROR_OCSP_MALFORMED_REQUEST);
 	goto loser;
     }
     /*
      * XXX I would like to find a way to get rid of the necessity
      * of doing this copying of the arena pointer.
      */
     for (i = 0; dest->tbsRequest->requestList[i] != NULL; i++) {
 	dest->tbsRequest->requestList[i]->arena = arena;
     }
     return dest;
 loser:
     if (arena != NULL) {
 	PORT_FreeArena(arena, PR_FALSE);
     }
     return NULL;
 }
 SECStatus
 CERT_DestroyOCSPCertID(CERTOCSPCertID* certID)
 {
     if (certID && certID->poolp) {
 	PORT_FreeArena(certID->poolp, PR_FALSE);
 	return SECSuccess;
     }
     PORT_SetError(SEC_ERROR_INVALID_ARGS);
     return SECFailure;
 }
 /*
  * Digest data using the specified algorithm.
  * The necessary storage for the digest data is allocated.  If "fill" is
  * non-null, the data is put there, otherwise a SECItem is allocated.
  * Allocation from "arena" if it is non-null, heap otherwise.  Any problem
  * results in a NULL being returned (and an appropriate error set).
  */
 SECItem *
 ocsp_DigestValue(PLArenaPool *arena, SECOidTag digestAlg,
                  SECItem *fill, const SECItem *src)
 {
     const SECHashObject *digestObject;
     SECItem *result = NULL;
     void *mark = NULL;
     void *digestBuff = NULL;
     if ( arena != NULL ) {
         mark = PORT_ArenaMark(arena);
     }
     digestObject = HASH_GetHashObjectByOidTag(digestAlg);
     if ( digestObject == NULL ) {
         goto loser;
     }
     if (fill == NULL || fill->data == NULL) {
 	result = SECITEM_AllocItem(arena, fill, digestObject->length);
 	if ( result == NULL ) {
 	   goto loser;
 	}
 	digestBuff = result->data;
     } else {
 	if (fill->len < digestObject->length) {
 	    PORT_SetError(SEC_ERROR_INVALID_ARGS);
 	    goto loser;
 	}
 	digestBuff = fill->data;
     }
     if (PK11_HashBuf(digestAlg, digestBuff,
                      src->data, src->len) != SECSuccess) {
         goto loser;
     }
     if ( arena != NULL ) {
         PORT_ArenaUnmark(arena, mark);
     }
     if (result == NULL) {
         result = fill;
     }
     return result;
 loser:
     if (arena != NULL) {
         PORT_ArenaRelease(arena, mark);
     } else {
         if (result != NULL) {
             SECITEM_FreeItem(result, (fill == NULL) ? PR_TRUE : PR_FALSE);
         }
     }
     return(NULL);
 }
 /*
  * Digest the cert's subject public key using the specified algorithm.
  * The necessary storage for the digest data is allocated.  If "fill" is
  * non-null, the data is put there, otherwise a SECItem is allocated.
  * Allocation from "arena" if it is non-null, heap otherwise.  Any problem
  * results in a NULL being returned (and an appropriate error set).
  */
 SECItem *
 CERT_GetSubjectPublicKeyDigest(PLArenaPool *arena, const CERTCertificate *cert,
                                SECOidTag digestAlg, SECItem *fill)
 {
     SECItem spk;
     /*
      * Copy just the length and data pointer (nothing needs to be freed)
      * of the subject public key so we can convert the length from bits
      * to bytes, which is what the digest function expects.
      */
     spk = cert->subjectPublicKeyInfo.subjectPublicKey;
     DER_ConvertBitString(&spk);
     return ocsp_DigestValue(arena, digestAlg, fill, &spk);
 }
 /*
  * Digest the cert's subject name using the specified algorithm.
  */
 SECItem *
 CERT_GetSubjectNameDigest(PLArenaPool *arena, const CERTCertificate *cert,
                           SECOidTag digestAlg, SECItem *fill)
 {
     SECItem name;
     /*
      * Copy just the length and data pointer (nothing needs to be freed)
      * of the subject name
      */
     name = cert->derSubject;
     return ocsp_DigestValue(arena, digestAlg, fill, &name);
 }
 /*
  * Create and fill-in a CertID.  This function fills in the hash values
  * (issuerNameHash and issuerKeyHash), and is hardwired to use SHA1.
  * Someday it might need to be more flexible about hash algorithm, but
  * for now we have no intention/need to create anything else.
  *
  * Error causes a null to be returned; most likely cause is trouble
  * finding the certificate issuer (SEC_ERROR_UNKNOWN_ISSUER).
  * Other errors are low-level problems (no memory, bad database, etc.).
  */
 static CERTOCSPCertID *
 ocsp_CreateCertID(PLArenaPool *arena, CERTCertificate *cert, PRTime time)
 {
     CERTOCSPCertID *certID;
     CERTCertificate *issuerCert = NULL;
     void *mark = PORT_ArenaMark(arena);
     SECStatus rv;
     PORT_Assert(arena != NULL);
     certID = PORT_ArenaZNew(arena, CERTOCSPCertID);
     if (certID == NULL) {
 	goto loser;
     }
     rv = SECOID_SetAlgorithmID(arena, &certID->hashAlgorithm, SEC_OID_SHA1,
 			       NULL);
     if (rv != SECSuccess) {
 	goto loser;
     }
     issuerCert = CERT_FindCertIssuer(cert, time, certUsageAnyCA);
     if (issuerCert == NULL) {
 	goto loser;
     }
     if (CERT_GetSubjectNameDigest(arena, issuerCert, SEC_OID_SHA1,
                                   &(certID->issuerNameHash)) == NULL) {
         goto loser;
     }
     certID->issuerSHA1NameHash.data = certID->issuerNameHash.data;
     certID->issuerSHA1NameHash.len = certID->issuerNameHash.len;
     if (CERT_GetSubjectNameDigest(arena, issuerCert, SEC_OID_MD5,
                                   &(certID->issuerMD5NameHash)) == NULL) {
         goto loser;
     }
     if (CERT_GetSubjectNameDigest(arena, issuerCert, SEC_OID_MD2,
                                   &(certID->issuerMD2NameHash)) == NULL) {
         goto loser;
     }
     if (CERT_GetSubjectPublicKeyDigest(arena, issuerCert, SEC_OID_SHA1,
 				       &certID->issuerKeyHash) == NULL) {
 	goto loser;
     }
     certID->issuerSHA1KeyHash.data = certID->issuerKeyHash.data;
     certID->issuerSHA1KeyHash.len = certID->issuerKeyHash.len;
     /* cache the other two hash algorithms as well */
     if (CERT_GetSubjectPublicKeyDigest(arena, issuerCert, SEC_OID_MD5,
 				       &certID->issuerMD5KeyHash) == NULL) {
 	goto loser;
     }
     if (CERT_GetSubjectPublicKeyDigest(arena, issuerCert, SEC_OID_MD2,
 				       &certID->issuerMD2KeyHash) == NULL) {
 	goto loser;
     }
     /* now we are done with issuerCert */
     CERT_DestroyCertificate(issuerCert);
     issuerCert = NULL;
     rv = SECITEM_CopyItem(arena, &certID->serialNumber, &cert->serialNumber);
     if (rv != SECSuccess) {
 	goto loser;
     }
     PORT_ArenaUnmark(arena, mark);
     return certID;
 loser:
     if (issuerCert != NULL) {
 	CERT_DestroyCertificate(issuerCert);
     }
     PORT_ArenaRelease(arena, mark);
     return NULL;
 }
 CERTOCSPCertID*
 CERT_CreateOCSPCertID(CERTCertificate *cert, PRTime time)
 {
     PLArenaPool *arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
     CERTOCSPCertID *certID;
     PORT_Assert(arena != NULL);
     if (!arena)
 	return NULL;
     certID = ocsp_CreateCertID(arena, cert, time);
     if (!certID) {
 	PORT_FreeArena(arena, PR_FALSE);
 	return NULL;
     }
     certID->poolp = arena;
     return certID;
 }
 static CERTOCSPCertID *
 cert_DupOCSPCertID(const CERTOCSPCertID *src)
 {
     CERTOCSPCertID *dest;
     PLArenaPool *arena = NULL;
     if (!src) {
         PORT_SetError(SEC_ERROR_INVALID_ARGS);
         return NULL;
     }
     arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
     if (!arena)
         goto loser;
     dest = PORT_ArenaZNew(arena, CERTOCSPCertID);
     if (!dest)
         goto loser;
 #define DUPHELP(element) \
     if (src->element.data && \
         SECITEM_CopyItem(arena, &dest->element, &src->element) \
         != SECSuccess) { \
         goto loser; \
     }
     DUPHELP(hashAlgorithm.algorithm)
     DUPHELP(hashAlgorithm.parameters)
     DUPHELP(issuerNameHash)
     DUPHELP(issuerKeyHash)
     DUPHELP(serialNumber)
     DUPHELP(issuerSHA1NameHash)
     DUPHELP(issuerMD5NameHash)
     DUPHELP(issuerMD2NameHash)
     DUPHELP(issuerSHA1KeyHash)
     DUPHELP(issuerMD5KeyHash)
     DUPHELP(issuerMD2KeyHash)
     dest->poolp = arena;
     return dest;
 loser:
     if (arena)
         PORT_FreeArena(arena, PR_FALSE);
     PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
     return NULL;
 }
 /*
  * Callback to set Extensions in request object
  */
 void SetSingleReqExts(void *object, CERTCertExtension **exts)
 {
   ocspSingleRequest *singleRequest =
     (ocspSingleRequest *)object;
   singleRequest->singleRequestExtensions = exts;
 }
 /*
  * Add the Service Locator extension to the singleRequestExtensions
  * for the given singleRequest.
  *
  * All errors are internal or low-level problems (e.g. no memory).
  */
 static SECStatus
 ocsp_AddServiceLocatorExtension(ocspSingleRequest *singleRequest,
 				CERTCertificate *cert)
 {
     ocspServiceLocator *serviceLocator = NULL;
     void *extensionHandle = NULL;
     SECStatus rv = SECFailure;
     serviceLocator = PORT_ZNew(ocspServiceLocator);
     if (serviceLocator == NULL)
 	goto loser;
     /*
      * Normally it would be a bad idea to do a direct reference like
      * this rather than allocate and copy the name *or* at least dup
      * a reference of the cert.  But all we need is to be able to read
      * the issuer name during the encoding we are about to do, so a
      * copy is just a waste of time.
      */
     serviceLocator->issuer = &cert->issuer;
     rv = CERT_FindCertExtension(cert, SEC_OID_X509_AUTH_INFO_ACCESS,
 				&serviceLocator->locator);
     if (rv != SECSuccess) {
 	if (PORT_GetError() != SEC_ERROR_EXTENSION_NOT_FOUND)
 	    goto loser;
     }
     /* prepare for following loser gotos */
     rv = SECFailure;
     PORT_SetError(0);
     extensionHandle = cert_StartExtensions(singleRequest,
                        singleRequest->arena, SetSingleReqExts);
     if (extensionHandle == NULL)
 	goto loser;
     rv = CERT_EncodeAndAddExtension(extensionHandle,
 				    SEC_OID_PKIX_OCSP_SERVICE_LOCATOR,
 				    serviceLocator, PR_FALSE,
 				    ocsp_ServiceLocatorTemplate);
 loser:
     if (extensionHandle != NULL) {
 	/*
 	 * Either way we have to finish out the extension context (so it gets
 	 * freed).  But careful not to override any already-set bad status.
 	 */
 	SECStatus tmprv = CERT_FinishExtensions(extensionHandle);
 	if (rv == SECSuccess)
 	    rv = tmprv;
     }
     /*
      * Finally, free the serviceLocator structure itself and we are done.
      */
     if (serviceLocator != NULL) {
 	if (serviceLocator->locator.data != NULL)
 	    SECITEM_FreeItem(&serviceLocator->locator, PR_FALSE);
 	PORT_Free(serviceLocator);
     }
     return rv;
 }
 /*
  * Creates an array of ocspSingleRequest based on a list of certs.
  * Note that the code which later compares the request list with the
  * response expects this array to be in the exact same order as the
  * certs are found in the list.  It would be harder to change that
  * order than preserve it, but since the requirement is not obvious,
  * it deserves to be mentioned.
  *
  * Any problem causes a null return and error set:
  *      SEC_ERROR_UNKNOWN_ISSUER
  * Other errors are low-level problems (no memory, bad database, etc.).
  */
 static ocspSingleRequest **
 ocsp_CreateSingleRequestList(PLArenaPool *arena, CERTCertList *certList,
                              PRTime time, PRBool includeLocator)
 {
     ocspSingleRequest **requestList = NULL;
     CERTCertListNode *node = NULL;
     int i, count;
     void *mark = PORT_ArenaMark(arena);
     node = CERT_LIST_HEAD(certList);
     for (count = 0; !CERT_LIST_END(node, certList); count++) {
         node = CERT_LIST_NEXT(node);
     }
     if (count == 0)
 	goto loser;
     requestList = PORT_ArenaNewArray(arena, ocspSingleRequest *, count + 1);
     if (requestList == NULL)
 	goto loser;
     node = CERT_LIST_HEAD(certList);
     for (i = 0; !CERT_LIST_END(node, certList); i++) {
         requestList[i] = PORT_ArenaZNew(arena, ocspSingleRequest);
         if (requestList[i] == NULL)
             goto loser;
         OCSP_TRACE(("OCSP CERT_CreateOCSPRequest %s\n", node->cert->subjectName));
         requestList[i]->arena = arena;
         requestList[i]->reqCert = ocsp_CreateCertID(arena, node->cert, time);
         if (requestList[i]->reqCert == NULL)
             goto loser;
         if (includeLocator == PR_TRUE) {
             SECStatus rv;
             rv = ocsp_AddServiceLocatorExtension(requestList[i], node->cert);
             if (rv != SECSuccess)
                 goto loser;
         }
         node = CERT_LIST_NEXT(node);
     }
     PORT_Assert(i == count);
     PORT_ArenaUnmark(arena, mark);
     requestList[i] = NULL;
     return requestList;
 loser:
     PORT_ArenaRelease(arena, mark);
     return NULL;
 }
 static ocspSingleRequest **
 ocsp_CreateRequestFromCert(PLArenaPool *arena,
                            CERTOCSPCertID *certID,
                            CERTCertificate *singleCert,
                            PRTime time,
                            PRBool includeLocator)
 {
     ocspSingleRequest **requestList = NULL;
     void *mark = PORT_ArenaMark(arena);
     PORT_Assert(certID != NULL && singleCert != NULL);
     /* meaning of value 2: one entry + one end marker */
     requestList = PORT_ArenaNewArray(arena, ocspSingleRequest *, 2);
     if (requestList == NULL)
         goto loser;
     requestList[0] = PORT_ArenaZNew(arena, ocspSingleRequest);
     if (requestList[0] == NULL)
         goto loser;
     requestList[0]->arena = arena;
     /* certID will live longer than the request */
     requestList[0]->reqCert = certID;
     if (includeLocator == PR_TRUE) {
         SECStatus rv;
         rv = ocsp_AddServiceLocatorExtension(requestList[0], singleCert);
         if (rv != SECSuccess)
             goto loser;
     }
     PORT_ArenaUnmark(arena, mark);
     requestList[1] = NULL;
     return requestList;
 loser:
     PORT_ArenaRelease(arena, mark);
     return NULL;
 }
 static CERTOCSPRequest *
 ocsp_prepareEmptyOCSPRequest(void)
 {
     PLArenaPool *arena = NULL;
     CERTOCSPRequest *request = NULL;
     ocspTBSRequest *tbsRequest = NULL;
     arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
     if (arena == NULL) {
         goto loser;
     }
     request = PORT_ArenaZNew(arena, CERTOCSPRequest);
     if (request == NULL) {
         goto loser;
     }
     request->arena = arena;
     tbsRequest = PORT_ArenaZNew(arena, ocspTBSRequest);
     if (tbsRequest == NULL) {
         goto loser;
     }
     request->tbsRequest = tbsRequest;
     /* version 1 is the default, so we need not fill in a version number */
     return request;
 loser:
     if (arena != NULL) {
         PORT_FreeArena(arena, PR_FALSE);
     }
     return NULL;
 }
 CERTOCSPRequest *
 cert_CreateSingleCertOCSPRequest(CERTOCSPCertID *certID,
                                  CERTCertificate *singleCert,
                                  PRTime time,
                                  PRBool addServiceLocator,
                                  CERTCertificate *signerCert)
 {
     CERTOCSPRequest *request;
     OCSP_TRACE(("OCSP cert_CreateSingleCertOCSPRequest %s\n", singleCert->subjectName));
     /* XXX Support for signerCert may be implemented later,
      * see also the comment in CERT_CreateOCSPRequest.
      */
     if (signerCert != NULL) {
         PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
         return NULL;
     }
     request = ocsp_prepareEmptyOCSPRequest();
     if (!request)
         return NULL;
     /*
      * Version 1 is the default, so we need not fill in a version number.
      * Now create the list of single requests, one for each cert.
      */
     request->tbsRequest->requestList =
         ocsp_CreateRequestFromCert(request->arena,
                                    certID,
                                    singleCert,
                                    time,
                                    addServiceLocator);
     if (request->tbsRequest->requestList == NULL) {
         PORT_FreeArena(request->arena, PR_FALSE);
         return NULL;
     }
     return request;
 }
 /*
  * FUNCTION: CERT_CreateOCSPRequest
  *   Creates a CERTOCSPRequest, requesting the status of the certs in
  *   the given list.
  * INPUTS:
  *   CERTCertList *certList
  *     A list of certs for which status will be requested.
  *     Note that all of these certificates should have the same issuer,
  *     or it's expected the response will be signed by a trusted responder.
  *     If the certs need to be broken up into multiple requests, that
  *     must be handled by the caller (and thus by having multiple calls
  *     to this routine), who knows about where the request(s) are being
  *     sent and whether there are any trusted responders in place.
  *   PRTime time
  *     Indicates the time for which the certificate status is to be
  *     determined -- this may be used in the search for the cert's issuer
  *     but has no effect on the request itself.
  *   PRBool addServiceLocator
  *     If true, the Service Locator extension should be added to the
  *     single request(s) for each cert.
  *   CERTCertificate *signerCert
  *     If non-NULL, means sign the request using this cert.  Otherwise,
  *     do not sign.
  *     XXX note that request signing is not yet supported; see comment in code
  * RETURN:
  *   A pointer to a CERTOCSPRequest structure containing an OCSP request
  *   for the cert list.  On error, null is returned, with an error set
  *   indicating the reason.  This is likely SEC_ERROR_UNKNOWN_ISSUER.
  *   (The issuer is needed to create a request for the certificate.)
  *   Other errors are low-level problems (no memory, bad database, etc.).
  */
 CERTOCSPRequest *
 CERT_CreateOCSPRequest(CERTCertList *certList, PRTime time,
 		       PRBool addServiceLocator,
 		       CERTCertificate *signerCert)
 {
     CERTOCSPRequest *request = NULL;
     if (!certList) {
         PORT_SetError(SEC_ERROR_INVALID_ARGS);
         return NULL;
     }
     /*
      * XXX When we are prepared to put signing of requests back in,
      * we will need to allocate a signature
      * structure for the request, fill in the "derCerts" field in it,
      * save the signerCert there, as well as fill in the "requestorName"
      * field of the tbsRequest.
      */
     if (signerCert != NULL) {
         PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
         return NULL;
     }
     request = ocsp_prepareEmptyOCSPRequest();
     if (!request)
         return NULL;
     /*
      * Now create the list of single requests, one for each cert.
      */
     request->tbsRequest->requestList =
         ocsp_CreateSingleRequestList(request->arena,
                                      certList,
                                      time,
                                      addServiceLocator);
     if (request->tbsRequest->requestList == NULL) {
         PORT_FreeArena(request->arena, PR_FALSE);
         return NULL;
     }
     return request;
 }
 /*
  * FUNCTION: CERT_AddOCSPAcceptableResponses
  *   Add the AcceptableResponses extension to an OCSP Request.
  * INPUTS:
  *   CERTOCSPRequest *request
  *     The request to which the extension should be added.
  *   ...
  *     A list (of one or more) of SECOidTag -- each of the response types
  *     to be added.  The last OID *must* be SEC_OID_PKIX_OCSP_BASIC_RESPONSE.
  *     (This marks the end of the list, and it must be specified because a
  *     client conforming to the OCSP standard is required to handle the basic
  *     response type.)  The OIDs are not checked in any way.
  * RETURN:
  *   SECSuccess if the extension is added; SECFailure if anything goes wrong.
  *   All errors are internal or low-level problems (e.g. no memory).
  */
 void SetRequestExts(void *object, CERTCertExtension **exts)
 {
   CERTOCSPRequest *request = (CERTOCSPRequest *)object;
   request->tbsRequest->requestExtensions = exts;
 }
 SECStatus
 CERT_AddOCSPAcceptableResponses(CERTOCSPRequest *request,
 				SECOidTag responseType0, ...)
 {
     void *extHandle;
     va_list ap;
     int i, count;
     SECOidTag responseType;
     SECOidData *responseOid;
     SECItem **acceptableResponses = NULL;
     SECStatus rv = SECFailure;
     extHandle = request->tbsRequest->extensionHandle;
     if (extHandle == NULL) {
 	extHandle = cert_StartExtensions(request, request->arena, SetRequestExts);
 	if (extHandle == NULL)
 	    goto loser;
     }
     /* Count number of OIDS going into the extension value. */
     count = 1;
     if (responseType0 != SEC_OID_PKIX_OCSP_BASIC_RESPONSE) {
 	va_start(ap, responseType0);
 	do {
 	    count++;
 	    responseType = va_arg(ap, SECOidTag);
 	} while (responseType != SEC_OID_PKIX_OCSP_BASIC_RESPONSE);
 	va_end(ap);
     }
     acceptableResponses = PORT_NewArray(SECItem *, count + 1);
     if (acceptableResponses == NULL)
 	goto loser;
     i = 0;
     responseOid = SECOID_FindOIDByTag(responseType0);
     acceptableResponses[i++] = &(responseOid->oid);
     if (count > 1) {
 	va_start(ap, responseType0);
 	for ( ; i < count; i++) {
 	    responseType = va_arg(ap, SECOidTag);
 	    responseOid = SECOID_FindOIDByTag(responseType);
 	    acceptableResponses[i] = &(responseOid->oid);
 	}
 	va_end(ap);
     }
     acceptableResponses[i] = NULL;
     rv = CERT_EncodeAndAddExtension(extHandle, SEC_OID_PKIX_OCSP_RESPONSE,
                                 &acceptableResponses, PR_FALSE,
                                 SEC_ASN1_GET(SEC_SequenceOfObjectIDTemplate));
     if (rv != SECSuccess)
 	goto loser;
     PORT_Free(acceptableResponses);
     if (request->tbsRequest->extensionHandle == NULL)
 	request->tbsRequest->extensionHandle = extHandle;
     return SECSuccess;
 loser:
     if (acceptableResponses != NULL)
 	PORT_Free(acceptableResponses);
     if (extHandle != NULL)
 	(void) CERT_FinishExtensions(extHandle);
     return rv;
 }
 /*
  * FUNCTION: CERT_DestroyOCSPRequest
  *   Frees an OCSP Request structure.
  * INPUTS:
  *   CERTOCSPRequest *request
  *     Pointer to CERTOCSPRequest to be freed.
  * RETURN:
  *   No return value; no errors.
  */
 void
 CERT_DestroyOCSPRequest(CERTOCSPRequest *request)
 {
     if (request == NULL)
 	return;
     if (request->tbsRequest != NULL) {
 	if (request->tbsRequest->requestorName != NULL)
 	    CERT_DestroyGeneralNameList(request->tbsRequest->requestorName);
 	if (request->tbsRequest->extensionHandle != NULL)
 	    (void) CERT_FinishExtensions(request->tbsRequest->extensionHandle);
     }
     if (request->optionalSignature != NULL) {
 	if (request->optionalSignature->cert != NULL)
 	    CERT_DestroyCertificate(request->optionalSignature->cert);
 	/*
 	 * XXX Need to free derCerts?  Or do they come out of arena?
 	 * (Currently we never fill in derCerts, which is why the
 	 * answer is not obvious.  Once we do, add any necessary code
 	 * here and remove this comment.)
 	 */
     }
     /*
      * We should actually never have a request without an arena,
      * but check just in case.  (If there isn't one, there is not
      * much we can do about it...)
      */
     PORT_Assert(request->arena != NULL);
     if (request->arena != NULL)
 	PORT_FreeArena(request->arena, PR_FALSE);
 }
 /*
  * RESPONSE SUPPORT FUNCTIONS (encode/create/decode/destroy):
  */
 /*
  * Helper function for encoding or decoding a ResponderID -- based on the
  * given type, return the associated template for that choice.
  */
 static const SEC_ASN1Template *
 ocsp_ResponderIDTemplateByType(CERTOCSPResponderIDType responderIDType)
 {
     const SEC_ASN1Template *responderIDTemplate;
     switch (responderIDType) {
 	case ocspResponderID_byName:
 	    responderIDTemplate = ocsp_ResponderIDByNameTemplate;
 	    break;
 	case ocspResponderID_byKey:
 	    responderIDTemplate = ocsp_ResponderIDByKeyTemplate;
 	    break;
 	case ocspResponderID_other:
 	default:
 	    PORT_Assert(responderIDType == ocspResponderID_other);
 	    responderIDTemplate = ocsp_ResponderIDOtherTemplate;
 	    break;
     }
     return responderIDTemplate;
 }
 /*
  * Helper function for encoding or decoding a CertStatus -- based on the
  * given type, return the associated template for that choice.
  */
 static const SEC_ASN1Template *
 ocsp_CertStatusTemplateByType(ocspCertStatusType certStatusType)
 {
     const SEC_ASN1Template *certStatusTemplate;
     switch (certStatusType) {
 	case ocspCertStatus_good:
 	    certStatusTemplate = ocsp_CertStatusGoodTemplate;
 	    break;
 	case ocspCertStatus_revoked:
 	    certStatusTemplate = ocsp_CertStatusRevokedTemplate;
 	    break;
 	case ocspCertStatus_unknown:
 	    certStatusTemplate = ocsp_CertStatusUnknownTemplate;
 	    break;
 	case ocspCertStatus_other:
 	default:
 	    PORT_Assert(certStatusType == ocspCertStatus_other);
 	    certStatusTemplate = ocsp_CertStatusOtherTemplate;
 	    break;
     }
     return certStatusTemplate;
 }
 /*
  * Helper function for decoding a certStatus -- turn the actual DER tag
  * into our local translation.
  */
 static ocspCertStatusType
 ocsp_CertStatusTypeByTag(int derTag)
 {
     ocspCertStatusType certStatusType;
     switch (derTag) {
 	case 0:
 	    certStatusType = ocspCertStatus_good;
 	    break;
 	case 1:
 	    certStatusType = ocspCertStatus_revoked;
 	    break;
 	case 2:
 	    certStatusType = ocspCertStatus_unknown;
 	    break;
 	default:
 	    certStatusType = ocspCertStatus_other;
 	    break;
     }
     return certStatusType;
 }
 /*
  * Helper function for decoding SingleResponses -- they each contain
  * a status which is encoded as CHOICE, which needs to be decoded "by hand".
  *
  * Note -- on error, this routine does not release the memory it may
  * have allocated; it expects its caller to do that.
  */
 static SECStatus
 ocsp_FinishDecodingSingleResponses(PLArenaPool *reqArena,
 				   CERTOCSPSingleResponse **responses)
 {
     ocspCertStatus *certStatus;
     ocspCertStatusType certStatusType;
     const SEC_ASN1Template *certStatusTemplate;
     int derTag;
     int i;
     SECStatus rv = SECFailure;
     if (!reqArena) {
         PORT_SetError(SEC_ERROR_INVALID_ARGS);
         return SECFailure;
     }
     if (responses == NULL)			/* nothing to do */
 	return SECSuccess;
     for (i = 0; responses[i] != NULL; i++) {
         SECItem* newStatus;
 	/*
 	 * The following assert points out internal errors (problems in
 	 * the template definitions or in the ASN.1 decoder itself, etc.).
 	 */
 	PORT_Assert(responses[i]->derCertStatus.data != NULL);
 	derTag = responses[i]->derCertStatus.data[0] & SEC_ASN1_TAGNUM_MASK;
 	certStatusType = ocsp_CertStatusTypeByTag(derTag);
 	certStatusTemplate = ocsp_CertStatusTemplateByType(certStatusType);
 	certStatus = PORT_ArenaZAlloc(reqArena, sizeof(ocspCertStatus));
 	if (certStatus == NULL) {
 	    goto loser;
 	}
         newStatus = SECITEM_ArenaDupItem(reqArena, &responses[i]->derCertStatus);
         if (!newStatus) {
             goto loser;
         }
 	rv = SEC_QuickDERDecodeItem(reqArena, certStatus, certStatusTemplate,
 				newStatus);
 	if (rv != SECSuccess) {
 	    if (PORT_GetError() == SEC_ERROR_BAD_DER)
 		PORT_SetError(SEC_ERROR_OCSP_MALFORMED_RESPONSE);
 	    goto loser;
 	}
 	certStatus->certStatusType = certStatusType;
 	responses[i]->certStatus = certStatus;
     }
     return SECSuccess;
 loser:
     return rv;
 }
 /*
  * Helper function for decoding a responderID -- turn the actual DER tag
  * into our local translation.
  */
 static CERTOCSPResponderIDType
 ocsp_ResponderIDTypeByTag(int derTag)
 {
     CERTOCSPResponderIDType responderIDType;
     switch (derTag) {
 	case 1:
 	    responderIDType = ocspResponderID_byName;
 	    break;
 	case 2:
 	    responderIDType = ocspResponderID_byKey;
 	    break;
 	default:
 	    responderIDType = ocspResponderID_other;
 	    break;
     }
     return responderIDType;
 }
 /*
  * Decode "src" as a BasicOCSPResponse, returning the result.
  */
 static ocspBasicOCSPResponse *
 ocsp_DecodeBasicOCSPResponse(PLArenaPool *arena, SECItem *src)
 {
     void *mark;
     ocspBasicOCSPResponse *basicResponse;
     ocspResponseData *responseData;
     ocspResponderID *responderID;
     CERTOCSPResponderIDType responderIDType;
     const SEC_ASN1Template *responderIDTemplate;
     int derTag;
     SECStatus rv;
     SECItem newsrc;
     mark = PORT_ArenaMark(arena);
     basicResponse = PORT_ArenaZAlloc(arena, sizeof(ocspBasicOCSPResponse));
     if (basicResponse == NULL) {
 	goto loser;
     }
     /* copy the DER into the arena, since Quick DER returns data that points
        into the DER input, which may get freed by the caller */
     rv = SECITEM_CopyItem(arena, &newsrc, src);
     if ( rv != SECSuccess ) {
 	goto loser;
     }
     rv = SEC_QuickDERDecodeItem(arena, basicResponse,
 			    ocsp_BasicOCSPResponseTemplate, &newsrc);
     if (rv != SECSuccess) {
 	if (PORT_GetError() == SEC_ERROR_BAD_DER)
 	    PORT_SetError(SEC_ERROR_OCSP_MALFORMED_RESPONSE);
 	goto loser;
     }
     responseData = basicResponse->tbsResponseData;
     /*
      * The following asserts point out internal errors (problems in
      * the template definitions or in the ASN.1 decoder itself, etc.).
      */
     PORT_Assert(responseData != NULL);
     PORT_Assert(responseData->derResponderID.data != NULL);
     /*
      * XXX Because responderID is a CHOICE, which is not currently handled
      * by our ASN.1 decoder, we have to decode it "by hand".
      */
     derTag = responseData->derResponderID.data[0] & SEC_ASN1_TAGNUM_MASK;
     responderIDType = ocsp_ResponderIDTypeByTag(derTag);
     responderIDTemplate = ocsp_ResponderIDTemplateByType(responderIDType);
     responderID = PORT_ArenaZAlloc(arena, sizeof(ocspResponderID));
     if (responderID == NULL) {
 	goto loser;
     }
     rv = SEC_QuickDERDecodeItem(arena, responderID, responderIDTemplate,
 			    &responseData->derResponderID);
     if (rv != SECSuccess) {
 	if (PORT_GetError() == SEC_ERROR_BAD_DER)
 	    PORT_SetError(SEC_ERROR_OCSP_MALFORMED_RESPONSE);
 	goto loser;
     }
     responderID->responderIDType = responderIDType;
     responseData->responderID = responderID;
     /*
      * XXX Each SingleResponse also contains a CHOICE, which has to be
      * fixed up by hand.
      */
     rv = ocsp_FinishDecodingSingleResponses(arena, responseData->responses);
     if (rv != SECSuccess) {
 	goto loser;
     }
     PORT_ArenaUnmark(arena, mark);
     return basicResponse;
 loser:
     PORT_ArenaRelease(arena, mark);
     return NULL;
 }
 /*
  * Decode the responseBytes based on the responseType found in "rbytes",
  * leaving the resulting translated/decoded information in there as well.
  */
 static SECStatus
 ocsp_DecodeResponseBytes(PLArenaPool *arena, ocspResponseBytes *rbytes)
 {
     if (rbytes == NULL) {
 	PORT_SetError(SEC_ERROR_OCSP_UNKNOWN_RESPONSE_TYPE);
 	return SECFailure;
     }
     rbytes->responseTypeTag = SECOID_FindOIDTag(&rbytes->responseType);
     switch (rbytes->responseTypeTag) {
 	case SEC_OID_PKIX_OCSP_BASIC_RESPONSE:
 	    {
 		ocspBasicOCSPResponse *basicResponse;
 		basicResponse = ocsp_DecodeBasicOCSPResponse(arena,
 							     &rbytes->response);
 		if (basicResponse == NULL)
 		    return SECFailure;
 		rbytes->decodedResponse.basic = basicResponse;
 	    }
 	    break;
 	/*
 	 * Add new/future response types here.
 	 */
 	default:
 	    PORT_SetError(SEC_ERROR_OCSP_UNKNOWN_RESPONSE_TYPE);
 	    return SECFailure;
     }
     return SECSuccess;
 }
 /*
  * FUNCTION: CERT_DecodeOCSPResponse
  *   Decode a DER encoded OCSP Response.
  * INPUTS:
  *   SECItem *src
  *     Pointer to a SECItem holding DER encoded OCSP Response.
  * RETURN:
  *   Returns a pointer to a CERTOCSPResponse (the decoded OCSP Response);
  *   the caller is responsible for destroying it.  Or NULL if error (either
  *   response could not be decoded (SEC_ERROR_OCSP_MALFORMED_RESPONSE),
  *   it was of an unexpected type (SEC_ERROR_OCSP_UNKNOWN_RESPONSE_TYPE),
  *   or a low-level or internal error occurred).
  */
 CERTOCSPResponse *
 CERT_DecodeOCSPResponse(const SECItem *src)
 {
     PLArenaPool *arena = NULL;
     CERTOCSPResponse *response = NULL;
     SECStatus rv = SECFailure;
     ocspResponseStatus sv;
     SECItem newSrc;
     arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
     if (arena == NULL) {
 	goto loser;
     }
     response = (CERTOCSPResponse *) PORT_ArenaZAlloc(arena,
 						     sizeof(CERTOCSPResponse));
     if (response == NULL) {
 	goto loser;
     }
     response->arena = arena;
     /* copy the DER into the arena, since Quick DER returns data that points
        into the DER input, which may get freed by the caller */
     rv = SECITEM_CopyItem(arena, &newSrc, src);
     if ( rv != SECSuccess ) {
 	goto loser;
     }
     rv = SEC_QuickDERDecodeItem(arena, response, ocsp_OCSPResponseTemplate, &newSrc);
     if (rv != SECSuccess) {
 	if (PORT_GetError() == SEC_ERROR_BAD_DER)
 	    PORT_SetError(SEC_ERROR_OCSP_MALFORMED_RESPONSE);
 	goto loser;
     }
     sv = (ocspResponseStatus) DER_GetInteger(&response->responseStatus);
     response->statusValue = sv;
     if (sv != ocspResponse_successful) {
 	/*
 	 * If the response status is anything but successful, then we
 	 * are all done with decoding; the status is all there is.
 	 */
 	return response;
     }
     /*
      * A successful response contains much more information, still encoded.
      * Now we need to decode that.
      */
     rv = ocsp_DecodeResponseBytes(arena, response->responseBytes);
     if (rv != SECSuccess) {
 	goto loser;
     }
     return response;
 loser:
     if (arena != NULL) {
 	PORT_FreeArena(arena, PR_FALSE);
     }
     return NULL;
 }
 /*
  * The way an OCSPResponse is defined, there are many levels to descend
  * before getting to the actual response information.  And along the way
  * we need to check that the response *type* is recognizable, which for
  * now means that it is a BasicOCSPResponse, because that is the only
  * type currently defined.  Rather than force all routines to perform
  * a bunch of sanity checking every time they want to work on a response,
  * this function isolates that and gives back the interesting part.
  * Note that no copying is done, this just returns a pointer into the
  * substructure of the response which is passed in.
  *
  * XXX This routine only works when a valid response structure is passed
  * into it; this is checked with many assertions.  Assuming the response
  * was creating by decoding, it wouldn't make it this far without being
  * okay.  That is a sufficient assumption since the entire OCSP interface
  * is only used internally.  When this interface is officially exported,
  * each assertion below will need to be followed-up with setting an error
  * and returning (null).
  *
  * FUNCTION: ocsp_GetResponseData
  *   Returns ocspResponseData structure and a pointer to tbs response
  *   data DER from a valid ocsp response.
  * INPUTS:
  *   CERTOCSPResponse *response
  *     structure of a valid ocsp response
  * RETURN:
  *   Returns a pointer to ocspResponseData structure: decoded OCSP response
  *   data, and a pointer(tbsResponseDataDER) to its undecoded data DER.
  */
 ocspResponseData *
 ocsp_GetResponseData(CERTOCSPResponse *response, SECItem **tbsResponseDataDER)
 {
     ocspBasicOCSPResponse *basic;
     ocspResponseData *responseData;
     PORT_Assert(response != NULL);
     PORT_Assert(response->responseBytes != NULL);
     PORT_Assert(response->responseBytes->responseTypeTag
 		== SEC_OID_PKIX_OCSP_BASIC_RESPONSE);
     basic = response->responseBytes->decodedResponse.basic;
     PORT_Assert(basic != NULL);
     responseData = basic->tbsResponseData;
     PORT_Assert(responseData != NULL);
     if (tbsResponseDataDER) {
         *tbsResponseDataDER = &basic->tbsResponseDataDER;
         PORT_Assert((*tbsResponseDataDER)->data != NULL);
         PORT_Assert((*tbsResponseDataDER)->len != 0);
     }
     return responseData;
 }
 /*
  * Much like the routine above, except it returns the response signature.
  * Again, no copy is done.
  */
 ocspSignature *
 ocsp_GetResponseSignature(CERTOCSPResponse *response)
 {
     ocspBasicOCSPResponse *basic;
     PORT_Assert(response != NULL);
     if (NULL == response->responseBytes) {
         return NULL;
     }
     if (response->responseBytes->responseTypeTag
         != SEC_OID_PKIX_OCSP_BASIC_RESPONSE) {
         return NULL;
     }
     basic = response->responseBytes->decodedResponse.basic;
     PORT_Assert(basic != NULL);
     return &(basic->responseSignature);
 }
 /*
  * FUNCTION: CERT_DestroyOCSPResponse
  *   Frees an OCSP Response structure.
  * INPUTS:
  *   CERTOCSPResponse *request
  *     Pointer to CERTOCSPResponse to be freed.
  * RETURN:
  *   No return value; no errors.
  */
 void
 CERT_DestroyOCSPResponse(CERTOCSPResponse *response)
 {
     if (response != NULL) {
 	ocspSignature *signature = ocsp_GetResponseSignature(response);
 	if (signature && signature->cert != NULL)
 	    CERT_DestroyCertificate(signature->cert);
 	/*
 	 * We should actually never have a response without an arena,
 	 * but check just in case.  (If there isn't one, there is not
 	 * much we can do about it...)
 	 */
 	PORT_Assert(response->arena != NULL);
 	if (response->arena != NULL) {
 	    PORT_FreeArena(response->arena, PR_FALSE);
 	}
     }
 }
 /*
  * OVERALL OCSP CLIENT SUPPORT (make and send a request, verify a response):
  */
 /*
  * Pick apart a URL, saving the important things in the passed-in pointers.
  *
  * We expect to find "http://<hostname>[:<port>]/[path]", though we will
  * tolerate that final slash character missing, as well as beginning and
  * trailing whitespace, and any-case-characters for "http".  All of that
  * tolerance is what complicates this routine.  What we want is just to
  * pick out the hostname, the port, and the path.
  *
  * On a successful return, the caller will need to free the output pieces
  * of hostname and path, which are copies of the values found in the url.
  */
 static SECStatus
 ocsp_ParseURL(const char *url, char **pHostname, PRUint16 *pPort, char **pPath)
 {
     unsigned short port = 80;		/* default, in case not in url */
     char *hostname = NULL;
     char *path = NULL;
     const char *save;
     char c;
     int len;
     if (url == NULL)
 	goto loser;
     /*
      * Skip beginning whitespace.
      */
     c = *url;
     while ((c == ' ' || c == '\t') && c != '\0') {
 	url++;
 	c = *url;
     }
     if (c == '\0')
 	goto loser;
     /*
      * Confirm, then skip, protocol.  (Since we only know how to do http,
      * that is all we will accept).
      */
     if (PORT_Strncasecmp(url, "http://", 7) != 0)
 	goto loser;
     url += 7;
     /*
      * Whatever comes next is the hostname (or host IP address).  We just
      * save it aside and then search for its end so we can determine its
      * length and copy it.
      *
      * XXX Note that because we treat a ':' as a terminator character
      * (and below, we expect that to mean there is a port specification
      * immediately following), we will not handle IPv6 addresses.  That is
      * apparently an acceptable limitation, for the time being.  Some day,
      * when there is a clear way to specify a URL with an IPv6 address that
      * can be parsed unambiguously, this code should be made to do that.
      */
     save = url;
     c = *url;
     while (c != '/' && c != ':' && c != '\0' && c != ' ' && c != '\t') {
 	url++;
 	c = *url;
     }
     len = url - save;
     hostname = PORT_Alloc(len + 1);
     if (hostname == NULL)
 	goto loser;
     PORT_Memcpy(hostname, save, len);
     hostname[len] = '\0';
     /*
      * Now we figure out if there was a port specified or not.
      * If so, we need to parse it (as a number) and skip it.
      */
     if (c == ':') {
 	url++;
 	port = (unsigned short) PORT_Atoi(url);
 	c = *url;
 	while (c != '/' && c != '\0' && c != ' ' && c != '\t') {
 	    if (c < '0' || c > '9')
 		goto loser;
 	    url++;
 	    c = *url;
 	}
     }
     /*
      * Last thing to find is a path.  There *should* be a slash,
      * if nothing else -- but if there is not we provide one.
      */
     if (c == '/') {
 	save = url;
 	while (c != '\0' && c != ' ' && c != '\t') {
 	    url++;
 	    c = *url;
 	}
 	len = url - save;
 	path = PORT_Alloc(len + 1);
 	if (path == NULL)
 	    goto loser;
 	PORT_Memcpy(path, save, len);
 	path[len] = '\0';
     } else {
 	path = PORT_Strdup("/");
 	if (path == NULL)
 	    goto loser;
     }
     *pHostname = hostname;
     *pPort = port;
     *pPath = path;
     return SECSuccess;
 loser:
     if (hostname != NULL)
 	PORT_Free(hostname);
     PORT_SetError(SEC_ERROR_CERT_BAD_ACCESS_LOCATION);
     return SECFailure;
 }
 /*
  * Open a socket to the specified host on the specified port, and return it.
  * The host is either a hostname or an IP address.
  */
 static PRFileDesc *
 ocsp_ConnectToHost(const char *host, PRUint16 port)
 {
     PRFileDesc *sock = NULL;
     PRIntervalTime timeout;
     PRNetAddr addr;
     char *netdbbuf = NULL;
     // XXX: Do we need a unittest ifdef here? We don't want to break the tests, but
     // we want to ensure nothing can ever hit this code in production.
 #if 1
     printf("Tor Browser BUG: Attempted OSCP direct connect to %s, port %u\n", host,
             port);
     goto loser;
 #endif
     sock = PR_NewTCPSocket();
     if (sock == NULL)
 	goto loser;
     /* XXX Some day need a way to set (and get?) the following value */
     timeout = PR_SecondsToInterval(30);
     /*
      * If the following converts an IP address string in "dot notation"
      * into a PRNetAddr.  If it fails, we assume that is because we do not
      * have such an address, but instead a host *name*.  In that case we
      * then lookup the host by name.  Using the NSPR function this way
      * means we do not have to have our own logic for distinguishing a
      * valid numerical IP address from a hostname.
      */
     if (PR_StringToNetAddr(host, &addr) != PR_SUCCESS) {
 	PRIntn hostIndex;
 	PRHostEnt hostEntry;
 	netdbbuf = PORT_Alloc(PR_NETDB_BUF_SIZE);
 	if (netdbbuf == NULL)
 	    goto loser;
 	if (PR_GetHostByName(host, netdbbuf, PR_NETDB_BUF_SIZE,
 			     &hostEntry) != PR_SUCCESS)
 	    goto loser;
 	hostIndex = 0;
 	do {
 	    hostIndex = PR_EnumerateHostEnt(hostIndex, &hostEntry, port, &addr);
 	    if (hostIndex <= 0)
 		goto loser;
 	} while (PR_Connect(sock, &addr, timeout) != PR_SUCCESS);
 	PORT_Free(netdbbuf);
     } else {
 	/*
 	 * First put the port into the address, then connect.
 	 */
 	if (PR_InitializeNetAddr(PR_IpAddrNull, port, &addr) != PR_SUCCESS)
 	    goto loser;
 	if (PR_Connect(sock, &addr, timeout) != PR_SUCCESS)
 	    goto loser;
     }
     return sock;
 loser:
     if (sock != NULL)
 	PR_Close(sock);
     if (netdbbuf != NULL)
 	PORT_Free(netdbbuf);
     return NULL;
 }
 /*
  * Sends an encoded OCSP request to the server identified by "location",
  * and returns the socket on which it was sent (so can listen for the reply).
  * "location" is expected to be a valid URL -- an error parsing it produces
  * SEC_ERROR_CERT_BAD_ACCESS_LOCATION.  Other errors are likely problems
  * connecting to it, or writing to it, or allocating memory, and the low-level
  * errors appropriate to the problem will be set.
  * if (encodedRequest == NULL)
  *   then location MUST already include the full request,
  *        including base64 and urlencode,
  *        and the request will be sent with GET
  * if (encodedRequest != NULL)
  *   then the request will be sent with POST
  */
 static PRFileDesc *
 ocsp_SendEncodedRequest(const char *location, const SECItem *encodedRequest)
 {
     char *hostname = NULL;
     char *path = NULL;
     PRUint16 port;
     SECStatus rv;
     PRFileDesc *sock = NULL;
     PRFileDesc *returnSock = NULL;
     char *header = NULL;
     char portstr[16];
     /*
      * Take apart the location, getting the hostname, port, and path.
      */
     rv = ocsp_ParseURL(location, &hostname, &port, &path);
     if (rv != SECSuccess)
 	goto loser;
     PORT_Assert(hostname != NULL);
     PORT_Assert(path != NULL);
     sock = ocsp_ConnectToHost(hostname, port);
     if (sock == NULL)
 	goto loser;
     portstr[0] = '\0';
     if (port != 80) {
         PR_snprintf(portstr, sizeof(portstr), ":%d", port);
     }
     if (!encodedRequest) {
       header = PR_smprintf("GET %s HTTP/1.0\r\n"
                           "Host: %s%s\r\n\r\n",
                           path, hostname, portstr);
       if (header == NULL)
           goto loser;
       /*
       * The NSPR documentation promises that if it can, it will write the full
       * amount; this will not return a partial value expecting us to loop.
       */
       if (PR_Write(sock, header, (PRInt32) PORT_Strlen(header)) < 0)
           goto loser;
     }
     else {
       header = PR_smprintf("POST %s HTTP/1.0\r\n"
                           "Host: %s%s\r\n"
                           "Content-Type: application/ocsp-request\r\n"
                           "Content-Length: %u\r\n\r\n",
                           path, hostname, portstr, encodedRequest->len);
       if (header == NULL)
           goto loser;
       /*
       * The NSPR documentation promises that if it can, it will write the full
       * amount; this will not return a partial value expecting us to loop.
       */
       if (PR_Write(sock, header, (PRInt32) PORT_Strlen(header)) < 0)
           goto loser;
       if (PR_Write(sock, encodedRequest->data,
                   (PRInt32) encodedRequest->len) < 0)
           goto loser;
     }
     returnSock = sock;
     sock = NULL;
 loser:
     if (header != NULL)
 	PORT_Free(header);
     if (sock != NULL)
 	PR_Close(sock);
     if (path != NULL)
 	PORT_Free(path);
     if (hostname != NULL)
 	PORT_Free(hostname);
     return returnSock;
 }
 /*
  * Read from "fd" into "buf" -- expect/attempt to read a given number of bytes
  * Obviously, stop if hit end-of-stream. Timeout is passed in.
  */
 static int
 ocsp_read(PRFileDesc *fd, char *buf, int toread, PRIntervalTime timeout)
 {
     int total = 0;
     while (total < toread)
     {
         PRInt32 got;
         got = PR_Recv(fd, buf + total, (PRInt32) (toread - total), 0, timeout);
         if (got < 0)
         {
             if (0 == total)
             {
                 total = -1; /* report the error if we didn't read anything yet */
             }
             break;
         }
         else
         if (got == 0)
         {			/* EOS */
             break;
         }
         total += got;
     }
     return total;
 }
 #define OCSP_BUFSIZE 1024
 #define AbortHttpDecode(error) \
 { \
         if (inBuffer) \
             PORT_Free(inBuffer); \
         PORT_SetError(error); \
         return NULL; \
 }
 /*
  * Reads on the given socket and returns an encoded response when received.
  * Properly formatted HTTP/1.0 response headers are expected to be read
  * from the socket, preceding a binary-encoded OCSP response.  Problems
  * with parsing cause the error SEC_ERROR_OCSP_BAD_HTTP_RESPONSE to be
  * set; any other problems are likely low-level i/o or memory allocation
  * errors.
  */
 static SECItem *
 ocsp_GetEncodedResponse(PLArenaPool *arena, PRFileDesc *sock)
 {
     /* first read HTTP status line and headers */
     char* inBuffer = NULL;
     PRInt32 offset = 0;
     PRInt32 inBufsize = 0;
     const PRInt32 bufSizeIncrement = OCSP_BUFSIZE; /* 1 KB at a time */
     const PRInt32 maxBufSize = 8 * bufSizeIncrement ; /* 8 KB max */
     const char* CRLF = "\r\n";
     const PRInt32 CRLFlen = strlen(CRLF);
     const char* headerEndMark = "\r\n\r\n";
     const PRInt32 markLen = strlen(headerEndMark);
     const PRIntervalTime ocsptimeout =
         PR_SecondsToInterval(30); /* hardcoded to 30s for now */
     char* headerEnd = NULL;
     PRBool EOS = PR_FALSE;
     const char* httpprotocol = "HTTP/";
     const PRInt32 httplen = strlen(httpprotocol);
     const char* httpcode = NULL;
     const char* contenttype = NULL;
     PRInt32 contentlength = 0;
     PRInt32 bytesRead = 0;
     char* statusLineEnd = NULL;
     char* space = NULL;
     char* nextHeader = NULL;
     SECItem* result = NULL;
     /* read up to at least the end of the HTTP headers */
     do
     {
         inBufsize += bufSizeIncrement;
         inBuffer = PORT_Realloc(inBuffer, inBufsize+1);
         if (NULL == inBuffer)
         {
             AbortHttpDecode(SEC_ERROR_NO_MEMORY);
         }
         bytesRead = ocsp_read(sock, inBuffer + offset, bufSizeIncrement,
             ocsptimeout);
         if (bytesRead > 0)
         {
             PRInt32 searchOffset = (offset - markLen) >0 ? offset-markLen : 0;
             offset += bytesRead;
             *(inBuffer + offset) = '\0'; /* NULL termination */
             headerEnd = strstr((const char*)inBuffer + searchOffset, headerEndMark);
             if (bytesRead < bufSizeIncrement)
             {
                 /* we read less data than requested, therefore we are at
                    EOS or there was a read error */
                 EOS = PR_TRUE;
             }
         }
         else
         {
             /* recv error or EOS */
             EOS = PR_TRUE;
         }
     } while ( (!headerEnd) && (PR_FALSE == EOS) &&
               (inBufsize < maxBufSize) );
     if (!headerEnd)
     {
         AbortHttpDecode(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE);
     }
     /* parse the HTTP status line  */
     statusLineEnd = strstr((const char*)inBuffer, CRLF);
     if (!statusLineEnd)
     {
         AbortHttpDecode(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE);
     }
     *statusLineEnd = '\0';
     /* check for HTTP/ response */
     space = strchr((const char*)inBuffer, ' ');
     if (!space || PORT_Strncasecmp((const char*)inBuffer, httpprotocol, httplen) != 0 )
     {
         AbortHttpDecode(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE);
     }
     /* check the HTTP status code of 200 */
     httpcode = space +1;
     space = strchr(httpcode, ' ');
     if (!space)
     {
         AbortHttpDecode(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE);
     }
     *space = 0;
     if (0 != strcmp(httpcode, "200"))
     {
         AbortHttpDecode(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE);
     }
     /* parse the HTTP headers in the buffer . We only care about
        content-type and content-length
     */
     nextHeader = statusLineEnd + CRLFlen;
     *headerEnd = '\0'; /* terminate */
     do
     {
         char* thisHeaderEnd = NULL;
         char* value = NULL;
         char* colon = strchr(nextHeader, ':');
         if (!colon)
         {
             AbortHttpDecode(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE);
         }
         *colon = '\0';
         value = colon + 1;
         /* jpierre - note : the following code will only handle the basic form
            of HTTP/1.0 response headers, of the form "name: value" . Headers
            split among multiple lines are not supported. This is not common
            and should not be an issue, but it could become one in the
            future */
         if (*value != ' ')
         {
             AbortHttpDecode(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE);
         }
         value++;
         thisHeaderEnd  = strstr(value, CRLF);
         if (thisHeaderEnd )
         {
             *thisHeaderEnd  = '\0';
         }
         if (0 == PORT_Strcasecmp(nextHeader, "content-type"))
         {
             contenttype = value;
         }
         else
         if (0 == PORT_Strcasecmp(nextHeader, "content-length"))
         {
             contentlength = atoi(value);
         }
         if (thisHeaderEnd )
         {
             nextHeader = thisHeaderEnd + CRLFlen;
         }
         else
         {
             nextHeader = NULL;
         }
     } while (nextHeader && (nextHeader < (headerEnd + CRLFlen) ) );
     /* check content-type */
     if (!contenttype ||
         (0 != PORT_Strcasecmp(contenttype, "application/ocsp-response")) )
     {
         AbortHttpDecode(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE);
     }
     /* read the body of the OCSP response */
     offset = offset - (PRInt32) (headerEnd - (const char*)inBuffer) - markLen;
     if (offset)
     {
         /* move all data to the beginning of the buffer */
         PORT_Memmove(inBuffer, headerEnd + markLen, offset);
     }
     /* resize buffer to only what's needed to hold the current response */
     inBufsize = (1 + (offset-1) / bufSizeIncrement ) * bufSizeIncrement ;
     while ( (PR_FALSE == EOS) &&
             ( (contentlength == 0) || (offset < contentlength) ) &&
             (inBufsize < maxBufSize)
             )
     {
         /* we still need to receive more body data */
         inBufsize += bufSizeIncrement;
         inBuffer = PORT_Realloc(inBuffer, inBufsize+1);
         if (NULL == inBuffer)
         {
             AbortHttpDecode(SEC_ERROR_NO_MEMORY);
         }
         bytesRead = ocsp_read(sock, inBuffer + offset, bufSizeIncrement,
                               ocsptimeout);
         if (bytesRead > 0)
         {
             offset += bytesRead;
             if (bytesRead < bufSizeIncrement)
             {
                 /* we read less data than requested, therefore we are at
                    EOS or there was a read error */
                 EOS = PR_TRUE;
             }
         }
         else
         {
             /* recv error or EOS */
             EOS = PR_TRUE;
         }
     }
     if (0 == offset)
     {
         AbortHttpDecode(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE);
     }
     /*
      * Now allocate the item to hold the data.
      */
     result = SECITEM_AllocItem(arena, NULL, offset);
     if (NULL == result)
     {
         AbortHttpDecode(SEC_ERROR_NO_MEMORY);
     }
     /*
      * And copy the data left in the buffer.
     */
     PORT_Memcpy(result->data, inBuffer, offset);
     /* and free the temporary buffer */
     PORT_Free(inBuffer);
     return result;
 }
 SECStatus
 CERT_ParseURL(const char *url, char **pHostname, PRUint16 *pPort, char **pPath)
 {
     return ocsp_ParseURL(url, pHostname, pPort, pPath);
 }
 /*
  * Limit the size of http responses we are willing to accept.
  */
 #define MAX_WANTED_OCSP_RESPONSE_LEN 64*1024
 /* if (encodedRequest == NULL)
  *   then location MUST already include the full request,
  *        including base64 and urlencode,
  *        and the request will be sent with GET
  * if (encodedRequest != NULL)
  *   then the request will be sent with POST
  */
 static SECItem *
 fetchOcspHttpClientV1(PLArenaPool *arena,
                       const SEC_HttpClientFcnV1 *hcv1,
                       const char *location,
                       const SECItem *encodedRequest)
 {
     char *hostname = NULL;
     char *path = NULL;
     PRUint16 port;
     SECItem *encodedResponse = NULL;
     SEC_HTTP_SERVER_SESSION pServerSession = NULL;
     SEC_HTTP_REQUEST_SESSION pRequestSession = NULL;
     PRUint16 myHttpResponseCode;
     const char *myHttpResponseData;
     PRUint32 myHttpResponseDataLen;
     if (ocsp_ParseURL(location, &hostname, &port, &path) == SECFailure) {
         PORT_SetError(SEC_ERROR_OCSP_MALFORMED_REQUEST);
         goto loser;
     }
     PORT_Assert(hostname != NULL);
     PORT_Assert(path != NULL);
     if ((*hcv1->createSessionFcn)(
             hostname,
             port,
             &pServerSession) != SECSuccess) {
         PORT_SetError(SEC_ERROR_OCSP_SERVER_ERROR);
         goto loser;
     }
     /* We use a non-zero timeout, which means:
        - the client will use blocking I/O
        - TryFcn will not return WOULD_BLOCK nor a poll descriptor
        - it's sufficient to call TryFcn once
        No lock for accessing OCSP_Global.timeoutSeconds, bug 406120
     */
     if ((*hcv1->createFcn)(
             pServerSession,
             "http",
             path,
             encodedRequest ? "POST" : "GET",
             PR_TicksPerSecond() * OCSP_Global.timeoutSeconds,
             &pRequestSession) != SECSuccess) {
         PORT_SetError(SEC_ERROR_OCSP_SERVER_ERROR);
         goto loser;
     }
     if (encodedRequest &&
         (*hcv1->setPostDataFcn)(
             pRequestSession,
             (char*)encodedRequest->data,
             encodedRequest->len,
             "application/ocsp-request") != SECSuccess) {
         PORT_SetError(SEC_ERROR_OCSP_SERVER_ERROR);
         goto loser;
     }
     /* we don't want result objects larger than this: */
     myHttpResponseDataLen = MAX_WANTED_OCSP_RESPONSE_LEN;
     OCSP_TRACE(("OCSP trySendAndReceive %s\n", location));
     if ((*hcv1->trySendAndReceiveFcn)(
             pRequestSession,
             NULL,
             &myHttpResponseCode,
             NULL,
             NULL,
             &myHttpResponseData,
             &myHttpResponseDataLen) != SECSuccess) {
         PORT_SetError(SEC_ERROR_OCSP_SERVER_ERROR);
         goto loser;
     }
     OCSP_TRACE(("OCSP trySendAndReceive result http %d\n", myHttpResponseCode));
     if (myHttpResponseCode != 200) {
         PORT_SetError(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE);
         goto loser;
     }
     encodedResponse = SECITEM_AllocItem(arena, NULL, myHttpResponseDataLen);
     if (!encodedResponse) {
         PORT_SetError(SEC_ERROR_NO_MEMORY);
         goto loser;
     }
     PORT_Memcpy(encodedResponse->data, myHttpResponseData, myHttpResponseDataLen);
 loser:
     if (pRequestSession != NULL)
         (*hcv1->freeFcn)(pRequestSession);
     if (pServerSession != NULL)
         (*hcv1->freeSessionFcn)(pServerSession);
     if (path != NULL)
 	PORT_Free(path);
     if (hostname != NULL)
 	PORT_Free(hostname);
     return encodedResponse;
 }
 /*
  * FUNCTION: CERT_GetEncodedOCSPResponseByMethod
  *   Creates and sends a request to an OCSP responder, then reads and
  *   returns the (encoded) response.
  * INPUTS:
  *   PLArenaPool *arena
  *     Pointer to arena from which return value will be allocated.
  *     If NULL, result will be allocated from the heap (and thus should
  *     be freed via SECITEM_FreeItem).
  *   CERTCertList *certList
  *     A list of certs for which status will be requested.
  *     Note that all of these certificates should have the same issuer,
  *     or it's expected the response will be signed by a trusted responder.
  *     If the certs need to be broken up into multiple requests, that
  *     must be handled by the caller (and thus by having multiple calls
  *     to this routine), who knows about where the request(s) are being
  *     sent and whether there are any trusted responders in place.
  *   const char *location
  *     The location of the OCSP responder (a URL).
  *   const char *method
  *     The protocol method used when retrieving the OCSP response.
  *     Currently support: "GET" (http GET) and "POST" (http POST).
  *     Additionals methods for http or other protocols might be added
  *     in the future.
  *   PRTime time
  *     Indicates the time for which the certificate status is to be
  *     determined -- this may be used in the search for the cert's issuer
  *     but has no other bearing on the operation.
  *   PRBool addServiceLocator
  *     If true, the Service Locator extension should be added to the
  *     single request(s) for each cert.
  *   CERTCertificate *signerCert
  *     If non-NULL, means sign the request using this cert.  Otherwise,
  *     do not sign.
  *   void *pwArg
  *     Pointer to argument for password prompting, if needed.  (Definitely
  *     not needed if not signing.)
  * OUTPUTS:
  *   CERTOCSPRequest **pRequest
  *     Pointer in which to store the OCSP request created for the given
  *     list of certificates.  It is only filled in if the entire operation
  *     is successful and the pointer is not null -- and in that case the
  *     caller is then reponsible for destroying it.
  * RETURN:
  *   Returns a pointer to the SECItem holding the response.
  *   On error, returns null with error set describing the reason:
  *	SEC_ERROR_UNKNOWN_ISSUER
  *	SEC_ERROR_CERT_BAD_ACCESS_LOCATION
  *	SEC_ERROR_OCSP_BAD_HTTP_RESPONSE
  *   Other errors are low-level problems (no memory, bad database, etc.).
  */
 SECItem *
 CERT_GetEncodedOCSPResponseByMethod(PLArenaPool *arena, CERTCertList *certList,
 				    const char *location, const char *method,
 				    PRTime time, PRBool addServiceLocator,
 				    CERTCertificate *signerCert, void *pwArg,
 				    CERTOCSPRequest **pRequest)
 {
     CERTOCSPRequest *request;
     request = CERT_CreateOCSPRequest(certList, time, addServiceLocator,
                                      signerCert);
     if (!request)
         return NULL;
     return ocsp_GetEncodedOCSPResponseFromRequest(arena, request, location,
                                                   method, time, addServiceLocator,
                                                   pwArg, pRequest);
 }
 /*
  * FUNCTION: CERT_GetEncodedOCSPResponse
  *   Creates and sends a request to an OCSP responder, then reads and
  *   returns the (encoded) response.
  *
  * This is a legacy API that behaves identically to
  * CERT_GetEncodedOCSPResponseByMethod using the "POST" method.
  */
 SECItem *
 CERT_GetEncodedOCSPResponse(PLArenaPool *arena, CERTCertList *certList,
 			    const char *location, PRTime time,
 			    PRBool addServiceLocator,
 			    CERTCertificate *signerCert, void *pwArg,
 			    CERTOCSPRequest **pRequest)
 {
     return CERT_GetEncodedOCSPResponseByMethod(arena, certList, location,
 					       "POST", time, addServiceLocator,
 					       signerCert, pwArg, pRequest);
 }
 /* URL encode a buffer that consists of base64-characters, only,
  * which means we can use a simple encoding logic.
  *
  * No output buffer size checking is performed.
  * You should call the function twice, to calculate the required buffer size.
  *
  * If the outpufBuf parameter is NULL, the function will calculate the
  * required size, including the trailing zero termination char.
  *
  * The function returns the number of bytes calculated or produced.
  */
 size_t
 ocsp_UrlEncodeBase64Buf(const char *base64Buf, char *outputBuf)
 {
     const char *walkInput = NULL;
     char *walkOutput = outputBuf;
     size_t count = 0;
     for (walkInput=base64Buf; *walkInput; ++walkInput) {
 	char c = *walkInput;
 	if (isspace(c))
 	    continue;
 	switch (c) {
 	  case '+':
 	    if (outputBuf) {
 		strcpy(walkOutput, "%2B");
 		walkOutput += 3;
 	    }
 	    count += 3;
 	    break;
 	  case '/':
 	    if (outputBuf) {
 		strcpy(walkOutput, "%2F");
 		walkOutput += 3;
 	    }
 	    count += 3;
 	    break;
 	  case '=':
 	    if (outputBuf) {
 		strcpy(walkOutput, "%3D");
 		walkOutput += 3;
 	    }
 	    count += 3;
 	    break;
 	  default:
 	    if (outputBuf) {
 		*walkOutput = *walkInput;
 		++walkOutput;
 	    }
 	    ++count;
 	    break;
 	}
     }
     if (outputBuf) {
 	*walkOutput = 0;
     }
     ++count;
     return count;
 }
 enum { max_get_request_size = 255 }; /* defined by RFC2560 */
 static SECItem *
 cert_GetOCSPResponse(PLArenaPool *arena, const char *location,
                      const SECItem *encodedRequest);
 static SECItem *
 ocsp_GetEncodedOCSPResponseFromRequest(PLArenaPool *arena,
                                        CERTOCSPRequest *request,
                                        const char *location,
 				       const char *method,
 				       PRTime time,
                                        PRBool addServiceLocator,
                                        void *pwArg,
                                        CERTOCSPRequest **pRequest)
 {
     SECItem *encodedRequest = NULL;
     SECItem *encodedResponse = NULL;
     SECStatus rv;
     if (!location || !*location) /* location should be at least one byte */
         goto loser;
     rv = CERT_AddOCSPAcceptableResponses(request,
 					 SEC_OID_PKIX_OCSP_BASIC_RESPONSE);
     if (rv != SECSuccess)
 	goto loser;
     encodedRequest = CERT_EncodeOCSPRequest(NULL, request, pwArg);
     if (encodedRequest == NULL)
 	goto loser;
     if (!strcmp(method, "GET")) {
         encodedResponse = cert_GetOCSPResponse(arena, location, encodedRequest);
     }
     else if (!strcmp(method, "POST")) {
         encodedResponse = CERT_PostOCSPRequest(arena, location, encodedRequest);
     }
     else {
 	goto loser;
     }
     if (encodedResponse != NULL && pRequest != NULL) {
 	*pRequest = request;
 	request = NULL;			/* avoid destroying below */
     }
 loser:
     if (request != NULL)
 	CERT_DestroyOCSPRequest(request);
     if (encodedRequest != NULL)
 	SECITEM_FreeItem(encodedRequest, PR_TRUE);
     return encodedResponse;
 }
 static SECItem *
 cert_FetchOCSPResponse(PLArenaPool *arena,  const char *location,
                        const SECItem *encodedRequest);
 /* using HTTP GET method */
 static SECItem *
 cert_GetOCSPResponse(PLArenaPool *arena, const char *location,
                      const SECItem *encodedRequest)
 {
     char *walkOutput = NULL;
     char *fullGetPath = NULL;
     size_t pathLength;
     PRInt32 urlEncodedBufLength;
     size_t base64size;
     char b64ReqBuf[max_get_request_size+1];
     size_t slashLengthIfNeeded = 0;
     size_t getURLLength;
     SECItem *item;
     if (!location || !*location) {
 	return NULL;
     }
     pathLength = strlen(location);
     if (location[pathLength-1] != '/') {
 	slashLengthIfNeeded = 1;
     }
     /* Calculation as documented by PL_Base64Encode function.
      * Use integer conversion to avoid having to use function ceil().
      */
     base64size = (((encodedRequest->len +2)/3) * 4);
     if (base64size > max_get_request_size) {
 	return NULL;
     }
     memset(b64ReqBuf, 0, sizeof(b64ReqBuf));
     PL_Base64Encode((const char*)encodedRequest->data, encodedRequest->len,
 		    b64ReqBuf);
     urlEncodedBufLength = ocsp_UrlEncodeBase64Buf(b64ReqBuf, NULL);
     getURLLength = pathLength + urlEncodedBufLength + slashLengthIfNeeded;
     /* urlEncodedBufLength already contains room for the zero terminator.
      * Add another if we must add the '/' char.
      */
     if (arena) {
         fullGetPath = (char*)PORT_ArenaAlloc(arena, getURLLength);
     } else {
         fullGetPath = (char*)PORT_Alloc(getURLLength);
     }
     if (!fullGetPath) {
 	return NULL;
     }
     strcpy(fullGetPath, location);
     walkOutput = fullGetPath + pathLength;
     if (walkOutput > fullGetPath && slashLengthIfNeeded) {
         strcpy(walkOutput, "/");
         ++walkOutput;
     }
     ocsp_UrlEncodeBase64Buf(b64ReqBuf, walkOutput);
     item = cert_FetchOCSPResponse(arena, fullGetPath, NULL);
     if (!arena) {
 	PORT_Free(fullGetPath);
     }
     return item;
 }
 SECItem *
 CERT_PostOCSPRequest(PLArenaPool *arena,  const char *location,
                      const SECItem *encodedRequest)
 {
     return cert_FetchOCSPResponse(arena, location, encodedRequest);
 }
 SECItem *
 cert_FetchOCSPResponse(PLArenaPool *arena,  const char *location,
                        const SECItem *encodedRequest)
 {
     const SEC_HttpClientFcn *registeredHttpClient;
     SECItem *encodedResponse = NULL;
     registeredHttpClient = SEC_GetRegisteredHttpClient();
     if (registeredHttpClient && registeredHttpClient->version == 1) {
         encodedResponse = fetchOcspHttpClientV1(
                               arena,
                               &registeredHttpClient->fcnTable.ftable1,
                               location,
                               encodedRequest);
     } else {
         /* use internal http client */
         PRFileDesc *sock = ocsp_SendEncodedRequest(location, encodedRequest);
         if (sock) {
             encodedResponse = ocsp_GetEncodedResponse(arena, sock);
             PR_Close(sock);
         }
     }
     return encodedResponse;
 }
 static SECItem *
 ocsp_GetEncodedOCSPResponseForSingleCert(PLArenaPool *arena,
                                          CERTOCSPCertID *certID,
                                          CERTCertificate *singleCert,
                                          const char *location,
 					 const char *method,
 					 PRTime time,
                                          PRBool addServiceLocator,
                                          void *pwArg,
                                          CERTOCSPRequest **pRequest)
 {
     CERTOCSPRequest *request;
     request = cert_CreateSingleCertOCSPRequest(certID, singleCert, time,
                                                addServiceLocator, NULL);
     if (!request)
         return NULL;
     return ocsp_GetEncodedOCSPResponseFromRequest(arena, request, location,
                                                   method, time, addServiceLocator,
                                                   pwArg, pRequest);
 }
 /* Checks a certificate for the key usage extension of OCSP signer. */
 static PRBool
 ocsp_CertIsOCSPDesignatedResponder(CERTCertificate *cert)
 {
     SECStatus rv;
     SECItem extItem;
     SECItem **oids;
     SECItem *oid;
     SECOidTag oidTag;
     PRBool retval;
     CERTOidSequence *oidSeq = NULL;
     extItem.data = NULL;
     rv = CERT_FindCertExtension(cert, SEC_OID_X509_EXT_KEY_USAGE, &extItem);
     if ( rv != SECSuccess ) {
 	goto loser;
     }
     oidSeq = CERT_DecodeOidSequence(&extItem);
     if ( oidSeq == NULL ) {
 	goto loser;
     }
     oids = oidSeq->oids;
     while ( *oids != NULL ) {
 	oid = *oids;
 	oidTag = SECOID_FindOIDTag(oid);
 	if ( oidTag == SEC_OID_OCSP_RESPONDER ) {
 	    goto success;
 	}
 	oids++;
     }
 loser:
     retval = PR_FALSE;
     PORT_SetError(SEC_ERROR_OCSP_INVALID_SIGNING_CERT);
     goto done;
 success:
     retval = PR_TRUE;
 done:
     if ( extItem.data != NULL ) {
 	PORT_Free(extItem.data);
     }
     if ( oidSeq != NULL ) {
 	CERT_DestroyOidSequence(oidSeq);
     }
     return(retval);
 }
 #ifdef LATER	/*
 		 * XXX This function is not currently used, but will
 		 * be needed later when we do revocation checking of
 		 * the responder certificate.  Of course, it may need
 		 * revising then, if the cert extension interface has
 		 * changed.  (Hopefully it will!)
 		 */
 /* Checks a certificate to see if it has the OCSP no check extension. */
 static PRBool
 ocsp_CertHasNoCheckExtension(CERTCertificate *cert)
 {
     SECStatus rv;
     rv = CERT_FindCertExtension(cert, SEC_OID_PKIX_OCSP_NO_CHECK,
 				NULL);
     if (rv == SECSuccess) {
 	return PR_TRUE;
     }
     return PR_FALSE;
 }
 #endif	/* LATER */
 static PRBool
 ocsp_matchcert(SECItem *certIndex,CERTCertificate *testCert)
 {
     SECItem item;
     unsigned char buf[HASH_LENGTH_MAX];
     item.data = buf;
     item.len = SHA1_LENGTH;
     if (CERT_GetSubjectPublicKeyDigest(NULL,testCert,SEC_OID_SHA1,
 				       &item) == NULL) {
 	return PR_FALSE;
     }
     if  (SECITEM_ItemsAreEqual(certIndex,&item)) {
 	return PR_TRUE;
     }
     if (CERT_GetSubjectPublicKeyDigest(NULL,testCert,SEC_OID_MD5,
 				       &item) == NULL) {
 	return PR_FALSE;
     }
     if  (SECITEM_ItemsAreEqual(certIndex,&item)) {
 	return PR_TRUE;
     }
     if (CERT_GetSubjectPublicKeyDigest(NULL,testCert,SEC_OID_MD2,
 				       &item) == NULL) {
 	return PR_FALSE;
     }
     if  (SECITEM_ItemsAreEqual(certIndex,&item)) {
 	return PR_TRUE;
     }
     return PR_FALSE;
 }
 static CERTCertificate *
 ocsp_CertGetDefaultResponder(CERTCertDBHandle *handle,CERTOCSPCertID *certID);
 CERTCertificate *
 ocsp_GetSignerCertificate(CERTCertDBHandle *handle, ocspResponseData *tbsData,
                           ocspSignature *signature, CERTCertificate *issuer)
 {
     CERTCertificate **certs = NULL;
     CERTCertificate *signerCert = NULL;
     SECStatus rv = SECFailure;
     PRBool lookupByName = PR_TRUE;
     void *certIndex = NULL;
     int certCount = 0;
     PORT_Assert(tbsData->responderID != NULL);
     switch (tbsData->responderID->responderIDType) {
     case ocspResponderID_byName:
 	lookupByName = PR_TRUE;
 	certIndex = &tbsData->derResponderID;
 	break;
     case ocspResponderID_byKey:
 	lookupByName = PR_FALSE;
 	certIndex = &tbsData->responderID->responderIDValue.keyHash;
 	break;
     case ocspResponderID_other:
     default:
 	PORT_Assert(0);
 	PORT_SetError(SEC_ERROR_OCSP_MALFORMED_RESPONSE);
 	return NULL;
     }
     /*
      * If the signature contains some certificates as well, temporarily
      * import them in case they are needed for verification.
      *
      * Note that the result of this is that each cert in "certs" needs
      * to be destroyed.
      */
     if (signature->derCerts != NULL) {
 	for (; signature->derCerts[certCount] != NULL; certCount++) {
 	    /* just counting */
 	}
 	rv = CERT_ImportCerts(handle, certUsageStatusResponder, certCount,
 	                      signature->derCerts, &certs,
 	                      PR_FALSE, PR_FALSE, NULL);
 	if (rv != SECSuccess)
 	     goto finish;
     }
     /*
      * Now look up the certificate that did the signing.
      * The signer can be specified either by name or by key hash.
      */
     if (lookupByName) {
 	SECItem *crIndex = (SECItem*)certIndex;
 	SECItem encodedName;
 	PLArenaPool *arena;
 	arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
 	if (arena != NULL) {
 	    rv = SEC_QuickDERDecodeItem(arena, &encodedName,
 	                                ocsp_ResponderIDDerNameTemplate,
 	                                crIndex);
 	    if (rv != SECSuccess) {
 	        if (PORT_GetError() == SEC_ERROR_BAD_DER)
 	            PORT_SetError(SEC_ERROR_OCSP_MALFORMED_RESPONSE);
 	    } else {
 	            signerCert = CERT_FindCertByName(handle, &encodedName);
 	    }
 	    PORT_FreeArena(arena, PR_FALSE);
 	}
     } else {
 	/*
 	 * The signer is either 1) a known issuer CA we passed in,
 	 * 2) the default OCSP responder, or 3) an intermediate CA
 	 * passed in the cert list to use. Figure out which it is.
 	 */
 	int i;
 	CERTCertificate *responder =
             ocsp_CertGetDefaultResponder(handle, NULL);
 	if (responder && ocsp_matchcert(certIndex,responder)) {
 	    signerCert = CERT_DupCertificate(responder);
 	} else if (issuer && ocsp_matchcert(certIndex,issuer)) {
 	    signerCert = CERT_DupCertificate(issuer);
 	}
 	for (i=0; (signerCert == NULL) && (i < certCount); i++) {
 	    if (ocsp_matchcert(certIndex,certs[i])) {
 		signerCert = CERT_DupCertificate(certs[i]);
 	    }
 	}
 	if (signerCert == NULL) {
 	    PORT_SetError(SEC_ERROR_UNKNOWN_CERT);
 	}
     }
 finish:
     if (certs != NULL) {
 	CERT_DestroyCertArray(certs, certCount);
     }
     return signerCert;
 }
 SECStatus
 ocsp_VerifyResponseSignature(CERTCertificate *signerCert,
                              ocspSignature *signature,
                              SECItem *tbsResponseDataDER,
                              void *pwArg)
 {
     SECKEYPublicKey *signerKey = NULL;
     SECStatus rv = SECFailure;
     CERTSignedData signedData;
     /*
      * Now get the public key from the signer's certificate; we need
      * it to perform the verification.
      */
     signerKey = CERT_ExtractPublicKey(signerCert);
     if (signerKey == NULL) {
         return SECFailure;
     }
     /*
      * We copy the signature data *pointer* and length, so that we can
      * modify the length without damaging the original copy.  This is a
      * simple copy, not a dup, so no destroy/free is necessary.
      */
     signedData.signature = signature->signature;
     signedData.signatureAlgorithm = signature->signatureAlgorithm;
     signedData.data = *tbsResponseDataDER;
     rv = CERT_VerifySignedDataWithPublicKey(&signedData, signerKey, pwArg);
     if (rv != SECSuccess &&
         (PORT_GetError() == SEC_ERROR_BAD_SIGNATURE ||
          PORT_GetError() == SEC_ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED)) {
         PORT_SetError(SEC_ERROR_OCSP_BAD_SIGNATURE);
     }
     if (signerKey != NULL) {
         SECKEY_DestroyPublicKey(signerKey);
     }
     return rv;
 }
 /*
  * FUNCTION: CERT_VerifyOCSPResponseSignature
  *   Check the signature on an OCSP Response.  Will also perform a
  *   verification of the signer's certificate.  Note, however, that a
  *   successful verification does not make any statement about the
  *   signer's *authority* to provide status for the certificate(s),
  *   that must be checked individually for each certificate.
  * INPUTS:
  *   CERTOCSPResponse *response
  *     Pointer to response structure with signature to be checked.
  *   CERTCertDBHandle *handle
  *     Pointer to CERTCertDBHandle for certificate DB to use for verification.
  *   void *pwArg
  *     Pointer to argument for password prompting, if needed.
  * OUTPUTS:
  *   CERTCertificate **pSignerCert
  *     Pointer in which to store signer's certificate; only filled-in if
  *     non-null.
  * RETURN:
  *   Returns SECSuccess when signature is valid, anything else means invalid.
  *   Possible errors set:
  *	SEC_ERROR_OCSP_MALFORMED_RESPONSE - unknown type of ResponderID
  *	SEC_ERROR_INVALID_TIME - bad format of "ProducedAt" time
  *	SEC_ERROR_UNKNOWN_SIGNER - signer's cert could not be found
  *	SEC_ERROR_BAD_SIGNATURE - the signature did not verify
  *   Other errors are any of the many possible failures in cert verification
  *   (e.g. SEC_ERROR_REVOKED_CERTIFICATE, SEC_ERROR_UNTRUSTED_ISSUER) when
  *   verifying the signer's cert, or low-level problems (no memory, etc.)
  */
 SECStatus
 CERT_VerifyOCSPResponseSignature(CERTOCSPResponse *response,
 				 CERTCertDBHandle *handle, void *pwArg,
 				 CERTCertificate **pSignerCert,
 				 CERTCertificate *issuer)
 {
     SECItem *tbsResponseDataDER;
     CERTCertificate *signerCert = NULL;
     SECStatus rv = SECFailure;
     PRTime producedAt;
     /* ocsp_DecodeBasicOCSPResponse will fail if asn1 decoder is unable
      * to properly decode tbsData (see the function and
      * ocsp_BasicOCSPResponseTemplate). Thus, tbsData can not be
      * equal to null */
     ocspResponseData *tbsData = ocsp_GetResponseData(response,
                                                      &tbsResponseDataDER);
     ocspSignature *signature = ocsp_GetResponseSignature(response);
     if (!signature) {
         PORT_SetError(SEC_ERROR_OCSP_BAD_SIGNATURE);
         return SECFailure;
     }
     /*
      * If this signature has already gone through verification, just
      * return the cached result.
      */
     if (signature->wasChecked) {
 	if (signature->status == SECSuccess) {
 	    if (pSignerCert != NULL)
 		*pSignerCert = CERT_DupCertificate(signature->cert);
 	} else {
 	    PORT_SetError(signature->failureReason);
 	}
 	return signature->status;
     }
     signerCert = ocsp_GetSignerCertificate(handle, tbsData,
                                            signature, issuer);
     if (signerCert == NULL) {
 	rv = SECFailure;
 	if (PORT_GetError() == SEC_ERROR_UNKNOWN_CERT) {
 	    /* Make the error a little more specific. */
 	    PORT_SetError(SEC_ERROR_OCSP_INVALID_SIGNING_CERT);
 	}
 	goto finish;
     }
     /*
      * We could mark this true at the top of this function, or always
      * below at "finish", but if the problem was just that we could not
      * find the signer's cert, leave that as if the signature hasn't
      * been checked in case a subsequent call might have better luck.
      */
     signature->wasChecked = PR_TRUE;
     /*
      * The function will also verify the signer certificate; we
      * need to tell it *when* that certificate must be valid -- for our
      * purposes we expect it to be valid when the response was signed.
      * The value of "producedAt" is the signing time.
      */
     rv = DER_GeneralizedTimeToTime(&producedAt, &tbsData->producedAt);
     if (rv != SECSuccess)
         goto finish;
     /*
      * Just because we have a cert does not mean it is any good; check
      * it for validity, trust and usage.
      */
     if (ocsp_CertIsOCSPDefaultResponder(handle, signerCert)) {
         rv = SECSuccess;
     } else {
         SECCertUsage certUsage;
         if (CERT_IsCACert(signerCert, NULL)) {
             certUsage = certUsageAnyCA;
         } else {
             certUsage = certUsageStatusResponder;
         }
         rv = cert_VerifyCertWithFlags(handle, signerCert, PR_TRUE, certUsage,
                                       producedAt, CERT_VERIFYCERT_SKIP_OCSP,
                                       pwArg, NULL);
         if (rv != SECSuccess) {
             PORT_SetError(SEC_ERROR_OCSP_INVALID_SIGNING_CERT);
             goto finish;
         }
     }
     rv = ocsp_VerifyResponseSignature(signerCert, signature,
                                       tbsResponseDataDER,
                                       pwArg);
 finish:
     if (signature->wasChecked)
 	signature->status = rv;
     if (rv != SECSuccess) {
 	signature->failureReason = PORT_GetError();
 	if (signerCert != NULL)
 	    CERT_DestroyCertificate(signerCert);
     } else {
 	/*
 	 * Save signer's certificate in signature.
 	 */
 	signature->cert = signerCert;
 	if (pSignerCert != NULL) {
 	    /*
 	     * Pass pointer to signer's certificate back to our caller,
 	     * who is also now responsible for destroying it.
 	     */
 	    *pSignerCert = CERT_DupCertificate(signerCert);
 	}
     }
     return rv;
 }
 /*
  * See if the request's certID and the single response's certID match.
  * This can be easy or difficult, depending on whether the same hash
  * algorithm was used.
  */
 static PRBool
 ocsp_CertIDsMatch(CERTOCSPCertID *requestCertID,
 		  CERTOCSPCertID *responseCertID)
 {
     PRBool match = PR_FALSE;
     SECOidTag hashAlg;
     SECItem *keyHash = NULL;
     SECItem *nameHash = NULL;
     /*
      * In order to match, they must have the same issuer and the same
      * serial number.
      *
      * We just compare the easier things first.
      */
     if (SECITEM_CompareItem(&requestCertID->serialNumber,
 			    &responseCertID->serialNumber) != SECEqual) {
 	goto done;
     }
     /*
      * Make sure the "parameters" are not too bogus.  Since we encoded
      * requestCertID->hashAlgorithm, we don't need to check it.
      */
     if (responseCertID->hashAlgorithm.parameters.len > 2) {
 	goto done;
     }
     if (SECITEM_CompareItem(&requestCertID->hashAlgorithm.algorithm,
 		&responseCertID->hashAlgorithm.algorithm) == SECEqual) {
 	/*
 	 * If the hash algorithms match then we can do a simple compare
 	 * of the hash values themselves.
 	 */
 	if ((SECITEM_CompareItem(&requestCertID->issuerNameHash,
 				&responseCertID->issuerNameHash) == SECEqual)
 	    && (SECITEM_CompareItem(&requestCertID->issuerKeyHash,
 				&responseCertID->issuerKeyHash) == SECEqual)) {
 	    match = PR_TRUE;
 	}
 	goto done;
     }
     hashAlg = SECOID_FindOIDTag(&responseCertID->hashAlgorithm.algorithm);
     switch (hashAlg) {
     case SEC_OID_SHA1:
 	keyHash = &requestCertID->issuerSHA1KeyHash;
 	nameHash = &requestCertID->issuerSHA1NameHash;
 	break;
     case SEC_OID_MD5:
 	keyHash = &requestCertID->issuerMD5KeyHash;
 	nameHash = &requestCertID->issuerMD5NameHash;
 	break;
     case SEC_OID_MD2:
 	keyHash = &requestCertID->issuerMD2KeyHash;
 	nameHash = &requestCertID->issuerMD2NameHash;
 	break;
     default:
 	PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
  	return PR_FALSE;
     }
     if ((keyHash != NULL)
 	&& (SECITEM_CompareItem(nameHash,
 				&responseCertID->issuerNameHash) == SECEqual)
 	&& (SECITEM_CompareItem(keyHash,
 				&responseCertID->issuerKeyHash) == SECEqual)) {
 	match = PR_TRUE;
     }
 done:
     return match;
 }
 /*
  * Find the single response for the cert specified by certID.
  * No copying is done; this just returns a pointer to the appropriate
  * response within responses, if it is found (and null otherwise).
  * This is fine, of course, since this function is internal-use only.
  */
 static CERTOCSPSingleResponse *
 ocsp_GetSingleResponseForCertID(CERTOCSPSingleResponse **responses,
 				CERTCertDBHandle *handle,
 				CERTOCSPCertID *certID)
 {
     CERTOCSPSingleResponse *single;
     int i;
     if (responses == NULL)
 	return NULL;
     for (i = 0; responses[i] != NULL; i++) {
 	single = responses[i];
 	if (ocsp_CertIDsMatch(certID, single->certID)) {
 	    return single;
 	}
     }
     /*
      * The OCSP server should have included a response even if it knew
      * nothing about the certificate in question.  Since it did not,
      * this will make it look as if it had.
      *
      * XXX Should we make this a separate error to notice the server's
      * bad behavior?
      */
     PORT_SetError(SEC_ERROR_OCSP_UNKNOWN_CERT);
     return NULL;
 }
 static ocspCheckingContext *
 ocsp_GetCheckingContext(CERTCertDBHandle *handle)
 {
     CERTStatusConfig *statusConfig;
     ocspCheckingContext *ocspcx = NULL;
     statusConfig = CERT_GetStatusConfig(handle);
     if (statusConfig != NULL) {
 	ocspcx = statusConfig->statusContext;
 	/*
 	 * This is actually an internal error, because we should never
 	 * have a good statusConfig without a good statusContext, too.
 	 * For lack of anything better, though, we just assert and use
 	 * the same error as if there were no statusConfig (set below).
 	 */
 	PORT_Assert(ocspcx != NULL);
     }
     if (ocspcx == NULL)
 	PORT_SetError(SEC_ERROR_OCSP_NOT_ENABLED);
     return ocspcx;
 }
 /*
  * Return cert reference if the given signerCert is the default responder for
  * the given certID.  If not, or if any error, return NULL.
  */
 static CERTCertificate *
 ocsp_CertGetDefaultResponder(CERTCertDBHandle *handle, CERTOCSPCertID *certID)
 {
     ocspCheckingContext *ocspcx;
     ocspcx = ocsp_GetCheckingContext(handle);
     if (ocspcx == NULL)
 	goto loser;
    /*
     * Right now we have only one default responder.  It applies to
     * all certs when it is used, so the check is simple and certID
     * has no bearing on the answer.  Someday in the future we may
     * allow configuration of different responders for different
     * issuers, and then we would have to use the issuer specified
     * in certID to determine if signerCert is the right one.
     */
     if (ocspcx->useDefaultResponder) {
 	PORT_Assert(ocspcx->defaultResponderCert != NULL);
 	return ocspcx->defaultResponderCert;
     }
 loser:
     return NULL;
 }
 /*
  * Return true if the cert is one of the default responders configured for
  * ocsp context. If not, or if any error, return false.
  */
 PRBool
 ocsp_CertIsOCSPDefaultResponder(CERTCertDBHandle *handle, CERTCertificate *cert)
 {
     ocspCheckingContext *ocspcx;
     ocspcx = ocsp_GetCheckingContext(handle);
     if (ocspcx == NULL)
 	return PR_FALSE;
    /*
     * Right now we have only one default responder.  It applies to
     * all certs when it is used, so the check is simple and certID
     * has no bearing on the answer.  Someday in the future we may
     * allow configuration of different responders for different
     * issuers, and then we would have to use the issuer specified
     * in certID to determine if signerCert is the right one.
     */
     if (ocspcx->useDefaultResponder &&
         CERT_CompareCerts(ocspcx->defaultResponderCert, cert)) {
 	return PR_TRUE;
     }
     return PR_FALSE;
 }
 /*
  * Check that the given signer certificate is authorized to sign status
  * information for the given certID.  Return true if it is, false if not
  * (or if there is any error along the way).  If false is returned because
  * the signer is not authorized, the following error will be set:
  *	SEC_ERROR_OCSP_UNAUTHORIZED_RESPONSE
  * Other errors are low-level problems (no memory, bad database, etc.).
  *
  * There are three ways to be authorized.  In the order in which we check,
  * using the terms used in the OCSP spec, the signer must be one of:
  *  1.  A "trusted responder" -- it matches a local configuration
  *      of OCSP signing authority for the certificate in question.
  *  2.  The CA who issued the certificate in question.
  *  3.  A "CA designated responder", aka an "authorized responder" -- it
  *      must be represented by a special cert issued by the CA who issued
  *      the certificate in question.
  */
 static PRBool
 ocsp_AuthorizedResponderForCertID(CERTCertDBHandle *handle,
 				  CERTCertificate *signerCert,
 				  CERTOCSPCertID *certID,
 				  PRTime thisUpdate)
 {
     CERTCertificate *issuerCert = NULL, *defRespCert;
     SECItem *keyHash = NULL;
     SECItem *nameHash = NULL;
     SECOidTag hashAlg;
     PRBool keyHashEQ = PR_FALSE, nameHashEQ = PR_FALSE;
     /*
      * Check first for a trusted responder, which overrides everything else.
      */
     if ((defRespCert = ocsp_CertGetDefaultResponder(handle, certID)) &&
         CERT_CompareCerts(defRespCert, signerCert)) {
         return PR_TRUE;
     }
     /*
      * In the other two cases, we need to do an issuer comparison.
      * How we do it depends on whether the signer certificate has the
      * special extension (for a designated responder) or not.
      *
      * First, lets check if signer of the response is the actual issuer
      * of the cert. For that we will use signer cert key hash and cert subj
      * name hash and will compare them with already calculated issuer key
      * hash and issuer name hash. The hash algorithm is picked from response
      * certID hash to avoid second hash calculation.
      */
     hashAlg = SECOID_FindOIDTag(&certID->hashAlgorithm.algorithm);
     keyHash = CERT_GetSubjectPublicKeyDigest(NULL, signerCert, hashAlg, NULL);
     if (keyHash != NULL) {
         keyHashEQ =
             (SECITEM_CompareItem(keyHash,
                                  &certID->issuerKeyHash) == SECEqual);
         SECITEM_FreeItem(keyHash, PR_TRUE);
     }
     if (keyHashEQ &&
         (nameHash = CERT_GetSubjectNameDigest(NULL, signerCert,
                                               hashAlg, NULL))) {
         nameHashEQ =
             (SECITEM_CompareItem(nameHash,
                                  &certID->issuerNameHash) == SECEqual);
         SECITEM_FreeItem(nameHash, PR_TRUE);
         if (nameHashEQ) {
             /* The issuer of the cert is the the signer of the response */
             return PR_TRUE;
         }
     }
     keyHashEQ = PR_FALSE;
     nameHashEQ = PR_FALSE;
     if (!ocsp_CertIsOCSPDesignatedResponder(signerCert)) {
         PORT_SetError(SEC_ERROR_OCSP_UNAUTHORIZED_RESPONSE);
         return PR_FALSE;
     }
     /*
      * The signer is a designated responder.  Its issuer must match
      * the issuer of the cert being checked.
      */
     issuerCert = CERT_FindCertIssuer(signerCert, thisUpdate,
                                      certUsageAnyCA);
     if (issuerCert == NULL) {
         /*
          * We could leave the SEC_ERROR_UNKNOWN_ISSUER error alone,
          * but the following will give slightly more information.
          * Once we have an error stack, things will be much better.
          */
         PORT_SetError(SEC_ERROR_OCSP_UNAUTHORIZED_RESPONSE);
         return PR_FALSE;
     }
     keyHash = CERT_GetSubjectPublicKeyDigest(NULL, issuerCert, hashAlg, NULL);
     nameHash = CERT_GetSubjectNameDigest(NULL, issuerCert, hashAlg, NULL);
     CERT_DestroyCertificate(issuerCert);
     if (keyHash != NULL && nameHash != NULL) {
         keyHashEQ =
             (SECITEM_CompareItem(keyHash,
                                  &certID->issuerKeyHash) == SECEqual);
         nameHashEQ =
             (SECITEM_CompareItem(nameHash,
                                  &certID->issuerNameHash) == SECEqual);
     }
     if (keyHash) {
         SECITEM_FreeItem(keyHash, PR_TRUE);
     }
     if (nameHash) {
         SECITEM_FreeItem(nameHash, PR_TRUE);
     }
     if (keyHashEQ && nameHashEQ) {
         return PR_TRUE;
     }
     PORT_SetError(SEC_ERROR_OCSP_UNAUTHORIZED_RESPONSE);
     return PR_FALSE;
 }
 /*
  * We need to check that a responder gives us "recent" information.
  * Since a responder can pre-package responses, we need to pick an amount
  * of time that is acceptable to us, and reject any response that is
  * older than that.
  *
  * XXX This *should* be based on some configuration parameter, so that
  * different usages could specify exactly what constitutes "sufficiently
  * recent".  But that is not going to happen right away.  For now, we
  * want something from within the last 24 hours.  This macro defines that
  * number in seconds.
  */
 #define OCSP_ALLOWABLE_LAPSE_SECONDS	(24L * 60L * 60L)
 static PRBool
 ocsp_TimeIsRecent(PRTime checkTime)
 {
     PRTime now = PR_Now();
     PRTime lapse, tmp;
     LL_I2L(lapse, OCSP_ALLOWABLE_LAPSE_SECONDS);
     LL_I2L(tmp, PR_USEC_PER_SEC);
     LL_MUL(lapse, lapse, tmp);		/* allowable lapse in microseconds */
     LL_ADD(checkTime, checkTime, lapse);
     if (LL_CMP(now, >, checkTime))
 	return PR_FALSE;
     return PR_TRUE;
 }
 #define OCSP_SLOP (5L*60L) /* OCSP responses are allowed to be 5 minutes
                               in the future by default */
 static PRUint32 ocspsloptime = OCSP_SLOP;	/* seconds */
 /*
  * If an old response contains the revoked certificate status, we want
  * to return SECSuccess so the response will be used.
  */
 static SECStatus
 ocsp_HandleOldSingleResponse(CERTOCSPSingleResponse *single, PRTime time)
 {
     SECStatus rv;
     ocspCertStatus *status = single->certStatus;
     if (status->certStatusType == ocspCertStatus_revoked) {
         rv = ocsp_CertRevokedAfter(status->certStatusInfo.revokedInfo, time);
         if (rv != SECSuccess &&
             PORT_GetError() == SEC_ERROR_REVOKED_CERTIFICATE) {
             /*
              * Return SECSuccess now.  The subsequent ocsp_CertRevokedAfter
              * call in ocsp_CertHasGoodStatus will cause
              * ocsp_CertHasGoodStatus to fail with
              * SEC_ERROR_REVOKED_CERTIFICATE.
              */
             return SECSuccess;
         }
     }
     PORT_SetError(SEC_ERROR_OCSP_OLD_RESPONSE);
     return SECFailure;
 }
 /*
  * Check that this single response is okay.  A return of SECSuccess means:
  *   1. The signer (represented by "signerCert") is authorized to give status
  *	for the cert represented by the individual response in "single".
  *   2. The value of thisUpdate is earlier than now.
  *   3. The value of producedAt is later than or the same as thisUpdate.
  *   4. If nextUpdate is given:
  *	- The value of nextUpdate is later than now.
  *	- The value of producedAt is earlier than nextUpdate.
  *	Else if no nextUpdate:
  *	- The value of thisUpdate is fairly recent.
  *	- The value of producedAt is fairly recent.
  *	However we do not need to perform an explicit check for this last
  *	constraint because it is already guaranteed by checking that
  *	producedAt is later than thisUpdate and thisUpdate is recent.
  * Oh, and any responder is "authorized" to say that a cert is unknown to it.
  *
  * If any of those checks fail, SECFailure is returned and an error is set:
  *	SEC_ERROR_OCSP_FUTURE_RESPONSE
  *	SEC_ERROR_OCSP_OLD_RESPONSE
  *	SEC_ERROR_OCSP_UNAUTHORIZED_RESPONSE
  * Other errors are low-level problems (no memory, bad database, etc.).
  */
 static SECStatus
 ocsp_VerifySingleResponse(CERTOCSPSingleResponse *single,
 			  CERTCertDBHandle *handle,
 			  CERTCertificate *signerCert,
 			  PRTime producedAt)
 {
     CERTOCSPCertID *certID = single->certID;
     PRTime now, thisUpdate, nextUpdate, tmstamp, tmp;
     SECStatus rv;
     OCSP_TRACE(("OCSP ocsp_VerifySingleResponse, nextUpdate: %d\n",
                ((single->nextUpdate) != 0)));
     /*
      * If all the responder said was that the given cert was unknown to it,
      * that is a valid response.  Not very interesting to us, of course,
      * but all this function is concerned with is validity of the response,
      * not the status of the cert.
      */
     PORT_Assert(single->certStatus != NULL);
     if (single->certStatus->certStatusType == ocspCertStatus_unknown)
 	return SECSuccess;
     /*
      * We need to extract "thisUpdate" for use below and to pass along
      * to AuthorizedResponderForCertID in case it needs it for doing an
      * issuer look-up.
      */
     rv = DER_GeneralizedTimeToTime(&thisUpdate, &single->thisUpdate);
     if (rv != SECSuccess)
 	return rv;
     /*
      * First confirm that signerCert is authorized to give this status.
      */
     if (ocsp_AuthorizedResponderForCertID(handle, signerCert, certID,
 					  thisUpdate) != PR_TRUE)
 	return SECFailure;
     /*
      * Now check the time stuff, as described above.
      */
     now = PR_Now();
     /* allow slop time for future response */
     LL_UI2L(tmstamp, ocspsloptime); /* get slop time in seconds */
     LL_UI2L(tmp, PR_USEC_PER_SEC);
     LL_MUL(tmp, tmstamp, tmp); /* convert the slop time to PRTime */
     LL_ADD(tmstamp, tmp, now); /* add current time to it */
     if (LL_CMP(thisUpdate, >, tmstamp) || LL_CMP(producedAt, <, thisUpdate)) {
 	PORT_SetError(SEC_ERROR_OCSP_FUTURE_RESPONSE);
 	return SECFailure;
     }
     if (single->nextUpdate != NULL) {
 	rv = DER_GeneralizedTimeToTime(&nextUpdate, single->nextUpdate);
 	if (rv != SECSuccess)
 	    return rv;
 	LL_ADD(tmp, tmp, nextUpdate);
 	if (LL_CMP(tmp, <, now) || LL_CMP(producedAt, >, nextUpdate))
 	    return ocsp_HandleOldSingleResponse(single, now);
     } else if (ocsp_TimeIsRecent(thisUpdate) != PR_TRUE) {
 	return ocsp_HandleOldSingleResponse(single, now);
     }
     return SECSuccess;
 }
 /*
  * FUNCTION: CERT_GetOCSPAuthorityInfoAccessLocation
  *   Get the value of the URI of the OCSP responder for the given cert.
  *   This is found in the (optional) Authority Information Access extension
  *   in the cert.
  * INPUTS:
  *   CERTCertificate *cert
  *     The certificate being examined.
  * RETURN:
  *   char *
  *     A copy of the URI for the OCSP method, if found.  If either the
  *     extension is not present or it does not contain an entry for OCSP,
  *     SEC_ERROR_CERT_BAD_ACCESS_LOCATION will be set and a NULL returned.
  *     Any other error will also result in a NULL being returned.
  *
  *     This result should be freed (via PORT_Free) when no longer in use.
  */
 char *
 CERT_GetOCSPAuthorityInfoAccessLocation(const CERTCertificate *cert)
 {
     CERTGeneralName *locname = NULL;
     SECItem *location = NULL;
     SECItem *encodedAuthInfoAccess = NULL;
     CERTAuthInfoAccess **authInfoAccess = NULL;
     char *locURI = NULL;
     PLArenaPool *arena = NULL;
     SECStatus rv;
     int i;
     /*
      * Allocate this one from the heap because it will get filled in
      * by CERT_FindCertExtension which will also allocate from the heap,
      * and we can free the entire thing on our way out.
      */
     encodedAuthInfoAccess = SECITEM_AllocItem(NULL, NULL, 0);
     if (encodedAuthInfoAccess == NULL)
 	goto loser;
     rv = CERT_FindCertExtension(cert, SEC_OID_X509_AUTH_INFO_ACCESS,
 				encodedAuthInfoAccess);
     if (rv == SECFailure) {
 	PORT_SetError(SEC_ERROR_CERT_BAD_ACCESS_LOCATION);
 	goto loser;
     }
     /*
      * The rest of the things allocated in the routine will come out of
      * this arena, which is temporary just for us to decode and get at the
      * AIA extension.  The whole thing will be destroyed on our way out,
      * after we have copied the location string (url) itself (if found).
      */
     arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
     if (arena == NULL)
 	goto loser;
     authInfoAccess = CERT_DecodeAuthInfoAccessExtension(arena,
 							encodedAuthInfoAccess);
     if (authInfoAccess == NULL)
 	goto loser;
     for (i = 0; authInfoAccess[i] != NULL; i++) {
 	if (SECOID_FindOIDTag(&authInfoAccess[i]->method) == SEC_OID_PKIX_OCSP)
 	    locname = authInfoAccess[i]->location;
     }
     /*
      * If we found an AIA extension, but it did not include an OCSP method,
      * that should look to our caller as if we did not find the extension
      * at all, because it is only an OCSP method that we care about.
      * So set the same error that would be set if the AIA extension was
      * not there at all.
      */
     if (locname == NULL) {
 	PORT_SetError(SEC_ERROR_CERT_BAD_ACCESS_LOCATION);
 	goto loser;
     }
     /*
      * The following is just a pointer back into locname (i.e. not a copy);
      * thus it should not be freed.
      */
     location = CERT_GetGeneralNameByType(locname, certURI, PR_FALSE);
     if (location == NULL) {
 	/*
 	 * XXX Appears that CERT_GetGeneralNameByType does not set an
 	 * error if there is no name by that type.  For lack of anything
 	 * better, act as if the extension was not found.  In the future
 	 * this should probably be something more like the extension was
 	 * badly formed.
 	 */
 	PORT_SetError(SEC_ERROR_CERT_BAD_ACCESS_LOCATION);
 	goto loser;
     }
     /*
      * That location is really a string, but it has a specified length
      * without a null-terminator.  We need a real string that does have
      * a null-terminator, and we need a copy of it anyway to return to
      * our caller -- so allocate and copy.
      */
     locURI = PORT_Alloc(location->len + 1);
     if (locURI == NULL) {
 	goto loser;
     }
     PORT_Memcpy(locURI, location->data, location->len);
     locURI[location->len] = '\0';
 loser:
     if (arena != NULL)
 	PORT_FreeArena(arena, PR_FALSE);
     if (encodedAuthInfoAccess != NULL)
 	SECITEM_FreeItem(encodedAuthInfoAccess, PR_TRUE);
     return locURI;
 }
 /*
  * Figure out where we should go to find out the status of the given cert
  * via OCSP.  If allowed to use a default responder uri and a default
  * responder is set up, then that is our answer.
  * If not, see if the certificate has an Authority Information Access (AIA)
  * extension for OCSP, and return the value of that.  Otherwise return NULL.
  * We also let our caller know whether or not the responder chosen was
  * a default responder or not through the output variable isDefault;
  * its value has no meaning unless a good (non-null) value is returned
  * for the location.
  *
  * The result needs to be freed (PORT_Free) when no longer in use.
  */
 char *
 ocsp_GetResponderLocation(CERTCertDBHandle *handle, CERTCertificate *cert,
 			  PRBool canUseDefault, PRBool *isDefault)
 {
     ocspCheckingContext *ocspcx = NULL;
     char *ocspUrl = NULL;
     if (canUseDefault) {
         ocspcx = ocsp_GetCheckingContext(handle);
     }
     if (ocspcx != NULL && ocspcx->useDefaultResponder) {
 	/*
 	 * A default responder wins out, if specified.
 	 * XXX Someday this may be a more complicated determination based
 	 * on the cert's issuer.  (That is, we could have different default
 	 * responders configured for different issuers.)
 	 */
 	PORT_Assert(ocspcx->defaultResponderURI != NULL);
 	*isDefault = PR_TRUE;
 	return (PORT_Strdup(ocspcx->defaultResponderURI));
     }
     /*
      * No default responder set up, so go see if we can find an AIA
      * extension that has a value for OCSP, and get the url from that.
      */
     *isDefault = PR_FALSE;
     ocspUrl = CERT_GetOCSPAuthorityInfoAccessLocation(cert);
     if (!ocspUrl) {
 	CERT_StringFromCertFcn altFcn;
 	PR_EnterMonitor(OCSP_Global.monitor);
 	altFcn = OCSP_Global.alternateOCSPAIAFcn;
 	PR_ExitMonitor(OCSP_Global.monitor);
 	if (altFcn) {
 	    ocspUrl = (*altFcn)(cert);
 	    if (ocspUrl)
 		*isDefault = PR_TRUE;
     	}
     }
     return ocspUrl;
 }
 /*
  * Return SECSuccess if the cert was revoked *after* "time",
  * SECFailure otherwise.
  */
 static SECStatus
 ocsp_CertRevokedAfter(ocspRevokedInfo *revokedInfo, PRTime time)
 {
     PRTime revokedTime;
     SECStatus rv;
     rv = DER_GeneralizedTimeToTime(&revokedTime, &revokedInfo->revocationTime);
     if (rv != SECSuccess)
 	return rv;
     /*
      * Set the error even if we will return success; someone might care.
      */
     PORT_SetError(SEC_ERROR_REVOKED_CERTIFICATE);
     if (LL_CMP(revokedTime, >, time))
 	return SECSuccess;
     return SECFailure;
 }
 /*
  * See if the cert represented in the single response had a good status
  * at the specified time.
  */
 SECStatus
 ocsp_CertHasGoodStatus(ocspCertStatus *status, PRTime time)
 {
     SECStatus rv;
     switch (status->certStatusType) {
     case ocspCertStatus_good:
         rv = SECSuccess;
         break;
     case ocspCertStatus_revoked:
         rv = ocsp_CertRevokedAfter(status->certStatusInfo.revokedInfo, time);
         break;
     case ocspCertStatus_unknown:
         PORT_SetError(SEC_ERROR_OCSP_UNKNOWN_CERT);
         rv = SECFailure;
         break;
     case ocspCertStatus_other:
     default:
         PORT_Assert(0);
         PORT_SetError(SEC_ERROR_OCSP_MALFORMED_RESPONSE);
         rv = SECFailure;
         break;
     }
     return rv;
 }
 static SECStatus
 ocsp_SingleResponseCertHasGoodStatus(CERTOCSPSingleResponse *single,
                                      PRTime time)
 {
     return ocsp_CertHasGoodStatus(single->certStatus, time);
 }
 /* SECFailure means the arguments were invalid.
  * On SECSuccess, the out parameters contain the OCSP status.
  * rvOcsp contains the overall result of the OCSP operation.
  * Depending on input parameter ignoreGlobalOcspFailureSetting,
  * a soft failure might be converted into *rvOcsp=SECSuccess.
  * If the cached attempt to obtain OCSP information had resulted
  * in a failure, missingResponseError shows the error code of
  * that failure.
  * cacheFreshness is ocspMissing if no entry was found,
  *                   ocspFresh if a fresh entry was found, or
  *                   ocspStale if a stale entry was found.
  */
 SECStatus
 ocsp_GetCachedOCSPResponseStatus(CERTOCSPCertID *certID,
                                  PRTime time,
                                  PRBool ignoreGlobalOcspFailureSetting,
                                  SECStatus *rvOcsp,
                                  SECErrorCodes *missingResponseError,
                                  OCSPFreshness *cacheFreshness)
 {
     OCSPCacheItem *cacheItem = NULL;
     if (!certID || !missingResponseError || !rvOcsp || !cacheFreshness) {
         PORT_SetError(SEC_ERROR_INVALID_ARGS);
         return SECFailure;
     }
     *rvOcsp = SECFailure;
     *missingResponseError = 0;
     *cacheFreshness = ocspMissing;
     PR_EnterMonitor(OCSP_Global.monitor);
     cacheItem = ocsp_FindCacheEntry(&OCSP_Global.cache, certID);
     if (cacheItem) {
         *cacheFreshness = ocsp_IsCacheItemFresh(cacheItem) ? ocspFresh
                                                            : ocspStale;
         /* having an arena means, we have a cached certStatus */
         if (cacheItem->certStatusArena) {
             *rvOcsp = ocsp_CertHasGoodStatus(&cacheItem->certStatus, time);
             if (*rvOcsp != SECSuccess) {
                 *missingResponseError = PORT_GetError();
             }
         } else {
             /*
              * No status cached, the previous attempt failed.
              * If OCSP is required, we never decide based on a failed attempt
              * However, if OCSP is optional, a recent OCSP failure is
              * an allowed good state.
              */
             if (*cacheFreshness == ocspFresh &&
                 !ignoreGlobalOcspFailureSetting &&
                 OCSP_Global.ocspFailureMode ==
                     ocspMode_FailureIsNotAVerificationFailure) {
                 *rvOcsp = SECSuccess;
             }
             *missingResponseError = cacheItem->missingResponseError;
         }
     }
     PR_ExitMonitor(OCSP_Global.monitor);
     return SECSuccess;
 }
 PRBool
 ocsp_FetchingFailureIsVerificationFailure(void)
 {
     PRBool isFailure;
     PR_EnterMonitor(OCSP_Global.monitor);
     isFailure =
         OCSP_Global.ocspFailureMode == ocspMode_FailureIsVerificationFailure;
     PR_ExitMonitor(OCSP_Global.monitor);
     return isFailure;
 }
 /*
  * FUNCTION: CERT_CheckOCSPStatus
  *   Checks the status of a certificate via OCSP.  Will only check status for
  *   a certificate that has an AIA (Authority Information Access) extension
  *   for OCSP *or* when a "default responder" is specified and enabled.
  *   (If no AIA extension for OCSP and no default responder in place, the
  *   cert is considered to have a good status and SECSuccess is returned.)
  * INPUTS:
  *   CERTCertDBHandle *handle
  *     certificate DB of the cert that is being checked
  *   CERTCertificate *cert
  *     the certificate being checked
  *   XXX in the long term also need a boolean parameter that specifies
  *	whether to check the cert chain, as well; for now we check only
  *	the leaf (the specified certificate)
  *   PRTime time
  *     time for which status is to be determined
  *   void *pwArg
  *     argument for password prompting, if needed
  * RETURN:
  *   Returns SECSuccess if an approved OCSP responder "knows" the cert
  *   *and* returns a non-revoked status for it; SECFailure otherwise,
  *   with an error set describing the reason:
  *
  *	SEC_ERROR_OCSP_BAD_HTTP_RESPONSE
  *	SEC_ERROR_OCSP_FUTURE_RESPONSE
  *	SEC_ERROR_OCSP_MALFORMED_REQUEST
  *	SEC_ERROR_OCSP_MALFORMED_RESPONSE
  *	SEC_ERROR_OCSP_OLD_RESPONSE
  *	SEC_ERROR_OCSP_REQUEST_NEEDS_SIG
  *	SEC_ERROR_OCSP_SERVER_ERROR
  *	SEC_ERROR_OCSP_TRY_SERVER_LATER
  *	SEC_ERROR_OCSP_UNAUTHORIZED_REQUEST
  *	SEC_ERROR_OCSP_UNAUTHORIZED_RESPONSE
  *	SEC_ERROR_OCSP_UNKNOWN_CERT
  *	SEC_ERROR_OCSP_UNKNOWN_RESPONSE_STATUS
  *	SEC_ERROR_OCSP_UNKNOWN_RESPONSE_TYPE
  *
  *	SEC_ERROR_BAD_SIGNATURE
  *	SEC_ERROR_CERT_BAD_ACCESS_LOCATION
  *	SEC_ERROR_INVALID_TIME
  *	SEC_ERROR_REVOKED_CERTIFICATE
  *	SEC_ERROR_UNKNOWN_ISSUER
  *	SEC_ERROR_UNKNOWN_SIGNER
  *
  *   Other errors are any of the many possible failures in cert verification
  *   (e.g. SEC_ERROR_REVOKED_CERTIFICATE, SEC_ERROR_UNTRUSTED_ISSUER) when
  *   verifying the signer's cert, or low-level problems (error allocating
  *   memory, error performing ASN.1 decoding, etc.).
  */
 SECStatus
 CERT_CheckOCSPStatus(CERTCertDBHandle *handle, CERTCertificate *cert,
 		     PRTime time, void *pwArg)
 {
     CERTOCSPCertID *certID;
     PRBool certIDWasConsumed = PR_FALSE;
     SECStatus rv;
     SECStatus rvOcsp;
     SECErrorCodes cachedErrorCode;
     OCSPFreshness cachedResponseFreshness;
     OCSP_TRACE_CERT(cert);
     OCSP_TRACE_TIME("## requested validity time:", time);
     certID = CERT_CreateOCSPCertID(cert, time);
     if (!certID)
         return SECFailure;
     rv = ocsp_GetCachedOCSPResponseStatus(
         certID, time, PR_FALSE, /* ignoreGlobalOcspFailureSetting */
         &rvOcsp, &cachedErrorCode, &cachedResponseFreshness);
     if (rv != SECSuccess) {
         CERT_DestroyOCSPCertID(certID);
         return SECFailure;
     }
     if (cachedResponseFreshness == ocspFresh) {
         CERT_DestroyOCSPCertID(certID);
         if (rvOcsp != SECSuccess) {
             PORT_SetError(cachedErrorCode);
         }
         return rvOcsp;
     }
     rv = ocsp_GetOCSPStatusFromNetwork(handle, certID, cert, time, pwArg,
                                        &certIDWasConsumed,
                                        &rvOcsp);
     if (rv != SECSuccess) {
         PRErrorCode err = PORT_GetError();
         if (ocsp_FetchingFailureIsVerificationFailure()) {
             PORT_SetError(err);
             rvOcsp = SECFailure;
         } else if (cachedResponseFreshness == ocspStale &&
                    (cachedErrorCode == SEC_ERROR_OCSP_UNKNOWN_CERT ||
                     cachedErrorCode == SEC_ERROR_REVOKED_CERTIFICATE)) {
             /* If we couldn't get a response for a certificate that the OCSP
              * responder previously told us was bad, then assume it is still
              * bad until we hear otherwise, as it is very unlikely that the
              * certificate status has changed from "revoked" to "good" and it
              * is also unlikely that the certificate status has changed from
              * "unknown" to "good", except for some buggy OCSP responders.
              */
             PORT_SetError(cachedErrorCode);
             rvOcsp = SECFailure;
         } else {
             rvOcsp = SECSuccess;
         }
     }
     if (!certIDWasConsumed) {
         CERT_DestroyOCSPCertID(certID);
     }
     return rvOcsp;
 }
 /*
  * FUNCTION: CERT_CacheOCSPResponseFromSideChannel
  *   First, this function checks the OCSP cache to see if a good response
  *   for the given certificate already exists. If it does, then the function
  *   returns successfully.
  *
  *   If not, then it validates that the given OCSP response is a valid,
  *   good response for the given certificate and inserts it into the
  *   cache.
  *
  *   This function is intended for use when OCSP responses are provided via a
  *   side-channel, i.e. TLS OCSP stapling (a.k.a. the status_request extension).
  *
  * INPUTS:
  *   CERTCertDBHandle *handle
  *     certificate DB of the cert that is being checked
  *   CERTCertificate *cert
  *     the certificate being checked
  *   PRTime time
  *     time for which status is to be determined
  *   SECItem *encodedResponse
  *     the DER encoded bytes of the OCSP response
  *   void *pwArg
  *     argument for password prompting, if needed
  * RETURN:
  *   SECSuccess if the cert was found in the cache, or if the OCSP response was
  *   found to be valid and inserted into the cache. SECFailure otherwise.
  */
 SECStatus
 CERT_CacheOCSPResponseFromSideChannel(CERTCertDBHandle *handle,
 				      CERTCertificate *cert,
 				      PRTime time,
 				      const SECItem *encodedResponse,
 				      void *pwArg)
 {
     CERTOCSPCertID *certID = NULL;
     PRBool certIDWasConsumed = PR_FALSE;
     SECStatus rv = SECFailure;
     SECStatus rvOcsp = SECFailure;
     SECErrorCodes dummy_error_code; /* we ignore this */
     CERTOCSPResponse *decodedResponse = NULL;
     CERTOCSPSingleResponse *singleResponse = NULL;
     OCSPFreshness freshness;
     /* The OCSP cache can be in three states regarding this certificate:
      *    + Good (cached, timely, 'good' response, or revoked in the future)
      *    + Revoked (cached, timely, but doesn't fit in the last category)
      *    + Miss (no knowledge)
      *
      * Likewise, the side-channel information can be
      *    + Good (timely, 'good' response, or revoked in the future)
      *    + Revoked (timely, but doesn't fit in the last category)
      *    + Invalid (bad syntax, bad signature, not timely etc)
      *
      * The common case is that the cache result is Good and so is the
      * side-channel information. We want to save processing time in this case
      * so we say that any time we see a Good result from the cache we return
      * early.
      *
      *                       Cache result
      *      | Good             Revoked               Miss
      *   ---+--------------------------------------------
      *    G |  noop           Cache more           Cache it
      * S    |                 recent result
      * i    |
      * d    |
      * e    |
      *    R |  noop           Cache more           Cache it
      * C    |                 recent result
      * h    |
      * a    |
      * n    |
      * n  I |  noop           Noop                  Noop
      * e    |
      * l    |
      *
      * When we fetch from the network we might choose to cache a negative
      * result when the response is invalid. This saves us hammering, uselessly,
      * at a broken responder. However, side channels are commonly attacker
      * controlled and so we must not cache a negative result for an Invalid
      * side channel.
      */
     if (!cert || !encodedResponse) {
         PORT_SetError(SEC_ERROR_INVALID_ARGS);
         return SECFailure;
     }
     certID = CERT_CreateOCSPCertID(cert, time);
     if (!certID)
         return SECFailure;
     /* We pass PR_TRUE for ignoreGlobalOcspFailureSetting so that a cached
      * error entry is not interpreted as being a 'Good' entry here.
      */
     rv = ocsp_GetCachedOCSPResponseStatus(
         certID, time, PR_TRUE, /* ignoreGlobalOcspFailureSetting */
         &rvOcsp, &dummy_error_code, &freshness);
     if (rv == SECSuccess && rvOcsp == SECSuccess && freshness == ocspFresh) {
         /* The cached value is good. We don't want to waste time validating
          * this OCSP response. This is the first column in the table above. */
         CERT_DestroyOCSPCertID(certID);
         return rv;
     }
     /* The logic for caching the more recent response is handled in
      * ocsp_CacheSingleResponse. */
     rv = ocsp_GetDecodedVerifiedSingleResponseForID(handle, certID, cert,
 						    time, pwArg,
 						    encodedResponse,
 						    &decodedResponse,
 						    &singleResponse);
     if (rv == SECSuccess) {
 	rvOcsp = ocsp_SingleResponseCertHasGoodStatus(singleResponse, time);
 	/* Cache any valid singleResponse, regardless of status. */
 	ocsp_CacheSingleResponse(certID, singleResponse, &certIDWasConsumed);
     }
     if (decodedResponse) {
 	CERT_DestroyOCSPResponse(decodedResponse);
     }
     if (!certIDWasConsumed) {
         CERT_DestroyOCSPCertID(certID);
     }
     return rv == SECSuccess ? rvOcsp : rv;
 }
 /*
  * Status in *certIDWasConsumed will always be correct, regardless of
  * return value.
  */
 static SECStatus
 ocsp_GetOCSPStatusFromNetwork(CERTCertDBHandle *handle,
                               CERTOCSPCertID *certID,
                               CERTCertificate *cert,
                               PRTime time,
                               void *pwArg,
                               PRBool *certIDWasConsumed,
                               SECStatus *rv_ocsp)
 {
     char *location = NULL;
     PRBool locationIsDefault;
     SECItem *encodedResponse = NULL;
     CERTOCSPRequest *request = NULL;
     SECStatus rv = SECFailure;
     CERTOCSPResponse *decodedResponse = NULL;
     CERTOCSPSingleResponse *singleResponse = NULL;
     enum { stageGET, stagePOST } currentStage;
     PRBool retry = PR_FALSE;
     if (!certIDWasConsumed || !rv_ocsp) {
         PORT_SetError(SEC_ERROR_INVALID_ARGS);
         return SECFailure;
     }
     *certIDWasConsumed = PR_FALSE;
     *rv_ocsp = SECFailure;
     if (!OCSP_Global.monitor) {
         PORT_SetError(SEC_ERROR_NOT_INITIALIZED);
         return SECFailure;
     }
     PR_EnterMonitor(OCSP_Global.monitor);
     if (OCSP_Global.forcePost) {
         currentStage = stagePOST;
     } else {
         currentStage = stageGET;
     }
     PR_ExitMonitor(OCSP_Global.monitor);
     /*
      * The first thing we need to do is find the location of the responder.
      * This will be the value of the default responder (if enabled), else
      * it will come out of the AIA extension in the cert (if present).
      * If we have no such location, then this cert does not "deserve" to
      * be checked -- that is, we consider it a success and just return.
      * The way we tell that is by looking at the error number to see if
      * the problem was no AIA extension was found; any other error was
      * a true failure that we unfortunately have to treat as an overall
      * failure here.
      */
     location = ocsp_GetResponderLocation(handle, cert, PR_TRUE,
                                          &locationIsDefault);
     if (location == NULL) {
        int err = PORT_GetError();
        if (err == SEC_ERROR_EXTENSION_NOT_FOUND ||
            err == SEC_ERROR_CERT_BAD_ACCESS_LOCATION) {
            PORT_SetError(0);
            *rv_ocsp = SECSuccess;
            return SECSuccess;
        }
        return SECFailure;
     }
     /*
      * XXX In the fullness of time, we will want/need to handle a
      * certificate chain.  This will be done either when a new parameter
      * tells us to, or some configuration variable tells us to.  In any
      * case, handling it is complicated because we may need to send as
      * many requests (and receive as many responses) as we have certs
      * in the chain.  If we are going to talk to a default responder,
      * and we only support one default responder, we can put all of the
      * certs together into one request.  Otherwise, we must break them up
      * into multiple requests.  (Even if all of the requests will go to
      * the same location, the signature on each response will be different,
      * because each issuer is different.  Carefully read the OCSP spec
      * if you do not understand this.)
      */
     /*
      * XXX If/when signing of requests is supported, that second NULL
      * should be changed to be the signer certificate.  Not sure if that
      * should be passed into this function or retrieved via some operation
      * on the handle/context.
      */
     do {
 	const char *method;
 	PRBool validResponseWithAccurateInfo = PR_FALSE;
 	retry = PR_FALSE;
 	*rv_ocsp = SECFailure;
 	if (currentStage == stageGET) {
 	    method = "GET";
 	} else {
 	    PORT_Assert(currentStage == stagePOST);
 	    method = "POST";
 	}
 	encodedResponse =
 	    ocsp_GetEncodedOCSPResponseForSingleCert(NULL, certID, cert,
 						     location, method,
 						     time, locationIsDefault,
 						     pwArg, &request);
 	if (encodedResponse) {
 	    rv = ocsp_GetDecodedVerifiedSingleResponseForID(handle, certID, cert,
 							    time, pwArg,
 							    encodedResponse,
 							    &decodedResponse,
 							    &singleResponse);
 	    if (rv == SECSuccess) {
 		switch (singleResponse->certStatus->certStatusType) {
 		    case ocspCertStatus_good:
 		    case ocspCertStatus_revoked:
 			validResponseWithAccurateInfo = PR_TRUE;
 			break;
 		    default:
 			break;
 		}
 		*rv_ocsp = ocsp_SingleResponseCertHasGoodStatus(singleResponse, time);
 	    }
 	}
 	if (currentStage == stageGET) {
 	    /* only accept GET response if good or revoked */
 	    if (validResponseWithAccurateInfo) {
 		ocsp_CacheSingleResponse(certID, singleResponse,
 					 certIDWasConsumed);
 	    } else {
 		retry = PR_TRUE;
 		currentStage = stagePOST;
 	    }
 	} else {
 	    /* cache the POST respone, regardless of status */
 	    if (!singleResponse) {
 		cert_RememberOCSPProcessingFailure(certID, certIDWasConsumed);
 	    } else {
 		ocsp_CacheSingleResponse(certID, singleResponse,
 					 certIDWasConsumed);
 	    }
 	}
 	if (encodedResponse) {
 	    SECITEM_FreeItem(encodedResponse, PR_TRUE);
 	    encodedResponse = NULL;
 	}
 	if (request) {
 	    CERT_DestroyOCSPRequest(request);
 	    request = NULL;
 	}
 	if (decodedResponse) {
 	    CERT_DestroyOCSPResponse(decodedResponse);
 	    decodedResponse = NULL;
 	}
 	singleResponse = NULL;
     } while (retry);
     PORT_Free(location);
     return rv;
 }
 /*
  * FUNCTION: ocsp_GetDecodedVerifiedSingleResponseForID
  *   This function decodes an OCSP response and checks for a valid response
  *   concerning the given certificate.
  *
  *   Note: a 'valid' response is one that parses successfully, is not an OCSP
  *   exception (see RFC 2560 Section 2.3), is correctly signed and is current.
  *   A 'good' response is a valid response that attests that the certificate
  *   is not currently revoked (see RFC 2560 Section 2.2).
  *
  * INPUTS:
  *   CERTCertDBHandle *handle
  *     certificate DB of the cert that is being checked
  *   CERTOCSPCertID *certID
  *     the cert ID corresponding to |cert|
  *   CERTCertificate *cert
  *     the certificate being checked
  *   PRTime time
  *     time for which status is to be determined
  *   void *pwArg
  *     the opaque argument to the password prompting function.
  *   SECItem *encodedResponse
  *     the DER encoded bytes of the OCSP response
  *   CERTOCSPResponse **pDecodedResponse
  *     (output) The caller must ALWAYS check for this output parameter,
  *     and if it's non-null, must destroy it using CERT_DestroyOCSPResponse.
  *   CERTOCSPSingleResponse **pSingle
  *     (output) on success, this points to the single response that corresponds
  *     to the certID parameter. Points to the inside of pDecodedResponse.
  *     It isn't a copy, don't free it.
  * RETURN:
  *   SECSuccess iff the response is valid.
  */
 static SECStatus
 ocsp_GetDecodedVerifiedSingleResponseForID(CERTCertDBHandle *handle,
 					   CERTOCSPCertID *certID,
 					   CERTCertificate *cert,
 					   PRTime time,
 					   void *pwArg,
 					   const SECItem *encodedResponse,
 					   CERTOCSPResponse **pDecodedResponse,
 					   CERTOCSPSingleResponse **pSingle)
 {
     CERTCertificate *signerCert = NULL;
     CERTCertificate *issuerCert = NULL;
     SECStatus rv = SECFailure;
     if (!pSingle || !pDecodedResponse) {
 	return SECFailure;
     }
     *pSingle = NULL;
     *pDecodedResponse = CERT_DecodeOCSPResponse(encodedResponse);
     if (!*pDecodedResponse) {
 	return SECFailure;
     }
     /*
      * Okay, we at least have a response that *looks* like a response!
      * Now see if the overall response status value is good or not.
      * If not, we set an error and give up.  (It means that either the
      * server had a problem, or it didn't like something about our
      * request.  Either way there is nothing to do but give up.)
      * Otherwise, we continue to find the actual per-cert status
      * in the response.
      */
     if (CERT_GetOCSPResponseStatus(*pDecodedResponse) != SECSuccess) {
 	goto loser;
     }
     /*
      * If we've made it this far, we expect a response with a good signature.
      * So, check for that.
      */
     issuerCert = CERT_FindCertIssuer(cert, time, certUsageAnyCA);
     rv = CERT_VerifyOCSPResponseSignature(*pDecodedResponse, handle, pwArg,
                                           &signerCert, issuerCert);
     if (rv != SECSuccess) {
 	goto loser;
     }
     PORT_Assert(signerCert != NULL);	/* internal consistency check */
     /* XXX probably should set error, return failure if signerCert is null */
     /*
      * Again, we are only doing one request for one cert.
      * XXX When we handle cert chains, the following code will obviously
      * have to be modified, in coordation with the code above that will
      * have to determine how to make multiple requests, etc.
      */
     rv = ocsp_GetVerifiedSingleResponseForCertID(handle, *pDecodedResponse, certID,
                                                  signerCert, time, pSingle);
 loser:
     if (issuerCert != NULL)
 	CERT_DestroyCertificate(issuerCert);
     if (signerCert != NULL)
 	CERT_DestroyCertificate(signerCert);
     return rv;
 }
 /*
  * FUNCTION: ocsp_CacheSingleResponse
  *   This function requires that the caller has checked that the response
  *   is valid and verified.
  *   The (positive or negative) valid response will be used to update the cache.
  * INPUTS:
  *   CERTOCSPCertID *certID
  *     the cert ID corresponding to |cert|
  *   PRBool *certIDWasConsumed
  *     (output) on return, this is true iff |certID| was consumed by this
  *     function.
  */
 void
 ocsp_CacheSingleResponse(CERTOCSPCertID *certID,
 			 CERTOCSPSingleResponse *single,
 			 PRBool *certIDWasConsumed)
 {
     if (single != NULL) {
 	PR_EnterMonitor(OCSP_Global.monitor);
 	if (OCSP_Global.maxCacheEntries >= 0) {
 	    ocsp_CreateOrUpdateCacheEntry(&OCSP_Global.cache, certID, single,
 					  certIDWasConsumed);
 	    /* ignore cache update failures */
 	}
 	PR_ExitMonitor(OCSP_Global.monitor);
     }
 }
 SECStatus
 ocsp_GetVerifiedSingleResponseForCertID(CERTCertDBHandle *handle,
                                         CERTOCSPResponse *response,
                                         CERTOCSPCertID   *certID,
                                         CERTCertificate  *signerCert,
                                         PRTime            time,
                                         CERTOCSPSingleResponse
                                             **pSingleResponse)
 {
     SECStatus rv;
     ocspResponseData *responseData;
     PRTime producedAt;
     CERTOCSPSingleResponse *single;
     /*
      * The ResponseData part is the real guts of the response.
      */
     responseData = ocsp_GetResponseData(response, NULL);
     if (responseData == NULL) {
         rv = SECFailure;
         goto loser;
     }
     /*
      * There is one producedAt time for the entire response (and a separate
      * thisUpdate time for each individual single response).  We need to
      * compare them, so get the overall time to pass into the check of each
      * single response.
      */
     rv = DER_GeneralizedTimeToTime(&producedAt, &responseData->producedAt);
     if (rv != SECSuccess)
         goto loser;
     single = ocsp_GetSingleResponseForCertID(responseData->responses,
                                              handle, certID);
     if (single == NULL) {
         rv = SECFailure;
         goto loser;
     }
     rv = ocsp_VerifySingleResponse(single, handle, signerCert, producedAt);
     if (rv != SECSuccess)
         goto loser;
     *pSingleResponse = single;
 loser:
     return rv;
 }
 SECStatus
 CERT_GetOCSPStatusForCertID(CERTCertDBHandle *handle,
                             CERTOCSPResponse *response,
                             CERTOCSPCertID   *certID,
                             CERTCertificate  *signerCert,
                             PRTime            time)
 {
     /*
      * We do not update the cache, because:
      *
      * CERT_GetOCSPStatusForCertID is an old exported API that was introduced
      * before the OCSP cache got implemented.
      *
      * The implementation of helper function cert_ProcessOCSPResponse
      * requires the ability to transfer ownership of the the given certID to
      * the cache. The external API doesn't allow us to prevent the caller from
      * destroying the certID. We don't have the original certificate available,
      * therefore we are unable to produce another certID object (that could
      * be stored in the cache).
      *
      * Should we ever implement code to produce a deep copy of certID,
      * then this could be changed to allow updating the cache.
      * The duplication would have to be done in
      * cert_ProcessOCSPResponse, if the out parameter to indicate
      * a transfer of ownership is NULL.
      */
     return cert_ProcessOCSPResponse(handle, response, certID,
                                     signerCert, time,
                                     NULL, NULL);
 }
 /*
  * The first 5 parameters match the definition of CERT_GetOCSPStatusForCertID.
  */
 SECStatus
 cert_ProcessOCSPResponse(CERTCertDBHandle *handle,
                          CERTOCSPResponse *response,
                          CERTOCSPCertID   *certID,
                          CERTCertificate  *signerCert,
                          PRTime            time,
                          PRBool           *certIDWasConsumed,
                          SECStatus        *cacheUpdateStatus)
 {
     SECStatus rv;
     SECStatus rv_cache = SECSuccess;
     CERTOCSPSingleResponse *single = NULL;
     rv = ocsp_GetVerifiedSingleResponseForCertID(handle, response, certID,
                                                  signerCert, time, &single);
     if (rv == SECSuccess) {
         /*
          * Check whether the status says revoked, and if so
          * how that compares to the time value passed into this routine.
          */
         rv = ocsp_SingleResponseCertHasGoodStatus(single, time);
     }
     if (certIDWasConsumed) {
         /*
          * We don't have copy-of-certid implemented. In order to update
          * the cache, the caller must supply an out variable
          * certIDWasConsumed, allowing us to return ownership status.
          */
         PR_EnterMonitor(OCSP_Global.monitor);
         if (OCSP_Global.maxCacheEntries >= 0) {
             /* single == NULL means: remember response failure */
             rv_cache =
                 ocsp_CreateOrUpdateCacheEntry(&OCSP_Global.cache, certID,
                                               single, certIDWasConsumed);
         }
         PR_ExitMonitor(OCSP_Global.monitor);
         if (cacheUpdateStatus) {
             *cacheUpdateStatus = rv_cache;
         }
     }
     return rv;
 }
 SECStatus
 cert_RememberOCSPProcessingFailure(CERTOCSPCertID *certID,
                                    PRBool         *certIDWasConsumed)
 {
     SECStatus rv = SECSuccess;
     PR_EnterMonitor(OCSP_Global.monitor);
     if (OCSP_Global.maxCacheEntries >= 0) {
         rv = ocsp_CreateOrUpdateCacheEntry(&OCSP_Global.cache, certID, NULL,
                                            certIDWasConsumed);
     }
     PR_ExitMonitor(OCSP_Global.monitor);
     return rv;
 }
 /*
  * Disable status checking and destroy related structures/data.
  */
 static SECStatus
 ocsp_DestroyStatusChecking(CERTStatusConfig *statusConfig)
 {
     ocspCheckingContext *statusContext;
     /*
      * Disable OCSP checking
      */
     statusConfig->statusChecker = NULL;
     statusContext = statusConfig->statusContext;
     PORT_Assert(statusContext != NULL);
     if (statusContext == NULL)
 	return SECFailure;
     if (statusContext->defaultResponderURI != NULL)
 	PORT_Free(statusContext->defaultResponderURI);
     if (statusContext->defaultResponderNickname != NULL)
 	PORT_Free(statusContext->defaultResponderNickname);
     PORT_Free(statusContext);
     statusConfig->statusContext = NULL;
     PORT_Free(statusConfig);
     return SECSuccess;
 }
 /*
  * FUNCTION: CERT_DisableOCSPChecking
  *   Turns off OCSP checking for the given certificate database.
  *   This routine disables OCSP checking.  Though it will return
  *   SECFailure if OCSP checking is not enabled, it is "safe" to
  *   call it that way and just ignore the return value, if it is
  *   easier to just call it than to "remember" whether it is enabled.
  * INPUTS:
  *   CERTCertDBHandle *handle
  *     Certificate database for which OCSP checking will be disabled.
  * RETURN:
  *   Returns SECFailure if an error occurred (usually means that OCSP
  *   checking was not enabled or status contexts were not initialized --
  *   error set will be SEC_ERROR_OCSP_NOT_ENABLED); SECSuccess otherwise.
  */
 SECStatus
 CERT_DisableOCSPChecking(CERTCertDBHandle *handle)
 {
     CERTStatusConfig *statusConfig;
     ocspCheckingContext *statusContext;
     if (handle == NULL) {
 	PORT_SetError(SEC_ERROR_INVALID_ARGS);
 	return SECFailure;
     }
     statusConfig = CERT_GetStatusConfig(handle);
     statusContext = ocsp_GetCheckingContext(handle);
     if (statusContext == NULL)
 	return SECFailure;
     if (statusConfig->statusChecker != CERT_CheckOCSPStatus) {
 	/*
 	 * Status configuration is present, but either not currently
 	 * enabled or not for OCSP.
 	 */
 	PORT_SetError(SEC_ERROR_OCSP_NOT_ENABLED);
 	return SECFailure;
     }
     /* cache no longer necessary */
     CERT_ClearOCSPCache();
     /*
      * This is how we disable status checking.  Everything else remains
      * in place in case we are enabled again.
      */
     statusConfig->statusChecker = NULL;
     return SECSuccess;
 }
 /*
  * Allocate and initialize the informational structures for status checking.
  * This is done when some configuration of OCSP is being done or when OCSP
  * checking is being turned on, whichever comes first.
  */
 static SECStatus
 ocsp_InitStatusChecking(CERTCertDBHandle *handle)
 {
     CERTStatusConfig *statusConfig = NULL;
     ocspCheckingContext *statusContext = NULL;
     PORT_Assert(CERT_GetStatusConfig(handle) == NULL);
     if (CERT_GetStatusConfig(handle) != NULL) {
 	/* XXX or call statusConfig->statusDestroy and continue? */
 	return SECFailure;
     }
     statusConfig = PORT_ZNew(CERTStatusConfig);
     if (statusConfig == NULL)
 	goto loser;
     statusContext = PORT_ZNew(ocspCheckingContext);
     if (statusContext == NULL)
 	goto loser;
     statusConfig->statusDestroy = ocsp_DestroyStatusChecking;
     statusConfig->statusContext = statusContext;
     CERT_SetStatusConfig(handle, statusConfig);
     return SECSuccess;
 loser:
     if (statusConfig != NULL)
 	PORT_Free(statusConfig);
     return SECFailure;
 }
 /*
  * FUNCTION: CERT_EnableOCSPChecking
  *   Turns on OCSP checking for the given certificate database.
  * INPUTS:
  *   CERTCertDBHandle *handle
  *     Certificate database for which OCSP checking will be enabled.
  * RETURN:
  *   Returns SECFailure if an error occurred (likely only problem
  *   allocating memory); SECSuccess otherwise.
  */
 SECStatus
 CERT_EnableOCSPChecking(CERTCertDBHandle *handle)
 {
     CERTStatusConfig *statusConfig;
     SECStatus rv;
     if (handle == NULL) {
 	PORT_SetError(SEC_ERROR_INVALID_ARGS);
 	return SECFailure;
     }
     statusConfig = CERT_GetStatusConfig(handle);
     if (statusConfig == NULL) {
 	rv = ocsp_InitStatusChecking(handle);
 	if (rv != SECSuccess)
 	    return rv;
 	/* Get newly established value */
 	statusConfig = CERT_GetStatusConfig(handle);
 	PORT_Assert(statusConfig != NULL);
     }
     /*
      * Setting the checker function is what really enables the checking
      * when each cert verification is done.
      */
     statusConfig->statusChecker = CERT_CheckOCSPStatus;
     return SECSuccess;
 }
 /*
  * FUNCTION: CERT_SetOCSPDefaultResponder
  *   Specify the location and cert of the default responder.
  *   If OCSP checking is already enabled *and* use of a default responder
  *   is also already enabled, all OCSP checking from now on will go directly
  *   to the specified responder.  If OCSP checking is not enabled, or if
  *   it is but use of a default responder is not enabled, the information
  *   will be recorded and take effect whenever both are enabled.
  * INPUTS:
  *   CERTCertDBHandle *handle
  *     Cert database on which OCSP checking should use the default responder.
  *   char *url
  *     The location of the default responder (e.g. "http://foo.com:80/ocsp")
  *     Note that the location will not be tested until the first attempt
  *     to send a request there.
  *   char *name
  *     The nickname of the cert to trust (expected) to sign the OCSP responses.
  *     If the corresponding cert cannot be found, SECFailure is returned.
  * RETURN:
  *   Returns SECFailure if an error occurred; SECSuccess otherwise.
  *   The most likely error is that the cert for "name" could not be found
  *   (probably SEC_ERROR_UNKNOWN_CERT).  Other errors are low-level (no memory,
  *   bad database, etc.).
  */
 SECStatus
 CERT_SetOCSPDefaultResponder(CERTCertDBHandle *handle,
 			     const char *url, const char *name)
 {
     CERTCertificate *cert;
     ocspCheckingContext *statusContext;
     char *url_copy = NULL;
     char *name_copy = NULL;
     SECStatus rv;
     if (handle == NULL || url == NULL || name == NULL) {
 	/*
 	 * XXX When interface is exported, probably want better errors;
 	 * perhaps different one for each parameter.
 	 */
 	PORT_SetError(SEC_ERROR_INVALID_ARGS);
 	return SECFailure;
     }
     /*
      * Find the certificate for the specified nickname.  Do this first
      * because it seems the most likely to fail.
      *
      * XXX Shouldn't need that cast if the FindCertByNickname interface
      * used const to convey that it does not modify the name.  Maybe someday.
      */
     cert = CERT_FindCertByNickname(handle, (char *) name);
     if (cert == NULL) {
       /*
        * look for the cert on an external token.
        */
       cert = PK11_FindCertFromNickname((char *)name, NULL);
     }
     if (cert == NULL)
 	return SECFailure;
     /*
      * Make a copy of the url and nickname.
      */
     url_copy = PORT_Strdup(url);
     name_copy = PORT_Strdup(name);
     if (url_copy == NULL || name_copy == NULL) {
 	rv = SECFailure;
 	goto loser;
     }
     statusContext = ocsp_GetCheckingContext(handle);
     /*
      * Allocate and init the context if it doesn't already exist.
      */
     if (statusContext == NULL) {
 	rv = ocsp_InitStatusChecking(handle);
 	if (rv != SECSuccess)
 	    goto loser;
 	statusContext = ocsp_GetCheckingContext(handle);
 	PORT_Assert(statusContext != NULL);	/* extreme paranoia */
     }
     /*
      * Note -- we do not touch the status context until after all of
      * the steps which could cause errors.  If something goes wrong,
      * we want to leave things as they were.
      */
     /*
      * Get rid of old url and name if there.
      */
     if (statusContext->defaultResponderNickname != NULL)
 	PORT_Free(statusContext->defaultResponderNickname);
     if (statusContext->defaultResponderURI != NULL)
 	PORT_Free(statusContext->defaultResponderURI);
     /*
      * And replace them with the new ones.
      */
     statusContext->defaultResponderURI = url_copy;
     statusContext->defaultResponderNickname = name_copy;
     /*
      * If there was already a cert in place, get rid of it and replace it.
      * Otherwise, we are not currently enabled, so we don't want to save it;
      * it will get re-found and set whenever use of a default responder is
      * enabled.
      */
     if (statusContext->defaultResponderCert != NULL) {
 	CERT_DestroyCertificate(statusContext->defaultResponderCert);
 	statusContext->defaultResponderCert = cert;
         /*OCSP enabled, switching responder: clear cache*/
         CERT_ClearOCSPCache();
     } else {
 	PORT_Assert(statusContext->useDefaultResponder == PR_FALSE);
 	CERT_DestroyCertificate(cert);
         /*OCSP currently not enabled, no need to clear cache*/
     }
     return SECSuccess;
 loser:
     CERT_DestroyCertificate(cert);
     if (url_copy != NULL)
 	PORT_Free(url_copy);
     if (name_copy != NULL)
 	PORT_Free(name_copy);
     return rv;
 }
 /*
  * FUNCTION: CERT_EnableOCSPDefaultResponder
  *   Turns on use of a default responder when OCSP checking.
  *   If OCSP checking is already enabled, this will make subsequent checks
  *   go directly to the default responder.  (The location of the responder
  *   and the nickname of the responder cert must already be specified.)
  *   If OCSP checking is not enabled, this will be recorded and take effect
  *   whenever it is enabled.
  * INPUTS:
  *   CERTCertDBHandle *handle
  *     Cert database on which OCSP checking should use the default responder.
  * RETURN:
  *   Returns SECFailure if an error occurred; SECSuccess otherwise.
  *   No errors are especially likely unless the caller did not previously
  *   perform a successful call to SetOCSPDefaultResponder (in which case
  *   the error set will be SEC_ERROR_OCSP_NO_DEFAULT_RESPONDER).
  */
 SECStatus
 CERT_EnableOCSPDefaultResponder(CERTCertDBHandle *handle)
 {
     ocspCheckingContext *statusContext;
     CERTCertificate *cert;
     SECStatus rv;
     SECCertificateUsage usage;
     if (handle == NULL) {
 	PORT_SetError(SEC_ERROR_INVALID_ARGS);
 	return SECFailure;
     }
     statusContext = ocsp_GetCheckingContext(handle);
     if (statusContext == NULL) {
 	/*
 	 * Strictly speaking, the error already set is "correct",
 	 * but cover over it with one more helpful in this context.
 	 */
 	PORT_SetError(SEC_ERROR_OCSP_NO_DEFAULT_RESPONDER);
 	return SECFailure;
     }
     if (statusContext->defaultResponderURI == NULL) {
 	PORT_SetError(SEC_ERROR_OCSP_NO_DEFAULT_RESPONDER);
 	return SECFailure;
     }
     if (statusContext->defaultResponderNickname == NULL) {
 	PORT_SetError(SEC_ERROR_OCSP_NO_DEFAULT_RESPONDER);
 	return SECFailure;
     }
     /*
      * Find the cert for the nickname.
      */
     cert = CERT_FindCertByNickname(handle,
 				   statusContext->defaultResponderNickname);
     if (cert == NULL) {
         cert = PK11_FindCertFromNickname(statusContext->defaultResponderNickname,
                                          NULL);
     }
     /*
      * We should never have trouble finding the cert, because its
      * existence should have been proven by SetOCSPDefaultResponder.
      */
     PORT_Assert(cert != NULL);
     if (cert == NULL)
 	return SECFailure;
    /*
     * Supplied cert should at least have  a signing capability in order for us
     * to use it as a trusted responder cert. Ability to sign is guaranteed  if
     * cert is validated to have any set of the usages below.
     */
     rv = CERT_VerifyCertificateNow(handle, cert, PR_TRUE,
                                    certificateUsageCheckAllUsages,
                                    NULL, &usage);
     if (rv != SECSuccess || (usage & (certificateUsageSSLClient |
                                       certificateUsageSSLServer |
                                       certificateUsageSSLServerWithStepUp |
                                       certificateUsageEmailSigner |
                                       certificateUsageObjectSigner |
                                       certificateUsageStatusResponder |
                                       certificateUsageSSLCA)) == 0) {
 	PORT_SetError(SEC_ERROR_OCSP_RESPONDER_CERT_INVALID);
 	return SECFailure;
     }
     /*
      * And hang onto it.
      */
     statusContext->defaultResponderCert = cert;
     /* we don't allow a mix of cache entries from different responders */
     CERT_ClearOCSPCache();
     /*
      * Finally, record the fact that we now have a default responder enabled.
      */
     statusContext->useDefaultResponder = PR_TRUE;
     return SECSuccess;
 }
 /*
  * FUNCTION: CERT_DisableOCSPDefaultResponder
  *   Turns off use of a default responder when OCSP checking.
  *   (Does nothing if use of a default responder is not enabled.)
  * INPUTS:
  *   CERTCertDBHandle *handle
  *     Cert database on which OCSP checking should stop using a default
  *     responder.
  * RETURN:
  *   Returns SECFailure if an error occurred; SECSuccess otherwise.
  *   Errors very unlikely (like random memory corruption...).
  */
 SECStatus
 CERT_DisableOCSPDefaultResponder(CERTCertDBHandle *handle)
 {
     CERTStatusConfig *statusConfig;
     ocspCheckingContext *statusContext;
     CERTCertificate *tmpCert;
     if (handle == NULL) {
 	PORT_SetError(SEC_ERROR_INVALID_ARGS);
 	return SECFailure;
     }
     statusConfig = CERT_GetStatusConfig(handle);
     if (statusConfig == NULL)
 	return SECSuccess;
     statusContext = ocsp_GetCheckingContext(handle);
     PORT_Assert(statusContext != NULL);
     if (statusContext == NULL)
 	return SECFailure;
     tmpCert = statusContext->defaultResponderCert;
     if (tmpCert) {
 	statusContext->defaultResponderCert = NULL;
 	CERT_DestroyCertificate(tmpCert);
         /* we don't allow a mix of cache entries from different responders */
         CERT_ClearOCSPCache();
     }
     /*
      * Finally, record the fact.
      */
     statusContext->useDefaultResponder = PR_FALSE;
     return SECSuccess;
 }
 SECStatus
 CERT_ForcePostMethodForOCSP(PRBool forcePost)
 {
     if (!OCSP_Global.monitor) {
         PORT_SetError(SEC_ERROR_NOT_INITIALIZED);
         return SECFailure;
     }
     PR_EnterMonitor(OCSP_Global.monitor);
     OCSP_Global.forcePost = forcePost;
     PR_ExitMonitor(OCSP_Global.monitor);
     return SECSuccess;
 }
 SECStatus
 CERT_GetOCSPResponseStatus(CERTOCSPResponse *response)
 {
     PORT_Assert(response);
     if (response->statusValue == ocspResponse_successful)
 	return SECSuccess;
     switch (response->statusValue) {
       case ocspResponse_malformedRequest:
 	PORT_SetError(SEC_ERROR_OCSP_MALFORMED_REQUEST);
 	break;
       case ocspResponse_internalError:
 	PORT_SetError(SEC_ERROR_OCSP_SERVER_ERROR);
 	break;
       case ocspResponse_tryLater:
 	PORT_SetError(SEC_ERROR_OCSP_TRY_SERVER_LATER);
 	break;
       case ocspResponse_sigRequired:
 	/* XXX We *should* retry with a signature, if possible. */
 	PORT_SetError(SEC_ERROR_OCSP_REQUEST_NEEDS_SIG);
 	break;
       case ocspResponse_unauthorized:
 	PORT_SetError(SEC_ERROR_OCSP_UNAUTHORIZED_REQUEST);
 	break;
       case ocspResponse_unused:
       default:
 	PORT_SetError(SEC_ERROR_OCSP_UNKNOWN_RESPONSE_STATUS);
 	break;
     }
     return SECFailure;
 }

The Tor Browser / annotate

security/nss/lib/certhigh/ocsp.c@b8a032363ba2 (annotated)

security/nss/lib/certhigh/ocsp.c