The Tor Browser: comparison security/nss/lib/certhigh/ocsp.c

--1:000000000000
+:2c3186d0d25a
+/* This Source Code Form is subject to the terms of the Mozilla Public
+* License, v. 2.0. If a copy of the MPL was not distributed with this
+* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+* Implementation of OCSP services, for both client and server.
+* (XXX, really, mostly just for client right now, but intended to do both.)
+*/
+#include "prerror.h"
+#include "prprf.h"
+#include "plarena.h"
+#include "prnetdb.h"
+#include "seccomon.h"
+#include "secitem.h"
+#include "secoidt.h"
+#include "secasn1.h"
+#include "secder.h"
+#include "cert.h"
+#include "certi.h"
+#include "xconst.h"
+#include "secerr.h"
+#include "secoid.h"
+#include "hasht.h"
+#include "sechash.h"
+#include "secasn1.h"
+#include "plbase64.h"
+#include "keyhi.h"
+#include "cryptohi.h"
+#include "ocsp.h"
+#include "ocspti.h"
+#include "ocspi.h"
+#include "genname.h"
+#include "certxutl.h"
+#include "pk11func.h"	/* for PK11_HashBuf */
+#include <stdarg.h>
+#include <plhash.h>
+#define DEFAULT_OCSP_CACHE_SIZE 1000
+#define DEFAULT_MINIMUM_SECONDS_TO_NEXT_OCSP_FETCH_ATTEMPT 1*60*60L
+#define DEFAULT_MAXIMUM_SECONDS_TO_NEXT_OCSP_FETCH_ATTEMPT 24*60*60L
+#define DEFAULT_OSCP_TIMEOUT_SECONDS 60
+#define MICROSECONDS_PER_SECOND 1000000L
+typedef struct OCSPCacheItemStr OCSPCacheItem;
+typedef struct OCSPCacheDataStr OCSPCacheData;
+struct OCSPCacheItemStr {
+/* LRU linking */
+OCSPCacheItem *moreRecent;
+OCSPCacheItem *lessRecent;
+/* key */
+CERTOCSPCertID *certID;
+/* CertID's arena also used to allocate "this" cache item */
+/* cache control information */
+PRTime nextFetchAttemptTime;
+/* Cached contents. Use a separate arena, because lifetime is different */
+PLArenaPool *certStatusArena; /* NULL means: no cert status cached */
+ocspCertStatus certStatus;
+/* This may contain an error code when no OCSP response is available. */
+SECErrorCodes missingResponseError;
+PRPackedBool haveThisUpdate;
+PRPackedBool haveNextUpdate;
+PRTime thisUpdate;
+PRTime nextUpdate;
+};
+struct OCSPCacheDataStr {
+PLHashTable *entries;
+PRUint32 numberOfEntries;
+OCSPCacheItem *MRUitem; /* most recently used cache item */
+OCSPCacheItem *LRUitem; /* least recently used cache item */
+};
+static struct OCSPGlobalStruct {
+PRMonitor *monitor;
+const SEC_HttpClientFcn *defaultHttpClientFcn;
+PRInt32 maxCacheEntries;
+PRUint32 minimumSecondsToNextFetchAttempt;
+PRUint32 maximumSecondsToNextFetchAttempt;
+PRUint32 timeoutSeconds;
+OCSPCacheData cache;
+SEC_OcspFailureMode ocspFailureMode;
+CERT_StringFromCertFcn alternateOCSPAIAFcn;
+PRBool forcePost;
+} OCSP_Global = { NULL,
+NULL,
+DEFAULT_OCSP_CACHE_SIZE,
+DEFAULT_MINIMUM_SECONDS_TO_NEXT_OCSP_FETCH_ATTEMPT,
+DEFAULT_MAXIMUM_SECONDS_TO_NEXT_OCSP_FETCH_ATTEMPT,
+DEFAULT_OSCP_TIMEOUT_SECONDS,
+{NULL, 0, NULL, NULL},
+ocspMode_FailureIsVerificationFailure,
+NULL,
+PR_FALSE
+};
+/* Forward declarations */
+static SECItem *
+ocsp_GetEncodedOCSPResponseFromRequest(PLArenaPool *arena,
+CERTOCSPRequest *request,
+const char *location,
+				       const char *method,
+				       PRTime time,
+PRBool addServiceLocator,
+void *pwArg,
+CERTOCSPRequest **pRequest);
+static SECStatus
+ocsp_GetOCSPStatusFromNetwork(CERTCertDBHandle *handle,
+CERTOCSPCertID *certID,
+CERTCertificate *cert,
+PRTime time,
+void *pwArg,
+PRBool *certIDWasConsumed,
+SECStatus *rv_ocsp);
+static SECStatus
+ocsp_GetDecodedVerifiedSingleResponseForID(CERTCertDBHandle *handle,
+					   CERTOCSPCertID *certID,
+					   CERTCertificate *cert,
+					   PRTime time,
+					   void *pwArg,
+					   const SECItem *encodedResponse,
+					   CERTOCSPResponse **pDecodedResponse,
+					   CERTOCSPSingleResponse **pSingle);
+static SECStatus
+ocsp_CertRevokedAfter(ocspRevokedInfo *revokedInfo, PRTime time);
+static CERTOCSPCertID *
+cert_DupOCSPCertID(const CERTOCSPCertID *src);
+#ifndef DEBUG
+#define OCSP_TRACE(msg)
+#define OCSP_TRACE_TIME(msg, time)
+#define OCSP_TRACE_CERT(cert)
+#define OCSP_TRACE_CERTID(certid)
+#else
+#define OCSP_TRACE(msg) ocsp_Trace msg
+#define OCSP_TRACE_TIME(msg, time) ocsp_dumpStringWithTime(msg, time)
+#define OCSP_TRACE_CERT(cert) dumpCertificate(cert)
+#define OCSP_TRACE_CERTID(certid) dumpCertID(certid)
+#if defined(XP_UNIX) || defined(XP_WIN32) || defined(XP_BEOS) \
+|| defined(XP_MACOSX)
+#define NSS_HAVE_GETENV 1
+#endif
+static PRBool wantOcspTrace(void)
+{
+static PRBool firstTime = PR_TRUE;
+static PRBool wantTrace = PR_FALSE;
+#ifdef NSS_HAVE_GETENV
+if (firstTime) {
+char *ev = getenv("NSS_TRACE_OCSP");
+if (ev && ev[0]) {
+wantTrace = PR_TRUE;
+}
+firstTime = PR_FALSE;
+}
+#endif
+return wantTrace;
+}
+static void
+ocsp_Trace(const char *format, ...)
+{
+char buf[2000];
+va_list args;
+if (!wantOcspTrace())
+return;
+va_start(args, format);
+PR_vsnprintf(buf, sizeof(buf), format, args);
+va_end(args);
+PR_LogPrint("%s", buf);
+}
+static void
+ocsp_dumpStringWithTime(const char *str, PRTime time)
+{
+PRExplodedTime timePrintable;
+char timestr[256];
+if (!wantOcspTrace())
+return;
+PR_ExplodeTime(time, PR_GMTParameters, &timePrintable);
+if (PR_FormatTime(timestr, 256, "%a %b %d %H:%M:%S %Y", &timePrintable)) {
+ocsp_Trace("OCSP %s %s\n", str, timestr);
+}
+}
+static void
+printHexString(const char *prefix, SECItem *hexval)
+{
+unsigned int i;
+char *hexbuf = NULL;
+for (i = 0; i < hexval->len; i++) {
+if (i != hexval->len - 1) {
+hexbuf = PR_sprintf_append(hexbuf, "%02x:", hexval->data[i]);
+} else {
+hexbuf = PR_sprintf_append(hexbuf, "%02x", hexval->data[i]);
+}
+}
+if (hexbuf) {
+ocsp_Trace("%s %s\n", prefix, hexbuf);
+PR_smprintf_free(hexbuf);
+}
+}
+static void
+dumpCertificate(CERTCertificate *cert)
+{
+if (!wantOcspTrace())
+return;
+ocsp_Trace("OCSP ----------------\n");
+ocsp_Trace("OCSP ## SUBJECT:  %s\n", cert->subjectName);
+{
+PRTime timeBefore, timeAfter;
+PRExplodedTime beforePrintable, afterPrintable;
+char beforestr[256], afterstr[256];
+PRStatus rv1, rv2;
+DER_DecodeTimeChoice(&timeBefore, &cert->validity.notBefore);
+DER_DecodeTimeChoice(&timeAfter, &cert->validity.notAfter);
+PR_ExplodeTime(timeBefore, PR_GMTParameters, &beforePrintable);
+PR_ExplodeTime(timeAfter, PR_GMTParameters, &afterPrintable);
+rv1 = PR_FormatTime(beforestr, 256, "%a %b %d %H:%M:%S %Y",
+&beforePrintable);
+rv2 = PR_FormatTime(afterstr, 256, "%a %b %d %H:%M:%S %Y",
+&afterPrintable);
+ocsp_Trace("OCSP ## VALIDITY:  %s to %s\n", rv1 ? beforestr : "",
+rv2 ? afterstr : "");
+}
+ocsp_Trace("OCSP ## ISSUER:  %s\n", cert->issuerName);
+printHexString("OCSP ## SERIAL NUMBER:", &cert->serialNumber);
+}
+static void
+dumpCertID(CERTOCSPCertID *certID)
+{
+if (!wantOcspTrace())
+return;
+printHexString("OCSP certID issuer", &certID->issuerNameHash);
+printHexString("OCSP certID serial", &certID->serialNumber);
+}
+#endif
+SECStatus
+SEC_RegisterDefaultHttpClient(const SEC_HttpClientFcn *fcnTable)
+{
+if (!OCSP_Global.monitor) {
+PORT_SetError(SEC_ERROR_NOT_INITIALIZED);
+return SECFailure;
+}
+PR_EnterMonitor(OCSP_Global.monitor);
+OCSP_Global.defaultHttpClientFcn = fcnTable;
+PR_ExitMonitor(OCSP_Global.monitor);
+return SECSuccess;
+}
+SECStatus
+CERT_RegisterAlternateOCSPAIAInfoCallBack(
+			CERT_StringFromCertFcn   newCallback,
+			CERT_StringFromCertFcn * oldCallback)
+{
+CERT_StringFromCertFcn old;
+if (!OCSP_Global.monitor) {
+PORT_SetError(SEC_ERROR_NOT_INITIALIZED);
+return SECFailure;
+}
+PR_EnterMonitor(OCSP_Global.monitor);
+old = OCSP_Global.alternateOCSPAIAFcn;
+OCSP_Global.alternateOCSPAIAFcn = newCallback;
+PR_ExitMonitor(OCSP_Global.monitor);
+if (oldCallback)
+	*oldCallback = old;
+return SECSuccess;
+}
+static PLHashNumber PR_CALLBACK
+ocsp_CacheKeyHashFunction(const void *key)
+{
+CERTOCSPCertID *cid = (CERTOCSPCertID *)key;
+PLHashNumber hash = 0;
+unsigned int i;
+unsigned char *walk;
+/* a very simple hash calculation for the initial coding phase */
+walk = (unsigned char*)cid->issuerNameHash.data;
+for (i=0; i < cid->issuerNameHash.len; ++i, ++walk) {
+hash += *walk;
+}
+walk = (unsigned char*)cid->issuerKeyHash.data;
+for (i=0; i < cid->issuerKeyHash.len; ++i, ++walk) {
+hash += *walk;
+}
+walk = (unsigned char*)cid->serialNumber.data;
+for (i=0; i < cid->serialNumber.len; ++i, ++walk) {
+hash += *walk;
+}
+return hash;
+}
+static PRIntn PR_CALLBACK
+ocsp_CacheKeyCompareFunction(const void *v1, const void *v2)
+{
+CERTOCSPCertID *cid1 = (CERTOCSPCertID *)v1;
+CERTOCSPCertID *cid2 = (CERTOCSPCertID *)v2;
+return (SECEqual == SECITEM_CompareItem(&cid1->issuerNameHash,
+&cid2->issuerNameHash)
+&& SECEqual == SECITEM_CompareItem(&cid1->issuerKeyHash,
+&cid2->issuerKeyHash)
+&& SECEqual == SECITEM_CompareItem(&cid1->serialNumber,
+&cid2->serialNumber));
+}
+static SECStatus
+ocsp_CopyRevokedInfo(PLArenaPool *arena, ocspCertStatus *dest,
+ocspRevokedInfo *src)
+{
+SECStatus rv = SECFailure;
+void *mark;
+mark = PORT_ArenaMark(arena);
+dest->certStatusInfo.revokedInfo =
+(ocspRevokedInfo *) PORT_ArenaZAlloc(arena, sizeof(ocspRevokedInfo));
+if (!dest->certStatusInfo.revokedInfo) {
+goto loser;
+}
+rv = SECITEM_CopyItem(arena,
+&dest->certStatusInfo.revokedInfo->revocationTime,
+&src->revocationTime);
+if (rv != SECSuccess) {
+goto loser;
+}
+if (src->revocationReason) {
+dest->certStatusInfo.revokedInfo->revocationReason =
+SECITEM_ArenaDupItem(arena, src->revocationReason);
+if (!dest->certStatusInfo.revokedInfo->revocationReason) {
+goto loser;
+}
+}  else {
+dest->certStatusInfo.revokedInfo->revocationReason = NULL;
+}
+PORT_ArenaUnmark(arena, mark);
+return SECSuccess;
+loser:
+PORT_ArenaRelease(arena, mark);
+return SECFailure;
+}
+static SECStatus
+ocsp_CopyCertStatus(PLArenaPool *arena, ocspCertStatus *dest,
+ocspCertStatus*src)
+{
+SECStatus rv = SECFailure;
+dest->certStatusType = src->certStatusType;
+switch (src->certStatusType) {
+case ocspCertStatus_good:
+dest->certStatusInfo.goodInfo =
+SECITEM_ArenaDupItem(arena, src->certStatusInfo.goodInfo);
+if (dest->certStatusInfo.goodInfo != NULL) {
+rv = SECSuccess;
+}
+break;
+case ocspCertStatus_revoked:
+rv = ocsp_CopyRevokedInfo(arena, dest,
+src->certStatusInfo.revokedInfo);
+break;
+case ocspCertStatus_unknown:
+dest->certStatusInfo.unknownInfo =
+SECITEM_ArenaDupItem(arena, src->certStatusInfo.unknownInfo);
+if (dest->certStatusInfo.unknownInfo != NULL) {
+rv = SECSuccess;
+}
+break;
+case ocspCertStatus_other:
+default:
+PORT_Assert(src->certStatusType == ocspCertStatus_other);
+dest->certStatusInfo.otherInfo =
+SECITEM_ArenaDupItem(arena, src->certStatusInfo.otherInfo);
+if (dest->certStatusInfo.otherInfo != NULL) {
+rv = SECSuccess;
+}
+break;
+}
+return rv;
+}
+static void
+ocsp_AddCacheItemToLinkedList(OCSPCacheData *cache, OCSPCacheItem *new_most_recent)
+{
+PR_EnterMonitor(OCSP_Global.monitor);
+if (!cache->LRUitem) {
+cache->LRUitem = new_most_recent;
+}
+new_most_recent->lessRecent = cache->MRUitem;
+new_most_recent->moreRecent = NULL;
+if (cache->MRUitem) {
+cache->MRUitem->moreRecent = new_most_recent;
+}
+cache->MRUitem = new_most_recent;
+PR_ExitMonitor(OCSP_Global.monitor);
+}
+static void
+ocsp_RemoveCacheItemFromLinkedList(OCSPCacheData *cache, OCSPCacheItem *item)
+{
+PR_EnterMonitor(OCSP_Global.monitor);
+if (!item->lessRecent && !item->moreRecent) {
+/*
+* Fail gracefully on attempts to remove an item from the list,
+* which is currently not part of the list.
+* But check for the edge case it is the single entry in the list.
+*/
+if (item == cache->LRUitem &&
+item == cache->MRUitem) {
+/* remove the single entry */
+PORT_Assert(cache->numberOfEntries == 1);
+PORT_Assert(item->moreRecent == NULL);
+cache->MRUitem = NULL;
+cache->LRUitem = NULL;
+}
+PR_ExitMonitor(OCSP_Global.monitor);
+return;
+}
+PORT_Assert(cache->numberOfEntries > 1);
+if (item == cache->LRUitem) {
+PORT_Assert(item != cache->MRUitem);
+PORT_Assert(item->lessRecent == NULL);
+PORT_Assert(item->moreRecent != NULL);
+PORT_Assert(item->moreRecent->lessRecent == item);
+cache->LRUitem = item->moreRecent;
+cache->LRUitem->lessRecent = NULL;
+}
+else if (item == cache->MRUitem) {
+PORT_Assert(item->moreRecent == NULL);
+PORT_Assert(item->lessRecent != NULL);
+PORT_Assert(item->lessRecent->moreRecent == item);
+cache->MRUitem = item->lessRecent;
+cache->MRUitem->moreRecent = NULL;
+} else {
+/* remove an entry in the middle of the list */
+PORT_Assert(item->moreRecent != NULL);
+PORT_Assert(item->lessRecent != NULL);
+PORT_Assert(item->lessRecent->moreRecent == item);
+PORT_Assert(item->moreRecent->lessRecent == item);
+item->moreRecent->lessRecent = item->lessRecent;
+item->lessRecent->moreRecent = item->moreRecent;
+}
+item->lessRecent = NULL;
+item->moreRecent = NULL;
+PR_ExitMonitor(OCSP_Global.monitor);
+}
+static void
+ocsp_MakeCacheEntryMostRecent(OCSPCacheData *cache, OCSPCacheItem *new_most_recent)
+{
+OCSP_TRACE(("OCSP ocsp_MakeCacheEntryMostRecent THREADID %p\n",
+PR_GetCurrentThread()));
+PR_EnterMonitor(OCSP_Global.monitor);
+if (cache->MRUitem == new_most_recent) {
+OCSP_TRACE(("OCSP ocsp_MakeCacheEntryMostRecent ALREADY MOST\n"));
+PR_ExitMonitor(OCSP_Global.monitor);
+return;
+}
+OCSP_TRACE(("OCSP ocsp_MakeCacheEntryMostRecent NEW entry\n"));
+ocsp_RemoveCacheItemFromLinkedList(cache, new_most_recent);
+ocsp_AddCacheItemToLinkedList(cache, new_most_recent);
+PR_ExitMonitor(OCSP_Global.monitor);
+}
+static PRBool
+ocsp_IsCacheDisabled(void)
+{
+/*
+* maxCacheEntries == 0 means unlimited cache entries
+* maxCacheEntries  < 0 means cache is disabled
+*/
+PRBool retval;
+PR_EnterMonitor(OCSP_Global.monitor);
+retval = (OCSP_Global.maxCacheEntries < 0);
+PR_ExitMonitor(OCSP_Global.monitor);
+return retval;
+}
+static OCSPCacheItem *
+ocsp_FindCacheEntry(OCSPCacheData *cache, CERTOCSPCertID *certID)
+{
+OCSPCacheItem *found_ocsp_item = NULL;
+OCSP_TRACE(("OCSP ocsp_FindCacheEntry\n"));
+OCSP_TRACE_CERTID(certID);
+PR_EnterMonitor(OCSP_Global.monitor);
+if (ocsp_IsCacheDisabled())
+goto loser;
+found_ocsp_item = (OCSPCacheItem *)PL_HashTableLookup(
+cache->entries, certID);
+if (!found_ocsp_item)
+goto loser;
+OCSP_TRACE(("OCSP ocsp_FindCacheEntry FOUND!\n"));
+ocsp_MakeCacheEntryMostRecent(cache, found_ocsp_item);
+loser:
+PR_ExitMonitor(OCSP_Global.monitor);
+return found_ocsp_item;
+}
+static void
+ocsp_FreeCacheItem(OCSPCacheItem *item)
+{
+OCSP_TRACE(("OCSP ocsp_FreeCacheItem\n"));
+if (item->certStatusArena) {
+PORT_FreeArena(item->certStatusArena, PR_FALSE);
+}
+if (item->certID->poolp) {
+/* freeing this poolp arena will also free item */
+PORT_FreeArena(item->certID->poolp, PR_FALSE);
+}
+}
+static void
+ocsp_RemoveCacheItem(OCSPCacheData *cache, OCSPCacheItem *item)
+{
+/* The item we're removing could be either the least recently used item,
+* or it could be an item that couldn't get updated with newer status info
+* because of an allocation failure, or it could get removed because we're
+* cleaning up.
+*/
+PRBool couldRemoveFromHashTable;
+OCSP_TRACE(("OCSP ocsp_RemoveCacheItem, THREADID %p\n", PR_GetCurrentThread()));
+PR_EnterMonitor(OCSP_Global.monitor);
+ocsp_RemoveCacheItemFromLinkedList(cache, item);
+couldRemoveFromHashTable = PL_HashTableRemove(cache->entries,
+item->certID);
+PORT_Assert(couldRemoveFromHashTable);
+--cache->numberOfEntries;
+ocsp_FreeCacheItem(item);
+PR_ExitMonitor(OCSP_Global.monitor);
+}
+static void
+ocsp_CheckCacheSize(OCSPCacheData *cache)
+{
+OCSP_TRACE(("OCSP ocsp_CheckCacheSize\n"));
+PR_EnterMonitor(OCSP_Global.monitor);
+if (OCSP_Global.maxCacheEntries > 0) {
+/* Cache is not disabled. Number of cache entries is limited.
+* The monitor ensures that maxCacheEntries remains positive.
+*/
+while (cache->numberOfEntries >
+(PRUint32)OCSP_Global.maxCacheEntries) {
+ocsp_RemoveCacheItem(cache, cache->LRUitem);
+}
+}
+PR_ExitMonitor(OCSP_Global.monitor);
+}
+SECStatus
+CERT_ClearOCSPCache(void)
+{
+OCSP_TRACE(("OCSP CERT_ClearOCSPCache\n"));
+PR_EnterMonitor(OCSP_Global.monitor);
+while (OCSP_Global.cache.numberOfEntries > 0) {
+ocsp_RemoveCacheItem(&OCSP_Global.cache,
+OCSP_Global.cache.LRUitem);
+}
+PR_ExitMonitor(OCSP_Global.monitor);
+return SECSuccess;
+}
+static SECStatus
+ocsp_CreateCacheItemAndConsumeCertID(OCSPCacheData *cache,
+CERTOCSPCertID *certID,
+OCSPCacheItem **pCacheItem)
+{
+PLArenaPool *arena;
+void *mark;
+PLHashEntry *new_hash_entry;
+OCSPCacheItem *item;
+PORT_Assert(pCacheItem != NULL);
+*pCacheItem = NULL;
+PR_EnterMonitor(OCSP_Global.monitor);
+arena = certID->poolp;
+mark = PORT_ArenaMark(arena);
+/* ZAlloc will init all Bools to False and all Pointers to NULL
+and all error codes to zero/good. */
+item = (OCSPCacheItem *)PORT_ArenaZAlloc(certID->poolp,
+sizeof(OCSPCacheItem));
+if (!item) {
+goto loser;
+}
+item->certID = certID;
+new_hash_entry = PL_HashTableAdd(cache->entries, item->certID,
+item);
+if (!new_hash_entry) {
+goto loser;
+}
+++cache->numberOfEntries;
+PORT_ArenaUnmark(arena, mark);
+ocsp_AddCacheItemToLinkedList(cache, item);
+*pCacheItem = item;
+PR_ExitMonitor(OCSP_Global.monitor);
+return SECSuccess;
+loser:
+PORT_ArenaRelease(arena, mark);
+PR_ExitMonitor(OCSP_Global.monitor);
+return SECFailure;
+}
+static SECStatus
+ocsp_SetCacheItemResponse(OCSPCacheItem *item,
+const CERTOCSPSingleResponse *response)
+{
+if (item->certStatusArena) {
+PORT_FreeArena(item->certStatusArena, PR_FALSE);
+item->certStatusArena = NULL;
+}
+item->haveThisUpdate = item->haveNextUpdate = PR_FALSE;
+if (response) {
+SECStatus rv;
+item->certStatusArena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+if (item->certStatusArena == NULL) {
+return SECFailure;
+}
+rv = ocsp_CopyCertStatus(item->certStatusArena, &item->certStatus,
+response->certStatus);
+if (rv != SECSuccess) {
+PORT_FreeArena(item->certStatusArena, PR_FALSE);
+item->certStatusArena = NULL;
+return rv;
+}
+item->missingResponseError = 0;
+rv = DER_GeneralizedTimeToTime(&item->thisUpdate,
+&response->thisUpdate);
+item->haveThisUpdate = (rv == SECSuccess);
+if (response->nextUpdate) {
+rv = DER_GeneralizedTimeToTime(&item->nextUpdate,
+response->nextUpdate);
+item->haveNextUpdate = (rv == SECSuccess);
+} else {
+item->haveNextUpdate = PR_FALSE;
+}
+}
+return SECSuccess;
+}
+static void
+ocsp_FreshenCacheItemNextFetchAttemptTime(OCSPCacheItem *cacheItem)
+{
+PRTime now;
+PRTime earliestAllowedNextFetchAttemptTime;
+PRTime latestTimeWhenResponseIsConsideredFresh;
+OCSP_TRACE(("OCSP ocsp_FreshenCacheItemNextFetchAttemptTime\n"));
+PR_EnterMonitor(OCSP_Global.monitor);
+now = PR_Now();
+OCSP_TRACE_TIME("now:", now);
+if (cacheItem->haveThisUpdate) {
+OCSP_TRACE_TIME("thisUpdate:", cacheItem->thisUpdate);
+latestTimeWhenResponseIsConsideredFresh = cacheItem->thisUpdate +
+OCSP_Global.maximumSecondsToNextFetchAttempt *
+MICROSECONDS_PER_SECOND;
+OCSP_TRACE_TIME("latestTimeWhenResponseIsConsideredFresh:",
+latestTimeWhenResponseIsConsideredFresh);
+} else {
+latestTimeWhenResponseIsConsideredFresh = now +
+OCSP_Global.minimumSecondsToNextFetchAttempt *
+MICROSECONDS_PER_SECOND;
+OCSP_TRACE_TIME("no thisUpdate, "
+"latestTimeWhenResponseIsConsideredFresh:",
+latestTimeWhenResponseIsConsideredFresh);
+}
+if (cacheItem->haveNextUpdate) {
+OCSP_TRACE_TIME("have nextUpdate:", cacheItem->nextUpdate);
+}
+if (cacheItem->haveNextUpdate &&
+cacheItem->nextUpdate < latestTimeWhenResponseIsConsideredFresh) {
+latestTimeWhenResponseIsConsideredFresh = cacheItem->nextUpdate;
+OCSP_TRACE_TIME("nextUpdate is smaller than latestFresh, setting "
+"latestTimeWhenResponseIsConsideredFresh:",
+latestTimeWhenResponseIsConsideredFresh);
+}
+earliestAllowedNextFetchAttemptTime = now +
+OCSP_Global.minimumSecondsToNextFetchAttempt *
+MICROSECONDS_PER_SECOND;
+OCSP_TRACE_TIME("earliestAllowedNextFetchAttemptTime:",
+earliestAllowedNextFetchAttemptTime);
+if (latestTimeWhenResponseIsConsideredFresh <
+earliestAllowedNextFetchAttemptTime) {
+latestTimeWhenResponseIsConsideredFresh =
+earliestAllowedNextFetchAttemptTime;
+OCSP_TRACE_TIME("latest < earliest, setting latest to:",
+latestTimeWhenResponseIsConsideredFresh);
+}
+cacheItem->nextFetchAttemptTime =
+latestTimeWhenResponseIsConsideredFresh;
+OCSP_TRACE_TIME("nextFetchAttemptTime",
+latestTimeWhenResponseIsConsideredFresh);
+PR_ExitMonitor(OCSP_Global.monitor);
+}
+static PRBool
+ocsp_IsCacheItemFresh(OCSPCacheItem *cacheItem)
+{
+PRTime now;
+PRBool fresh;
+now = PR_Now();
+fresh = cacheItem->nextFetchAttemptTime > now;
+/* Work around broken OCSP responders that return unknown responses for
+* certificates, especially certificates that were just recently issued.
+*/
+if (fresh && cacheItem->certStatusArena &&
+cacheItem->certStatus.certStatusType == ocspCertStatus_unknown) {
+fresh = PR_FALSE;
+}
+OCSP_TRACE(("OCSP ocsp_IsCacheItemFresh: %d\n", fresh));
+return fresh;
+}
+/*
+* Status in *certIDWasConsumed will always be correct, regardless of
+* return value.
+* If the caller is unable to transfer ownership of certID,
+* then the caller must set certIDWasConsumed to NULL,
+* and this function will potentially duplicate the certID object.
+*/
+static SECStatus
+ocsp_CreateOrUpdateCacheEntry(OCSPCacheData *cache,
+CERTOCSPCertID *certID,
+CERTOCSPSingleResponse *single,
+PRBool *certIDWasConsumed)
+{
+SECStatus rv;
+OCSPCacheItem *cacheItem;
+OCSP_TRACE(("OCSP ocsp_CreateOrUpdateCacheEntry\n"));
+if (certIDWasConsumed)
+*certIDWasConsumed = PR_FALSE;
+PR_EnterMonitor(OCSP_Global.monitor);
+PORT_Assert(OCSP_Global.maxCacheEntries >= 0);
+cacheItem = ocsp_FindCacheEntry(cache, certID);
+/* Don't replace an unknown or revoked entry with an error entry, even if
+* the existing entry is expired. Instead, we'll continue to use the
+* existing (possibly expired) cache entry until we receive a valid signed
+* response to replace it.
+*/
+if (!single && cacheItem && cacheItem->certStatusArena &&
+(cacheItem->certStatus.certStatusType == ocspCertStatus_revoked ||
+cacheItem->certStatus.certStatusType == ocspCertStatus_unknown)) {
+PR_ExitMonitor(OCSP_Global.monitor);
+return SECSuccess;
+}
+if (!cacheItem) {
+CERTOCSPCertID *myCertID;
+if (certIDWasConsumed) {
+myCertID = certID;
+*certIDWasConsumed = PR_TRUE;
+} else {
+myCertID = cert_DupOCSPCertID(certID);
+if (!myCertID) {
+PR_ExitMonitor(OCSP_Global.monitor);
+PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
+return SECFailure;
+}
+}
+rv = ocsp_CreateCacheItemAndConsumeCertID(cache, myCertID,
+&cacheItem);
+if (rv != SECSuccess) {
+PR_ExitMonitor(OCSP_Global.monitor);
+return rv;
+}
+}
+if (single) {
+PRTime thisUpdate;
+rv = DER_GeneralizedTimeToTime(&thisUpdate, &single->thisUpdate);
+if (!cacheItem->haveThisUpdate ||
+(rv == SECSuccess && cacheItem->thisUpdate < thisUpdate)) {
+rv = ocsp_SetCacheItemResponse(cacheItem, single);
+if (rv != SECSuccess) {
+ocsp_RemoveCacheItem(cache, cacheItem);
+PR_ExitMonitor(OCSP_Global.monitor);
+return rv;
+}
+} else {
+OCSP_TRACE(("Not caching response because the response is not "
+"newer than the cache"));
+}
+} else {
+cacheItem->missingResponseError = PORT_GetError();
+if (cacheItem->certStatusArena) {
+PORT_FreeArena(cacheItem->certStatusArena, PR_FALSE);
+cacheItem->certStatusArena = NULL;
+}
+}
+ocsp_FreshenCacheItemNextFetchAttemptTime(cacheItem);
+ocsp_CheckCacheSize(cache);
+PR_ExitMonitor(OCSP_Global.monitor);
+return SECSuccess;
+}
+extern SECStatus
+CERT_SetOCSPFailureMode(SEC_OcspFailureMode ocspFailureMode)
+{
+switch (ocspFailureMode) {
+case ocspMode_FailureIsVerificationFailure:
+case ocspMode_FailureIsNotAVerificationFailure:
+break;
+default:
+PORT_SetError(SEC_ERROR_INVALID_ARGS);
+return SECFailure;
+}
+PR_EnterMonitor(OCSP_Global.monitor);
+OCSP_Global.ocspFailureMode = ocspFailureMode;
+PR_ExitMonitor(OCSP_Global.monitor);
+return SECSuccess;
+}
+SECStatus
+CERT_OCSPCacheSettings(PRInt32 maxCacheEntries,
+PRUint32 minimumSecondsToNextFetchAttempt,
+PRUint32 maximumSecondsToNextFetchAttempt)
+{
+if (minimumSecondsToNextFetchAttempt > maximumSecondsToNextFetchAttempt
+|| maxCacheEntries < -1) {
+PORT_SetError(SEC_ERROR_INVALID_ARGS);
+return SECFailure;
+}
+PR_EnterMonitor(OCSP_Global.monitor);
+if (maxCacheEntries < 0) {
+OCSP_Global.maxCacheEntries = -1; /* disable cache */
+} else if (maxCacheEntries == 0) {
+OCSP_Global.maxCacheEntries = 0; /* unlimited cache entries */
+} else {
+OCSP_Global.maxCacheEntries = maxCacheEntries;
+}
+if (minimumSecondsToNextFetchAttempt <
+OCSP_Global.minimumSecondsToNextFetchAttempt
+|| maximumSecondsToNextFetchAttempt <
+OCSP_Global.maximumSecondsToNextFetchAttempt) {
+/*
+* Ensure our existing cache entries are not used longer than the
+* new settings allow, we're lazy and just clear the cache
+*/
+CERT_ClearOCSPCache();
+}
+OCSP_Global.minimumSecondsToNextFetchAttempt =
+minimumSecondsToNextFetchAttempt;
+OCSP_Global.maximumSecondsToNextFetchAttempt =
+maximumSecondsToNextFetchAttempt;
+ocsp_CheckCacheSize(&OCSP_Global.cache);
+PR_ExitMonitor(OCSP_Global.monitor);
+return SECSuccess;
+}
+SECStatus
+CERT_SetOCSPTimeout(PRUint32 seconds)
+{
+/* no locking, see bug 406120 */
+OCSP_Global.timeoutSeconds = seconds;
+return SECSuccess;
+}
+/* this function is called at NSS initialization time */
+SECStatus OCSP_InitGlobal(void)
+{
+SECStatus rv = SECFailure;
+if (OCSP_Global.monitor == NULL) {
+OCSP_Global.monitor = PR_NewMonitor();
+}
+if (!OCSP_Global.monitor)
+return SECFailure;
+PR_EnterMonitor(OCSP_Global.monitor);
+if (!OCSP_Global.cache.entries) {
+OCSP_Global.cache.entries =
+PL_NewHashTable(0,
+ocsp_CacheKeyHashFunction,
+ocsp_CacheKeyCompareFunction,
+PL_CompareValues,
+NULL,
+NULL);
+OCSP_Global.ocspFailureMode = ocspMode_FailureIsVerificationFailure;
+OCSP_Global.cache.numberOfEntries = 0;
+OCSP_Global.cache.MRUitem = NULL;
+OCSP_Global.cache.LRUitem = NULL;
+} else {
+/*
+* NSS might call this function twice while attempting to init.
+* But it's not allowed to call this again after any activity.
+*/
+PORT_Assert(OCSP_Global.cache.numberOfEntries == 0);
+PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+}
+if (OCSP_Global.cache.entries)
+rv = SECSuccess;
+PR_ExitMonitor(OCSP_Global.monitor);
+return rv;
+}
+SECStatus OCSP_ShutdownGlobal(void)
+{
+if (!OCSP_Global.monitor)
+return SECSuccess;
+PR_EnterMonitor(OCSP_Global.monitor);
+if (OCSP_Global.cache.entries) {
+CERT_ClearOCSPCache();
+PL_HashTableDestroy(OCSP_Global.cache.entries);
+OCSP_Global.cache.entries = NULL;
+}
+PORT_Assert(OCSP_Global.cache.numberOfEntries == 0);
+OCSP_Global.cache.MRUitem = NULL;
+OCSP_Global.cache.LRUitem = NULL;
+OCSP_Global.defaultHttpClientFcn = NULL;
+OCSP_Global.maxCacheEntries = DEFAULT_OCSP_CACHE_SIZE;
+OCSP_Global.minimumSecondsToNextFetchAttempt =
+DEFAULT_MINIMUM_SECONDS_TO_NEXT_OCSP_FETCH_ATTEMPT;
+OCSP_Global.maximumSecondsToNextFetchAttempt =
+DEFAULT_MAXIMUM_SECONDS_TO_NEXT_OCSP_FETCH_ATTEMPT;
+OCSP_Global.ocspFailureMode =
+ocspMode_FailureIsVerificationFailure;
+PR_ExitMonitor(OCSP_Global.monitor);
+PR_DestroyMonitor(OCSP_Global.monitor);
+OCSP_Global.monitor = NULL;
+return SECSuccess;
+}
+/*
+* A return value of NULL means:
+*   The application did not register it's own HTTP client.
+*/
+const SEC_HttpClientFcn *SEC_GetRegisteredHttpClient(void)
+{
+const SEC_HttpClientFcn *retval;
+if (!OCSP_Global.monitor) {
+PORT_SetError(SEC_ERROR_NOT_INITIALIZED);
+return NULL;
+}
+PR_EnterMonitor(OCSP_Global.monitor);
+retval = OCSP_Global.defaultHttpClientFcn;
+PR_ExitMonitor(OCSP_Global.monitor);
+return retval;
+}
+/*
+* The following structure is only used internally.  It is allocated when
+* someone turns on OCSP checking, and hangs off of the status-configuration
+* structure in the certdb structure.  We use it to keep configuration
+* information specific to OCSP checking.
+*/
+typedef struct ocspCheckingContextStr {
+PRBool useDefaultResponder;
+char *defaultResponderURI;
+char *defaultResponderNickname;
+CERTCertificate *defaultResponderCert;
+} ocspCheckingContext;
+SEC_ASN1_MKSUB(SEC_AnyTemplate)
+SEC_ASN1_MKSUB(SEC_IntegerTemplate)
+SEC_ASN1_MKSUB(SEC_NullTemplate)
+SEC_ASN1_MKSUB(SEC_OctetStringTemplate)
+SEC_ASN1_MKSUB(SEC_PointerToAnyTemplate)
+SEC_ASN1_MKSUB(SECOID_AlgorithmIDTemplate)
+SEC_ASN1_MKSUB(SEC_SequenceOfAnyTemplate)
+SEC_ASN1_MKSUB(SEC_PointerToGeneralizedTimeTemplate)
+SEC_ASN1_MKSUB(SEC_PointerToEnumeratedTemplate)
+/*
+* Forward declarations of sub-types, so I can lay out the types in the
+* same order as the ASN.1 is laid out in the OCSP spec itself.
+*
+* These are in alphabetical order (case-insensitive); please keep it that way!
+*/
+extern const SEC_ASN1Template ocsp_CertIDTemplate[];
+extern const SEC_ASN1Template ocsp_PointerToSignatureTemplate[];
+extern const SEC_ASN1Template ocsp_PointerToResponseBytesTemplate[];
+extern const SEC_ASN1Template ocsp_ResponseDataTemplate[];
+extern const SEC_ASN1Template ocsp_RevokedInfoTemplate[];
+extern const SEC_ASN1Template ocsp_SingleRequestTemplate[];
+extern const SEC_ASN1Template ocsp_SingleResponseTemplate[];
+extern const SEC_ASN1Template ocsp_TBSRequestTemplate[];
+/*
+* Request-related templates...
+*/
+/*
+* OCSPRequest	::=	SEQUENCE {
+*	tbsRequest		TBSRequest,
+*	optionalSignature	[0] EXPLICIT Signature OPTIONAL }
+*/
+static const SEC_ASN1Template ocsp_OCSPRequestTemplate[] = {
+{ SEC_ASN1_SEQUENCE,
+	0, NULL, sizeof(CERTOCSPRequest) },
+{ SEC_ASN1_POINTER,
+	offsetof(CERTOCSPRequest, tbsRequest),
+	ocsp_TBSRequestTemplate },
+{ SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
+SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
+	offsetof(CERTOCSPRequest, optionalSignature),
+	ocsp_PointerToSignatureTemplate },
+{ 0 }
+};
+/*
+* TBSRequest	::=	SEQUENCE {
+*	version			[0] EXPLICIT Version DEFAULT v1,
+*	requestorName		[1] EXPLICIT GeneralName OPTIONAL,
+*	requestList		SEQUENCE OF Request,
+*	requestExtensions	[2] EXPLICIT Extensions OPTIONAL }
+*
+* Version	::=	INTEGER { v1(0) }
+*
+* Note: this should be static but the AIX compiler doesn't like it (because it
+* was forward-declared above); it is not meant to be exported, but this
+* is the only way it will compile.
+*/
+const SEC_ASN1Template ocsp_TBSRequestTemplate[] = {
+{ SEC_ASN1_SEQUENCE,
+	0, NULL, sizeof(ocspTBSRequest) },
+{ SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |		/* XXX DER_DEFAULT */
+SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
+	offsetof(ocspTBSRequest, version),
+	SEC_ASN1_SUB(SEC_IntegerTemplate) },
+{ SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
+SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 1,
+	offsetof(ocspTBSRequest, derRequestorName),
+	SEC_ASN1_SUB(SEC_PointerToAnyTemplate) },
+{ SEC_ASN1_SEQUENCE_OF,
+	offsetof(ocspTBSRequest, requestList),
+	ocsp_SingleRequestTemplate },
+{ SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
+SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 2,
+	offsetof(ocspTBSRequest, requestExtensions),
+	CERT_SequenceOfCertExtensionTemplate },
+{ 0 }
+};
+/*
+* Signature	::=	SEQUENCE {
+*	signatureAlgorithm	AlgorithmIdentifier,
+*	signature		BIT STRING,
+*	certs			[0] EXPLICIT SEQUENCE OF Certificate OPTIONAL }
+*/
+static const SEC_ASN1Template ocsp_SignatureTemplate[] = {
+{ SEC_ASN1_SEQUENCE,
+	0, NULL, sizeof(ocspSignature) },
+{ SEC_ASN1_INLINE | SEC_ASN1_XTRN,
+	offsetof(ocspSignature, signatureAlgorithm),
+	SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
+{ SEC_ASN1_BIT_STRING,
+	offsetof(ocspSignature, signature) },
+{ SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
+SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
+	offsetof(ocspSignature, derCerts),
+	SEC_ASN1_SUB(SEC_SequenceOfAnyTemplate) },
+{ 0 }
+};
+/*
+* This template is just an extra level to use in an explicitly-tagged
+* reference to a Signature.
+*
+* Note: this should be static but the AIX compiler doesn't like it (because it
+* was forward-declared above); it is not meant to be exported, but this
+* is the only way it will compile.
+*/
+const SEC_ASN1Template ocsp_PointerToSignatureTemplate[] = {
+{ SEC_ASN1_POINTER, 0, ocsp_SignatureTemplate }
+};
+/*
+* Request	::=	SEQUENCE {
+*	reqCert			CertID,
+*	singleRequestExtensions	[0] EXPLICIT Extensions OPTIONAL }
+*
+* Note: this should be static but the AIX compiler doesn't like it (because it
+* was forward-declared above); it is not meant to be exported, but this
+* is the only way it will compile.
+*/
+const SEC_ASN1Template ocsp_SingleRequestTemplate[] = {
+{ SEC_ASN1_SEQUENCE,
+	0, NULL, sizeof(ocspSingleRequest) },
+{ SEC_ASN1_POINTER,
+	offsetof(ocspSingleRequest, reqCert),
+	ocsp_CertIDTemplate },
+{ SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
+SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
+	offsetof(ocspSingleRequest, singleRequestExtensions),
+	CERT_SequenceOfCertExtensionTemplate },
+{ 0 }
+};
+/*
+* This data structure and template (CertID) is used by both OCSP
+* requests and responses.  It is the only one that is shared.
+*
+* CertID	::=	SEQUENCE {
+*	hashAlgorithm		AlgorithmIdentifier,
+*	issuerNameHash		OCTET STRING,	-- Hash of Issuer DN
+*	issuerKeyHash		OCTET STRING,	-- Hash of Issuer public key
+*	serialNumber		CertificateSerialNumber }
+*
+* CertificateSerialNumber ::=	INTEGER
+*
+* Note: this should be static but the AIX compiler doesn't like it (because it
+* was forward-declared above); it is not meant to be exported, but this
+* is the only way it will compile.
+*/
+const SEC_ASN1Template ocsp_CertIDTemplate[] = {
+{ SEC_ASN1_SEQUENCE,
+	0, NULL, sizeof(CERTOCSPCertID) },
+{ SEC_ASN1_INLINE | SEC_ASN1_XTRN,
+	offsetof(CERTOCSPCertID, hashAlgorithm),
+	SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
+{ SEC_ASN1_OCTET_STRING,
+	offsetof(CERTOCSPCertID, issuerNameHash) },
+{ SEC_ASN1_OCTET_STRING,
+	offsetof(CERTOCSPCertID, issuerKeyHash) },
+{ SEC_ASN1_INTEGER,
+	offsetof(CERTOCSPCertID, serialNumber) },
+{ 0 }
+};
+/*
+* Response-related templates...
+*/
+/*
+* OCSPResponse	::=	SEQUENCE {
+*	responseStatus		OCSPResponseStatus,
+*	responseBytes		[0] EXPLICIT ResponseBytes OPTIONAL }
+*/
+const SEC_ASN1Template ocsp_OCSPResponseTemplate[] = {
+{ SEC_ASN1_SEQUENCE,
+	0, NULL, sizeof(CERTOCSPResponse) },
+{ SEC_ASN1_ENUMERATED,
+	offsetof(CERTOCSPResponse, responseStatus) },
+{ SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
+SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
+	offsetof(CERTOCSPResponse, responseBytes),
+	ocsp_PointerToResponseBytesTemplate },
+{ 0 }
+};
+/*
+* ResponseBytes	::=	SEQUENCE {
+*	responseType		OBJECT IDENTIFIER,
+*	response		OCTET STRING }
+*/
+const SEC_ASN1Template ocsp_ResponseBytesTemplate[] = {
+{ SEC_ASN1_SEQUENCE,
+	0, NULL, sizeof(ocspResponseBytes) },
+{ SEC_ASN1_OBJECT_ID,
+	offsetof(ocspResponseBytes, responseType) },
+{ SEC_ASN1_OCTET_STRING,
+	offsetof(ocspResponseBytes, response) },
+{ 0 }
+};
+/*
+* This template is just an extra level to use in an explicitly-tagged
+* reference to a ResponseBytes.
+*
+* Note: this should be static but the AIX compiler doesn't like it (because it
+* was forward-declared above); it is not meant to be exported, but this
+* is the only way it will compile.
+*/
+const SEC_ASN1Template ocsp_PointerToResponseBytesTemplate[] = {
+{ SEC_ASN1_POINTER, 0, ocsp_ResponseBytesTemplate }
+};
+/*
+* BasicOCSPResponse	::=	SEQUENCE {
+*	tbsResponseData		ResponseData,
+*	signatureAlgorithm	AlgorithmIdentifier,
+*	signature		BIT STRING,
+*	certs			[0] EXPLICIT SEQUENCE OF Certificate OPTIONAL }
+*/
+static const SEC_ASN1Template ocsp_BasicOCSPResponseTemplate[] = {
+{ SEC_ASN1_SEQUENCE,
+	0, NULL, sizeof(ocspBasicOCSPResponse) },
+{ SEC_ASN1_ANY | SEC_ASN1_SAVE,
+	offsetof(ocspBasicOCSPResponse, tbsResponseDataDER) },
+{ SEC_ASN1_POINTER,
+	offsetof(ocspBasicOCSPResponse, tbsResponseData),
+	ocsp_ResponseDataTemplate },
+{ SEC_ASN1_INLINE | SEC_ASN1_XTRN,
+	offsetof(ocspBasicOCSPResponse, responseSignature.signatureAlgorithm),
+	SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
+{ SEC_ASN1_BIT_STRING,
+	offsetof(ocspBasicOCSPResponse, responseSignature.signature) },
+{ SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
+SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
+	offsetof(ocspBasicOCSPResponse, responseSignature.derCerts),
+	SEC_ASN1_SUB(SEC_SequenceOfAnyTemplate) },
+{ 0 }
+};
+/*
+* ResponseData	::=	SEQUENCE {
+*	version			[0] EXPLICIT Version DEFAULT v1,
+*	responderID		ResponderID,
+*	producedAt		GeneralizedTime,
+*	responses		SEQUENCE OF SingleResponse,
+*	responseExtensions	[1] EXPLICIT Extensions OPTIONAL }
+*
+* Note: this should be static but the AIX compiler doesn't like it (because it
+* was forward-declared above); it is not meant to be exported, but this
+* is the only way it will compile.
+*/
+const SEC_ASN1Template ocsp_ResponseDataTemplate[] = {
+{ SEC_ASN1_SEQUENCE,
+	0, NULL, sizeof(ocspResponseData) },
+{ SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |		/* XXX DER_DEFAULT */
+SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
+	offsetof(ocspResponseData, version),
+	SEC_ASN1_SUB(SEC_IntegerTemplate) },
+{ SEC_ASN1_ANY,
+	offsetof(ocspResponseData, derResponderID) },
+{ SEC_ASN1_GENERALIZED_TIME,
+	offsetof(ocspResponseData, producedAt) },
+{ SEC_ASN1_SEQUENCE_OF,
+	offsetof(ocspResponseData, responses),
+	ocsp_SingleResponseTemplate },
+{ SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
+SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
+	offsetof(ocspResponseData, responseExtensions),
+	CERT_SequenceOfCertExtensionTemplate },
+{ 0 }
+};
+/*
+* ResponderID	::=	CHOICE {
+*	byName			[1] EXPLICIT Name,
+*	byKey			[2] EXPLICIT KeyHash }
+*
+* KeyHash ::=	OCTET STRING -- SHA-1 hash of responder's public key
+* (excluding the tag and length fields)
+*
+* XXX Because the ASN.1 encoder and decoder currently do not provide
+* a way to automatically handle a CHOICE, we need to do it in two
+* steps, looking at the type tag and feeding the exact choice back
+* to the ASN.1 code.  Hopefully that will change someday and this
+* can all be simplified down into a single template.  Anyway, for
+* now we list each choice as its own template:
+*/
+const SEC_ASN1Template ocsp_ResponderIDByNameTemplate[] = {
+{ SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
+	offsetof(ocspResponderID, responderIDValue.name),
+	CERT_NameTemplate }
+};
+const SEC_ASN1Template ocsp_ResponderIDByKeyTemplate[] = {
+{ SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
+SEC_ASN1_XTRN | 2,
+	offsetof(ocspResponderID, responderIDValue.keyHash),
+	SEC_ASN1_SUB(SEC_OctetStringTemplate) }
+};
+static const SEC_ASN1Template ocsp_ResponderIDOtherTemplate[] = {
+{ SEC_ASN1_ANY,
+	offsetof(ocspResponderID, responderIDValue.other) }
+};
+/* Decode choice container, but leave x509 name object encoded */
+static const SEC_ASN1Template ocsp_ResponderIDDerNameTemplate[] = {
+{ SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
+SEC_ASN1_XTRN | 1, 0, SEC_ASN1_SUB(SEC_AnyTemplate) }
+};
+/*
+* SingleResponse	::=	SEQUENCE {
+*	certID			CertID,
+*	certStatus		CertStatus,
+*	thisUpdate		GeneralizedTime,
+*	nextUpdate		[0] EXPLICIT GeneralizedTime OPTIONAL,
+*	singleExtensions	[1] EXPLICIT Extensions OPTIONAL }
+*
+* Note: this should be static but the AIX compiler doesn't like it (because it
+* was forward-declared above); it is not meant to be exported, but this
+* is the only way it will compile.
+*/
+const SEC_ASN1Template ocsp_SingleResponseTemplate[] = {
+{ SEC_ASN1_SEQUENCE,
+	0, NULL, sizeof(CERTOCSPSingleResponse) },
+{ SEC_ASN1_POINTER,
+	offsetof(CERTOCSPSingleResponse, certID),
+	ocsp_CertIDTemplate },
+{ SEC_ASN1_ANY,
+	offsetof(CERTOCSPSingleResponse, derCertStatus) },
+{ SEC_ASN1_GENERALIZED_TIME,
+	offsetof(CERTOCSPSingleResponse, thisUpdate) },
+{ SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
+SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
+	offsetof(CERTOCSPSingleResponse, nextUpdate),
+	SEC_ASN1_SUB(SEC_PointerToGeneralizedTimeTemplate) },
+{ SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
+SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
+	offsetof(CERTOCSPSingleResponse, singleExtensions),
+	CERT_SequenceOfCertExtensionTemplate },
+{ 0 }
+};
+/*
+* CertStatus	::=	CHOICE {
+*	good			[0] IMPLICIT NULL,
+*	revoked			[1] IMPLICIT RevokedInfo,
+*	unknown			[2] IMPLICIT UnknownInfo }
+*
+* Because the ASN.1 encoder and decoder currently do not provide
+* a way to automatically handle a CHOICE, we need to do it in two
+* steps, looking at the type tag and feeding the exact choice back
+* to the ASN.1 code.  Hopefully that will change someday and this
+* can all be simplified down into a single template.  Anyway, for
+* now we list each choice as its own template:
+*/
+static const SEC_ASN1Template ocsp_CertStatusGoodTemplate[] = {
+{ SEC_ASN1_POINTER | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
+	offsetof(ocspCertStatus, certStatusInfo.goodInfo),
+	SEC_ASN1_SUB(SEC_NullTemplate) }
+};
+static const SEC_ASN1Template ocsp_CertStatusRevokedTemplate[] = {
+{ SEC_ASN1_POINTER | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
+	offsetof(ocspCertStatus, certStatusInfo.revokedInfo),
+	ocsp_RevokedInfoTemplate }
+};
+static const SEC_ASN1Template ocsp_CertStatusUnknownTemplate[] = {
+{ SEC_ASN1_POINTER | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 2,
+	offsetof(ocspCertStatus, certStatusInfo.unknownInfo),
+	SEC_ASN1_SUB(SEC_NullTemplate) }
+};
+static const SEC_ASN1Template ocsp_CertStatusOtherTemplate[] = {
+{ SEC_ASN1_POINTER | SEC_ASN1_XTRN,
+	offsetof(ocspCertStatus, certStatusInfo.otherInfo),
+	SEC_ASN1_SUB(SEC_AnyTemplate) }
+};
+/*
+* RevokedInfo	::=	SEQUENCE {
+*	revocationTime		GeneralizedTime,
+*	revocationReason	[0] EXPLICIT CRLReason OPTIONAL }
+*
+* Note: this should be static but the AIX compiler doesn't like it (because it
+* was forward-declared above); it is not meant to be exported, but this
+* is the only way it will compile.
+*/
+const SEC_ASN1Template ocsp_RevokedInfoTemplate[] = {
+{ SEC_ASN1_SEQUENCE,
+	0, NULL, sizeof(ocspRevokedInfo) },
+{ SEC_ASN1_GENERALIZED_TIME,
+	offsetof(ocspRevokedInfo, revocationTime) },
+{ SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
+SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
+SEC_ASN1_XTRN | 0,
+	offsetof(ocspRevokedInfo, revocationReason),
+	SEC_ASN1_SUB(SEC_PointerToEnumeratedTemplate) },
+{ 0 }
+};
+/*
+* OCSP-specific extension templates:
+*/
+/*
+* ServiceLocator	::=	SEQUENCE {
+*	issuer			Name,
+*	locator			AuthorityInfoAccessSyntax OPTIONAL }
+*/
+static const SEC_ASN1Template ocsp_ServiceLocatorTemplate[] = {
+{ SEC_ASN1_SEQUENCE,
+	0, NULL, sizeof(ocspServiceLocator) },
+{ SEC_ASN1_POINTER,
+	offsetof(ocspServiceLocator, issuer),
+	CERT_NameTemplate },
+{ SEC_ASN1_OPTIONAL | SEC_ASN1_ANY,
+	offsetof(ocspServiceLocator, locator) },
+{ 0 }
+};
+/*
+* REQUEST SUPPORT FUNCTIONS (encode/create/decode/destroy):
+*/
+/*
+* FUNCTION: CERT_EncodeOCSPRequest
+*   DER encodes an OCSP Request, possibly adding a signature as well.
+*   XXX Signing is not yet supported, however; see comments in code.
+* INPUTS:
+*   PLArenaPool *arena
+*     The return value is allocated from here.
+*     If a NULL is passed in, allocation is done from the heap instead.
+*   CERTOCSPRequest *request
+*     The request to be encoded.
+*   void *pwArg
+*     Pointer to argument for password prompting, if needed.  (Definitely
+*     not needed if not signing.)
+* RETURN:
+*   Returns a NULL on error and a pointer to the SECItem with the
+*   encoded value otherwise.  Any error is likely to be low-level
+*   (e.g. no memory).
+*/
+SECItem *
+CERT_EncodeOCSPRequest(PLArenaPool *arena, CERTOCSPRequest *request,
+		       void *pwArg)
+{
+SECStatus rv;
+/* XXX All of these should generate errors if they fail. */
+PORT_Assert(request);
+PORT_Assert(request->tbsRequest);
+if (request->tbsRequest->extensionHandle != NULL) {
+	rv = CERT_FinishExtensions(request->tbsRequest->extensionHandle);
+	request->tbsRequest->extensionHandle = NULL;
+	if (rv != SECSuccess)
+	    return NULL;
+}
+/*
+* XXX When signed requests are supported and request->optionalSignature
+* is not NULL:
+*  - need to encode tbsRequest->requestorName
+*  - need to encode tbsRequest
+*  - need to sign that encoded result (using cert in sig), filling in the
+*    request->optionalSignature structure with the result, the signing
+*    algorithm and (perhaps?) the cert (and its chain?) in derCerts
+*/
+return SEC_ASN1EncodeItem(arena, NULL, request, ocsp_OCSPRequestTemplate);
+}
+/*
+* FUNCTION: CERT_DecodeOCSPRequest
+*   Decode a DER encoded OCSP Request.
+* INPUTS:
+*   SECItem *src
+*     Pointer to a SECItem holding DER encoded OCSP Request.
+* RETURN:
+*   Returns a pointer to a CERTOCSPRequest containing the decoded request.
+*   On error, returns NULL.  Most likely error is trouble decoding
+*   (SEC_ERROR_OCSP_MALFORMED_REQUEST), or low-level problem (no memory).
+*/
+CERTOCSPRequest *
+CERT_DecodeOCSPRequest(const SECItem *src)
+{
+PLArenaPool *arena = NULL;
+SECStatus rv = SECFailure;
+CERTOCSPRequest *dest = NULL;
+int i;
+SECItem newSrc;
+arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+if (arena == NULL) {
+	goto loser;
+}
+dest = (CERTOCSPRequest *) PORT_ArenaZAlloc(arena,
+						sizeof(CERTOCSPRequest));
+if (dest == NULL) {
+	goto loser;
+}
+dest->arena = arena;
+/* copy the DER into the arena, since Quick DER returns data that points
+into the DER input, which may get freed by the caller */
+rv = SECITEM_CopyItem(arena, &newSrc, src);
+if ( rv != SECSuccess ) {
+	goto loser;
+}
+rv = SEC_QuickDERDecodeItem(arena, dest, ocsp_OCSPRequestTemplate, &newSrc);
+if (rv != SECSuccess) {
+	if (PORT_GetError() == SEC_ERROR_BAD_DER)
+	    PORT_SetError(SEC_ERROR_OCSP_MALFORMED_REQUEST);
+	goto loser;
+}
+/*
+* XXX I would like to find a way to get rid of the necessity
+* of doing this copying of the arena pointer.
+*/
+for (i = 0; dest->tbsRequest->requestList[i] != NULL; i++) {
+	dest->tbsRequest->requestList[i]->arena = arena;
+}
+return dest;
+loser:
+if (arena != NULL) {
+	PORT_FreeArena(arena, PR_FALSE);
+}
+return NULL;
+}
+SECStatus
+CERT_DestroyOCSPCertID(CERTOCSPCertID* certID)
+{
+if (certID && certID->poolp) {
+	PORT_FreeArena(certID->poolp, PR_FALSE);
+	return SECSuccess;
+}
+PORT_SetError(SEC_ERROR_INVALID_ARGS);
+return SECFailure;
+}
+/*
+* Digest data using the specified algorithm.
+* The necessary storage for the digest data is allocated.  If "fill" is
+* non-null, the data is put there, otherwise a SECItem is allocated.
+* Allocation from "arena" if it is non-null, heap otherwise.  Any problem
+* results in a NULL being returned (and an appropriate error set).
+*/
+SECItem *
+ocsp_DigestValue(PLArenaPool *arena, SECOidTag digestAlg,
+SECItem *fill, const SECItem *src)
+{
+const SECHashObject *digestObject;
+SECItem *result = NULL;
+void *mark = NULL;
+void *digestBuff = NULL;
+if ( arena != NULL ) {
+mark = PORT_ArenaMark(arena);
+}
+digestObject = HASH_GetHashObjectByOidTag(digestAlg);
+if ( digestObject == NULL ) {
+goto loser;
+}
+if (fill == NULL || fill->data == NULL) {
+	result = SECITEM_AllocItem(arena, fill, digestObject->length);
+	if ( result == NULL ) {
+	   goto loser;
+	}
+	digestBuff = result->data;
+} else {
+	if (fill->len < digestObject->length) {
+	    PORT_SetError(SEC_ERROR_INVALID_ARGS);
+	    goto loser;
+	}
+	digestBuff = fill->data;
+}
+if (PK11_HashBuf(digestAlg, digestBuff,
+src->data, src->len) != SECSuccess) {
+goto loser;
+}
+if ( arena != NULL ) {
+PORT_ArenaUnmark(arena, mark);
+}
+if (result == NULL) {
+result = fill;
+}
+return result;
+loser:
+if (arena != NULL) {
+PORT_ArenaRelease(arena, mark);
+} else {
+if (result != NULL) {
+SECITEM_FreeItem(result, (fill == NULL) ? PR_TRUE : PR_FALSE);
+}
+}
+return(NULL);
+}
+/*
+* Digest the cert's subject public key using the specified algorithm.
+* The necessary storage for the digest data is allocated.  If "fill" is
+* non-null, the data is put there, otherwise a SECItem is allocated.
+* Allocation from "arena" if it is non-null, heap otherwise.  Any problem
+* results in a NULL being returned (and an appropriate error set).
+*/
+SECItem *
+CERT_GetSubjectPublicKeyDigest(PLArenaPool *arena, const CERTCertificate *cert,
+SECOidTag digestAlg, SECItem *fill)
+{
+SECItem spk;
+/*
+* Copy just the length and data pointer (nothing needs to be freed)
+* of the subject public key so we can convert the length from bits
+* to bytes, which is what the digest function expects.
+*/
+spk = cert->subjectPublicKeyInfo.subjectPublicKey;
+DER_ConvertBitString(&spk);
+return ocsp_DigestValue(arena, digestAlg, fill, &spk);
+}
+/*
+* Digest the cert's subject name using the specified algorithm.
+*/
+SECItem *
+CERT_GetSubjectNameDigest(PLArenaPool *arena, const CERTCertificate *cert,
+SECOidTag digestAlg, SECItem *fill)
+{
+SECItem name;
+/*
+* Copy just the length and data pointer (nothing needs to be freed)
+* of the subject name
+*/
+name = cert->derSubject;
+return ocsp_DigestValue(arena, digestAlg, fill, &name);
+}
+/*
+* Create and fill-in a CertID.  This function fills in the hash values
+* (issuerNameHash and issuerKeyHash), and is hardwired to use SHA1.
+* Someday it might need to be more flexible about hash algorithm, but
+* for now we have no intention/need to create anything else.
+*
+* Error causes a null to be returned; most likely cause is trouble
+* finding the certificate issuer (SEC_ERROR_UNKNOWN_ISSUER).
+* Other errors are low-level problems (no memory, bad database, etc.).
+*/
+static CERTOCSPCertID *
+ocsp_CreateCertID(PLArenaPool *arena, CERTCertificate *cert, PRTime time)
+{
+CERTOCSPCertID *certID;
+CERTCertificate *issuerCert = NULL;
+void *mark = PORT_ArenaMark(arena);
+SECStatus rv;
+PORT_Assert(arena != NULL);
+certID = PORT_ArenaZNew(arena, CERTOCSPCertID);
+if (certID == NULL) {
+	goto loser;
+}
+rv = SECOID_SetAlgorithmID(arena, &certID->hashAlgorithm, SEC_OID_SHA1,
+			       NULL);
+if (rv != SECSuccess) {
+	goto loser;
+}
+issuerCert = CERT_FindCertIssuer(cert, time, certUsageAnyCA);
+if (issuerCert == NULL) {
+	goto loser;
+}
+if (CERT_GetSubjectNameDigest(arena, issuerCert, SEC_OID_SHA1,
+&(certID->issuerNameHash)) == NULL) {
+goto loser;
+}
+certID->issuerSHA1NameHash.data = certID->issuerNameHash.data;
+certID->issuerSHA1NameHash.len = certID->issuerNameHash.len;
+if (CERT_GetSubjectNameDigest(arena, issuerCert, SEC_OID_MD5,
+&(certID->issuerMD5NameHash)) == NULL) {
+goto loser;
+}
+if (CERT_GetSubjectNameDigest(arena, issuerCert, SEC_OID_MD2,
+&(certID->issuerMD2NameHash)) == NULL) {
+goto loser;
+}
+if (CERT_GetSubjectPublicKeyDigest(arena, issuerCert, SEC_OID_SHA1,
+				       &certID->issuerKeyHash) == NULL) {
+	goto loser;
+}
+certID->issuerSHA1KeyHash.data = certID->issuerKeyHash.data;
+certID->issuerSHA1KeyHash.len = certID->issuerKeyHash.len;
+/* cache the other two hash algorithms as well */
+if (CERT_GetSubjectPublicKeyDigest(arena, issuerCert, SEC_OID_MD5,
+				       &certID->issuerMD5KeyHash) == NULL) {
+	goto loser;
+}
+if (CERT_GetSubjectPublicKeyDigest(arena, issuerCert, SEC_OID_MD2,
+				       &certID->issuerMD2KeyHash) == NULL) {
+	goto loser;
+}
+/* now we are done with issuerCert */
+CERT_DestroyCertificate(issuerCert);
+issuerCert = NULL;
+rv = SECITEM_CopyItem(arena, &certID->serialNumber, &cert->serialNumber);
+if (rv != SECSuccess) {
+	goto loser;
+}
+PORT_ArenaUnmark(arena, mark);
+return certID;
+loser:
+if (issuerCert != NULL) {
+	CERT_DestroyCertificate(issuerCert);
+}
+PORT_ArenaRelease(arena, mark);
+return NULL;
+}
+CERTOCSPCertID*
+CERT_CreateOCSPCertID(CERTCertificate *cert, PRTime time)
+{
+PLArenaPool *arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+CERTOCSPCertID *certID;
+PORT_Assert(arena != NULL);
+if (!arena)
+	return NULL;
+certID = ocsp_CreateCertID(arena, cert, time);
+if (!certID) {
+	PORT_FreeArena(arena, PR_FALSE);
+	return NULL;
+}
+certID->poolp = arena;
+return certID;
+}
+static CERTOCSPCertID *
+cert_DupOCSPCertID(const CERTOCSPCertID *src)
+{
+CERTOCSPCertID *dest;
+PLArenaPool *arena = NULL;
+if (!src) {
+PORT_SetError(SEC_ERROR_INVALID_ARGS);
+return NULL;
+}
+arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+if (!arena)
+goto loser;
+dest = PORT_ArenaZNew(arena, CERTOCSPCertID);
+if (!dest)
+goto loser;
+#define DUPHELP(element) \
+if (src->element.data && \
+SECITEM_CopyItem(arena, &dest->element, &src->element) \
+!= SECSuccess) { \
+goto loser; \
+}
+DUPHELP(hashAlgorithm.algorithm)
+DUPHELP(hashAlgorithm.parameters)
+DUPHELP(issuerNameHash)
+DUPHELP(issuerKeyHash)
+DUPHELP(serialNumber)
+DUPHELP(issuerSHA1NameHash)
+DUPHELP(issuerMD5NameHash)
+DUPHELP(issuerMD2NameHash)
+DUPHELP(issuerSHA1KeyHash)
+DUPHELP(issuerMD5KeyHash)
+DUPHELP(issuerMD2KeyHash)
+dest->poolp = arena;
+return dest;
+loser:
+if (arena)
+PORT_FreeArena(arena, PR_FALSE);
+PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
+return NULL;
+}
+/*
+* Callback to set Extensions in request object
+*/
+void SetSingleReqExts(void *object, CERTCertExtension **exts)
+{
+ocspSingleRequest *singleRequest =
+(ocspSingleRequest *)object;
+singleRequest->singleRequestExtensions = exts;
+}
+/*
+* Add the Service Locator extension to the singleRequestExtensions
+* for the given singleRequest.
+*
+* All errors are internal or low-level problems (e.g. no memory).
+*/
+static SECStatus
+ocsp_AddServiceLocatorExtension(ocspSingleRequest *singleRequest,
+				CERTCertificate *cert)
+{
+ocspServiceLocator *serviceLocator = NULL;
+void *extensionHandle = NULL;
+SECStatus rv = SECFailure;
+serviceLocator = PORT_ZNew(ocspServiceLocator);
+if (serviceLocator == NULL)
+	goto loser;
+/*
+* Normally it would be a bad idea to do a direct reference like
+* this rather than allocate and copy the name *or* at least dup
+* a reference of the cert.  But all we need is to be able to read
+* the issuer name during the encoding we are about to do, so a
+* copy is just a waste of time.
+*/
+serviceLocator->issuer = &cert->issuer;
+rv = CERT_FindCertExtension(cert, SEC_OID_X509_AUTH_INFO_ACCESS,
+				&serviceLocator->locator);
+if (rv != SECSuccess) {
+	if (PORT_GetError() != SEC_ERROR_EXTENSION_NOT_FOUND)
+	    goto loser;
+}
+/* prepare for following loser gotos */
+rv = SECFailure;
+PORT_SetError(0);
+extensionHandle = cert_StartExtensions(singleRequest,
+singleRequest->arena, SetSingleReqExts);
+if (extensionHandle == NULL)
+	goto loser;
+rv = CERT_EncodeAndAddExtension(extensionHandle,
+				    SEC_OID_PKIX_OCSP_SERVICE_LOCATOR,
+				    serviceLocator, PR_FALSE,
+				    ocsp_ServiceLocatorTemplate);
+loser:
+if (extensionHandle != NULL) {
+	/*
+	 * Either way we have to finish out the extension context (so it gets
+	 * freed).  But careful not to override any already-set bad status.
+	 */
+	SECStatus tmprv = CERT_FinishExtensions(extensionHandle);
+	if (rv == SECSuccess)
+	    rv = tmprv;
+}
+/*
+* Finally, free the serviceLocator structure itself and we are done.
+*/
+if (serviceLocator != NULL) {
+	if (serviceLocator->locator.data != NULL)
+	    SECITEM_FreeItem(&serviceLocator->locator, PR_FALSE);
+	PORT_Free(serviceLocator);
+}
+return rv;
+}
+/*
+* Creates an array of ocspSingleRequest based on a list of certs.
+* Note that the code which later compares the request list with the
+* response expects this array to be in the exact same order as the
+* certs are found in the list.  It would be harder to change that
+* order than preserve it, but since the requirement is not obvious,
+* it deserves to be mentioned.
+*
+* Any problem causes a null return and error set:
+*      SEC_ERROR_UNKNOWN_ISSUER
+* Other errors are low-level problems (no memory, bad database, etc.).
+*/
+static ocspSingleRequest **
+ocsp_CreateSingleRequestList(PLArenaPool *arena, CERTCertList *certList,
+PRTime time, PRBool includeLocator)
+{
+ocspSingleRequest **requestList = NULL;
+CERTCertListNode *node = NULL;
+int i, count;
+void *mark = PORT_ArenaMark(arena);
+node = CERT_LIST_HEAD(certList);
+for (count = 0; !CERT_LIST_END(node, certList); count++) {
+node = CERT_LIST_NEXT(node);
+}
+if (count == 0)
+	goto loser;
+requestList = PORT_ArenaNewArray(arena, ocspSingleRequest *, count + 1);
+if (requestList == NULL)
+	goto loser;
+node = CERT_LIST_HEAD(certList);
+for (i = 0; !CERT_LIST_END(node, certList); i++) {
+requestList[i] = PORT_ArenaZNew(arena, ocspSingleRequest);
+if (requestList[i] == NULL)
+goto loser;
+OCSP_TRACE(("OCSP CERT_CreateOCSPRequest %s\n", node->cert->subjectName));
+requestList[i]->arena = arena;
+requestList[i]->reqCert = ocsp_CreateCertID(arena, node->cert, time);
+if (requestList[i]->reqCert == NULL)
+goto loser;
+if (includeLocator == PR_TRUE) {
+SECStatus rv;
+rv = ocsp_AddServiceLocatorExtension(requestList[i], node->cert);
+if (rv != SECSuccess)
+goto loser;
+}
+node = CERT_LIST_NEXT(node);
+}
+PORT_Assert(i == count);
+PORT_ArenaUnmark(arena, mark);
+requestList[i] = NULL;
+return requestList;
+loser:
+PORT_ArenaRelease(arena, mark);
+return NULL;
+}
+static ocspSingleRequest **
+ocsp_CreateRequestFromCert(PLArenaPool *arena,
+CERTOCSPCertID *certID,
+CERTCertificate *singleCert,
+PRTime time,
+PRBool includeLocator)
+{
+ocspSingleRequest **requestList = NULL;
+void *mark = PORT_ArenaMark(arena);
+PORT_Assert(certID != NULL && singleCert != NULL);
+/* meaning of value 2: one entry + one end marker */
+requestList = PORT_ArenaNewArray(arena, ocspSingleRequest *, 2);
+if (requestList == NULL)
+goto loser;
+requestList[0] = PORT_ArenaZNew(arena, ocspSingleRequest);
+if (requestList[0] == NULL)
+goto loser;
+requestList[0]->arena = arena;
+/* certID will live longer than the request */
+requestList[0]->reqCert = certID;
+if (includeLocator == PR_TRUE) {
+SECStatus rv;
+rv = ocsp_AddServiceLocatorExtension(requestList[0], singleCert);
+if (rv != SECSuccess)
+goto loser;
+}
+PORT_ArenaUnmark(arena, mark);
+requestList[1] = NULL;
+return requestList;
+loser:
+PORT_ArenaRelease(arena, mark);
+return NULL;
+}
+static CERTOCSPRequest *
+ocsp_prepareEmptyOCSPRequest(void)
+{
+PLArenaPool *arena = NULL;
+CERTOCSPRequest *request = NULL;
+ocspTBSRequest *tbsRequest = NULL;
+arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+if (arena == NULL) {
+goto loser;
+}
+request = PORT_ArenaZNew(arena, CERTOCSPRequest);
+if (request == NULL) {
+goto loser;
+}
+request->arena = arena;
+tbsRequest = PORT_ArenaZNew(arena, ocspTBSRequest);
+if (tbsRequest == NULL) {
+goto loser;
+}
+request->tbsRequest = tbsRequest;
+/* version 1 is the default, so we need not fill in a version number */
+return request;
+loser:
+if (arena != NULL) {
+PORT_FreeArena(arena, PR_FALSE);
+}
+return NULL;
+}
+CERTOCSPRequest *
+cert_CreateSingleCertOCSPRequest(CERTOCSPCertID *certID,
+CERTCertificate *singleCert,
+PRTime time,
+PRBool addServiceLocator,
+CERTCertificate *signerCert)
+{
+CERTOCSPRequest *request;
+OCSP_TRACE(("OCSP cert_CreateSingleCertOCSPRequest %s\n", singleCert->subjectName));
+/* XXX Support for signerCert may be implemented later,
+* see also the comment in CERT_CreateOCSPRequest.
+*/
+if (signerCert != NULL) {
+PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
+return NULL;
+}
+request = ocsp_prepareEmptyOCSPRequest();
+if (!request)
+return NULL;
+/*
+* Version 1 is the default, so we need not fill in a version number.
+* Now create the list of single requests, one for each cert.
+*/
+request->tbsRequest->requestList =
+ocsp_CreateRequestFromCert(request->arena,
+certID,
+singleCert,
+time,
+addServiceLocator);
+if (request->tbsRequest->requestList == NULL) {
+PORT_FreeArena(request->arena, PR_FALSE);
+return NULL;
+}
+return request;
+}
+/*
+* FUNCTION: CERT_CreateOCSPRequest
+*   Creates a CERTOCSPRequest, requesting the status of the certs in
+*   the given list.
+* INPUTS:
+*   CERTCertList *certList
+*     A list of certs for which status will be requested.
+*     Note that all of these certificates should have the same issuer,
+*     or it's expected the response will be signed by a trusted responder.
+*     If the certs need to be broken up into multiple requests, that
+*     must be handled by the caller (and thus by having multiple calls
+*     to this routine), who knows about where the request(s) are being
+*     sent and whether there are any trusted responders in place.
+*   PRTime time
+*     Indicates the time for which the certificate status is to be
+*     determined -- this may be used in the search for the cert's issuer
+*     but has no effect on the request itself.
+*   PRBool addServiceLocator
+*     If true, the Service Locator extension should be added to the
+*     single request(s) for each cert.
+*   CERTCertificate *signerCert
+*     If non-NULL, means sign the request using this cert.  Otherwise,
+*     do not sign.
+*     XXX note that request signing is not yet supported; see comment in code
+* RETURN:
+*   A pointer to a CERTOCSPRequest structure containing an OCSP request
+*   for the cert list.  On error, null is returned, with an error set
+*   indicating the reason.  This is likely SEC_ERROR_UNKNOWN_ISSUER.
+*   (The issuer is needed to create a request for the certificate.)
+*   Other errors are low-level problems (no memory, bad database, etc.).
+*/
+CERTOCSPRequest *
+CERT_CreateOCSPRequest(CERTCertList *certList, PRTime time,
+		       PRBool addServiceLocator,
+		       CERTCertificate *signerCert)
+{
+CERTOCSPRequest *request = NULL;
+if (!certList) {
+PORT_SetError(SEC_ERROR_INVALID_ARGS);
+return NULL;
+}
+/*
+* XXX When we are prepared to put signing of requests back in,
+* we will need to allocate a signature
+* structure for the request, fill in the "derCerts" field in it,
+* save the signerCert there, as well as fill in the "requestorName"
+* field of the tbsRequest.
+*/
+if (signerCert != NULL) {
+PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
+return NULL;
+}
+request = ocsp_prepareEmptyOCSPRequest();
+if (!request)
+return NULL;
+/*
+* Now create the list of single requests, one for each cert.
+*/
+request->tbsRequest->requestList =
+ocsp_CreateSingleRequestList(request->arena,
+certList,
+time,
+addServiceLocator);
+if (request->tbsRequest->requestList == NULL) {
+PORT_FreeArena(request->arena, PR_FALSE);
+return NULL;
+}
+return request;
+}
+/*
+* FUNCTION: CERT_AddOCSPAcceptableResponses
+*   Add the AcceptableResponses extension to an OCSP Request.
+* INPUTS:
+*   CERTOCSPRequest *request
+*     The request to which the extension should be added.
+*   ...
+*     A list (of one or more) of SECOidTag -- each of the response types
+*     to be added.  The last OID *must* be SEC_OID_PKIX_OCSP_BASIC_RESPONSE.
+*     (This marks the end of the list, and it must be specified because a
+*     client conforming to the OCSP standard is required to handle the basic
+*     response type.)  The OIDs are not checked in any way.
+* RETURN:
+*   SECSuccess if the extension is added; SECFailure if anything goes wrong.
+*   All errors are internal or low-level problems (e.g. no memory).
+*/
+void SetRequestExts(void *object, CERTCertExtension **exts)
+{
+CERTOCSPRequest *request = (CERTOCSPRequest *)object;
+request->tbsRequest->requestExtensions = exts;
+}
+SECStatus
+CERT_AddOCSPAcceptableResponses(CERTOCSPRequest *request,
+				SECOidTag responseType0, ...)
+{
+void *extHandle;
+va_list ap;
+int i, count;
+SECOidTag responseType;
+SECOidData *responseOid;
+SECItem **acceptableResponses = NULL;
+SECStatus rv = SECFailure;
+extHandle = request->tbsRequest->extensionHandle;
+if (extHandle == NULL) {
+	extHandle = cert_StartExtensions(request, request->arena, SetRequestExts);
+	if (extHandle == NULL)
+	    goto loser;
+}
+/* Count number of OIDS going into the extension value. */
+count = 1;
+if (responseType0 != SEC_OID_PKIX_OCSP_BASIC_RESPONSE) {
+	va_start(ap, responseType0);
+	do {
+	    count++;
+	    responseType = va_arg(ap, SECOidTag);
+	} while (responseType != SEC_OID_PKIX_OCSP_BASIC_RESPONSE);
+	va_end(ap);
+}
+acceptableResponses = PORT_NewArray(SECItem *, count + 1);
+if (acceptableResponses == NULL)
+	goto loser;
+i = 0;
+responseOid = SECOID_FindOIDByTag(responseType0);
+acceptableResponses[i++] = &(responseOid->oid);
+if (count > 1) {
+	va_start(ap, responseType0);
+	for ( ; i < count; i++) {
+	    responseType = va_arg(ap, SECOidTag);
+	    responseOid = SECOID_FindOIDByTag(responseType);
+	    acceptableResponses[i] = &(responseOid->oid);
+	}
+	va_end(ap);
+}
+acceptableResponses[i] = NULL;
+rv = CERT_EncodeAndAddExtension(extHandle, SEC_OID_PKIX_OCSP_RESPONSE,
+&acceptableResponses, PR_FALSE,
+SEC_ASN1_GET(SEC_SequenceOfObjectIDTemplate));
+if (rv != SECSuccess)
+	goto loser;
+PORT_Free(acceptableResponses);
+if (request->tbsRequest->extensionHandle == NULL)
+	request->tbsRequest->extensionHandle = extHandle;
+return SECSuccess;
+loser:
+if (acceptableResponses != NULL)
+	PORT_Free(acceptableResponses);
+if (extHandle != NULL)
+	(void) CERT_FinishExtensions(extHandle);
+return rv;
+}
+/*
+* FUNCTION: CERT_DestroyOCSPRequest
+*   Frees an OCSP Request structure.
+* INPUTS:
+*   CERTOCSPRequest *request
+*     Pointer to CERTOCSPRequest to be freed.
+* RETURN:
+*   No return value; no errors.
+*/
+void
+CERT_DestroyOCSPRequest(CERTOCSPRequest *request)
+{
+if (request == NULL)
+	return;
+if (request->tbsRequest != NULL) {
+	if (request->tbsRequest->requestorName != NULL)
+	    CERT_DestroyGeneralNameList(request->tbsRequest->requestorName);
+	if (request->tbsRequest->extensionHandle != NULL)
+	    (void) CERT_FinishExtensions(request->tbsRequest->extensionHandle);
+}
+if (request->optionalSignature != NULL) {
+	if (request->optionalSignature->cert != NULL)
+	    CERT_DestroyCertificate(request->optionalSignature->cert);
+	/*
+	 * XXX Need to free derCerts?  Or do they come out of arena?
+	 * (Currently we never fill in derCerts, which is why the
+	 * answer is not obvious.  Once we do, add any necessary code
+	 * here and remove this comment.)
+	 */
+}
+/*
+* We should actually never have a request without an arena,
+* but check just in case.  (If there isn't one, there is not
+* much we can do about it...)
+*/
+PORT_Assert(request->arena != NULL);
+if (request->arena != NULL)
+	PORT_FreeArena(request->arena, PR_FALSE);
+}
+/*
+* RESPONSE SUPPORT FUNCTIONS (encode/create/decode/destroy):
+*/
+/*
+* Helper function for encoding or decoding a ResponderID -- based on the
+* given type, return the associated template for that choice.
+*/
+static const SEC_ASN1Template *
+ocsp_ResponderIDTemplateByType(CERTOCSPResponderIDType responderIDType)
+{
+const SEC_ASN1Template *responderIDTemplate;
+switch (responderIDType) {
+	case ocspResponderID_byName:
+	    responderIDTemplate = ocsp_ResponderIDByNameTemplate;
+	    break;
+	case ocspResponderID_byKey:
+	    responderIDTemplate = ocsp_ResponderIDByKeyTemplate;
+	    break;
+	case ocspResponderID_other:
+	default:
+	    PORT_Assert(responderIDType == ocspResponderID_other);
+	    responderIDTemplate = ocsp_ResponderIDOtherTemplate;
+	    break;
+}
+return responderIDTemplate;
+}
+/*
+* Helper function for encoding or decoding a CertStatus -- based on the
+* given type, return the associated template for that choice.
+*/
+static const SEC_ASN1Template *
+ocsp_CertStatusTemplateByType(ocspCertStatusType certStatusType)
+{
+const SEC_ASN1Template *certStatusTemplate;
+switch (certStatusType) {
+	case ocspCertStatus_good:
+	    certStatusTemplate = ocsp_CertStatusGoodTemplate;
+	    break;
+	case ocspCertStatus_revoked:
+	    certStatusTemplate = ocsp_CertStatusRevokedTemplate;
+	    break;
+	case ocspCertStatus_unknown:
+	    certStatusTemplate = ocsp_CertStatusUnknownTemplate;
+	    break;
+	case ocspCertStatus_other:
+	default:
+	    PORT_Assert(certStatusType == ocspCertStatus_other);
+	    certStatusTemplate = ocsp_CertStatusOtherTemplate;
+	    break;
+}
+return certStatusTemplate;
+}
+/*
+* Helper function for decoding a certStatus -- turn the actual DER tag
+* into our local translation.
+*/
+static ocspCertStatusType
+ocsp_CertStatusTypeByTag(int derTag)
+{
+ocspCertStatusType certStatusType;
+switch (derTag) {
+	case 0:
+	    certStatusType = ocspCertStatus_good;
+	    break;
+	case 1:
+	    certStatusType = ocspCertStatus_revoked;
+	    break;
+	case 2:
+	    certStatusType = ocspCertStatus_unknown;
+	    break;
+	default:
+	    certStatusType = ocspCertStatus_other;
+	    break;
+}
+return certStatusType;
+}
+/*
+* Helper function for decoding SingleResponses -- they each contain
+* a status which is encoded as CHOICE, which needs to be decoded "by hand".
+*
+* Note -- on error, this routine does not release the memory it may
+* have allocated; it expects its caller to do that.
+*/
+static SECStatus
+ocsp_FinishDecodingSingleResponses(PLArenaPool *reqArena,
+				   CERTOCSPSingleResponse **responses)
+{
+ocspCertStatus *certStatus;
+ocspCertStatusType certStatusType;
+const SEC_ASN1Template *certStatusTemplate;
+int derTag;
+int i;
+SECStatus rv = SECFailure;
+if (!reqArena) {
+PORT_SetError(SEC_ERROR_INVALID_ARGS);
+return SECFailure;
+}
+if (responses == NULL)			/* nothing to do */
+	return SECSuccess;
+for (i = 0; responses[i] != NULL; i++) {
+SECItem* newStatus;
+	/*
+	 * The following assert points out internal errors (problems in
+	 * the template definitions or in the ASN.1 decoder itself, etc.).
+	 */
+	PORT_Assert(responses[i]->derCertStatus.data != NULL);
+	derTag = responses[i]->derCertStatus.data[0] & SEC_ASN1_TAGNUM_MASK;
+	certStatusType = ocsp_CertStatusTypeByTag(derTag);
+	certStatusTemplate = ocsp_CertStatusTemplateByType(certStatusType);
+	certStatus = PORT_ArenaZAlloc(reqArena, sizeof(ocspCertStatus));
+	if (certStatus == NULL) {
+	    goto loser;
+	}
+newStatus = SECITEM_ArenaDupItem(reqArena, &responses[i]->derCertStatus);
+if (!newStatus) {
+goto loser;
+}
+	rv = SEC_QuickDERDecodeItem(reqArena, certStatus, certStatusTemplate,
+				newStatus);
+	if (rv != SECSuccess) {
+	    if (PORT_GetError() == SEC_ERROR_BAD_DER)
+		PORT_SetError(SEC_ERROR_OCSP_MALFORMED_RESPONSE);
+	    goto loser;
+	}
+	certStatus->certStatusType = certStatusType;
+	responses[i]->certStatus = certStatus;
+}
+return SECSuccess;
+loser:
+return rv;
+}
+/*
+* Helper function for decoding a responderID -- turn the actual DER tag
+* into our local translation.
+*/
+static CERTOCSPResponderIDType
+ocsp_ResponderIDTypeByTag(int derTag)
+{
+CERTOCSPResponderIDType responderIDType;
+switch (derTag) {
+	case 1:
+	    responderIDType = ocspResponderID_byName;
+	    break;
+	case 2:
+	    responderIDType = ocspResponderID_byKey;
+	    break;
+	default:
+	    responderIDType = ocspResponderID_other;
+	    break;
+}
+return responderIDType;
+}
+/*
+* Decode "src" as a BasicOCSPResponse, returning the result.
+*/
+static ocspBasicOCSPResponse *
+ocsp_DecodeBasicOCSPResponse(PLArenaPool *arena, SECItem *src)
+{
+void *mark;
+ocspBasicOCSPResponse *basicResponse;
+ocspResponseData *responseData;
+ocspResponderID *responderID;
+CERTOCSPResponderIDType responderIDType;
+const SEC_ASN1Template *responderIDTemplate;
+int derTag;
+SECStatus rv;
+SECItem newsrc;
+mark = PORT_ArenaMark(arena);
+basicResponse = PORT_ArenaZAlloc(arena, sizeof(ocspBasicOCSPResponse));
+if (basicResponse == NULL) {
+	goto loser;
+}
+/* copy the DER into the arena, since Quick DER returns data that points
+into the DER input, which may get freed by the caller */
+rv = SECITEM_CopyItem(arena, &newsrc, src);
+if ( rv != SECSuccess ) {
+	goto loser;
+}
+rv = SEC_QuickDERDecodeItem(arena, basicResponse,
+			    ocsp_BasicOCSPResponseTemplate, &newsrc);
+if (rv != SECSuccess) {
+	if (PORT_GetError() == SEC_ERROR_BAD_DER)
+	    PORT_SetError(SEC_ERROR_OCSP_MALFORMED_RESPONSE);
+	goto loser;
+}
+responseData = basicResponse->tbsResponseData;
+/*
+* The following asserts point out internal errors (problems in
+* the template definitions or in the ASN.1 decoder itself, etc.).
+*/
+PORT_Assert(responseData != NULL);
+PORT_Assert(responseData->derResponderID.data != NULL);
+/*
+* XXX Because responderID is a CHOICE, which is not currently handled
+* by our ASN.1 decoder, we have to decode it "by hand".
+*/
+derTag = responseData->derResponderID.data[0] & SEC_ASN1_TAGNUM_MASK;
+responderIDType = ocsp_ResponderIDTypeByTag(derTag);
+responderIDTemplate = ocsp_ResponderIDTemplateByType(responderIDType);
+responderID = PORT_ArenaZAlloc(arena, sizeof(ocspResponderID));
+if (responderID == NULL) {
+	goto loser;
+}
+rv = SEC_QuickDERDecodeItem(arena, responderID, responderIDTemplate,
+			    &responseData->derResponderID);
+if (rv != SECSuccess) {
+	if (PORT_GetError() == SEC_ERROR_BAD_DER)
+	    PORT_SetError(SEC_ERROR_OCSP_MALFORMED_RESPONSE);
+	goto loser;
+}
+responderID->responderIDType = responderIDType;
+responseData->responderID = responderID;
+/*
+* XXX Each SingleResponse also contains a CHOICE, which has to be
+* fixed up by hand.
+*/
+rv = ocsp_FinishDecodingSingleResponses(arena, responseData->responses);
+if (rv != SECSuccess) {
+	goto loser;
+}
+PORT_ArenaUnmark(arena, mark);
+return basicResponse;
+loser:
+PORT_ArenaRelease(arena, mark);
+return NULL;
+}
+/*
+* Decode the responseBytes based on the responseType found in "rbytes",
+* leaving the resulting translated/decoded information in there as well.
+*/
+static SECStatus
+ocsp_DecodeResponseBytes(PLArenaPool *arena, ocspResponseBytes *rbytes)
+{
+if (rbytes == NULL) {
+	PORT_SetError(SEC_ERROR_OCSP_UNKNOWN_RESPONSE_TYPE);
+	return SECFailure;
+}
+rbytes->responseTypeTag = SECOID_FindOIDTag(&rbytes->responseType);
+switch (rbytes->responseTypeTag) {
+	case SEC_OID_PKIX_OCSP_BASIC_RESPONSE:
+	    {
+		ocspBasicOCSPResponse *basicResponse;
+		basicResponse = ocsp_DecodeBasicOCSPResponse(arena,
+							     &rbytes->response);
+		if (basicResponse == NULL)
+		    return SECFailure;
+		rbytes->decodedResponse.basic = basicResponse;
+	    }
+	    break;
+	/*
+	 * Add new/future response types here.
+	 */
+	default:
+	    PORT_SetError(SEC_ERROR_OCSP_UNKNOWN_RESPONSE_TYPE);
+	    return SECFailure;
+}
+return SECSuccess;
+}
+/*
+* FUNCTION: CERT_DecodeOCSPResponse
+*   Decode a DER encoded OCSP Response.
+* INPUTS:
+*   SECItem *src
+*     Pointer to a SECItem holding DER encoded OCSP Response.
+* RETURN:
+*   Returns a pointer to a CERTOCSPResponse (the decoded OCSP Response);
+*   the caller is responsible for destroying it.  Or NULL if error (either
+*   response could not be decoded (SEC_ERROR_OCSP_MALFORMED_RESPONSE),
+*   it was of an unexpected type (SEC_ERROR_OCSP_UNKNOWN_RESPONSE_TYPE),
+*   or a low-level or internal error occurred).
+*/
+CERTOCSPResponse *
+CERT_DecodeOCSPResponse(const SECItem *src)
+{
+PLArenaPool *arena = NULL;
+CERTOCSPResponse *response = NULL;
+SECStatus rv = SECFailure;
+ocspResponseStatus sv;
+SECItem newSrc;
+arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+if (arena == NULL) {
+	goto loser;
+}
+response = (CERTOCSPResponse *) PORT_ArenaZAlloc(arena,
+						     sizeof(CERTOCSPResponse));
+if (response == NULL) {
+	goto loser;
+}
+response->arena = arena;
+/* copy the DER into the arena, since Quick DER returns data that points
+into the DER input, which may get freed by the caller */
+rv = SECITEM_CopyItem(arena, &newSrc, src);
+if ( rv != SECSuccess ) {
+	goto loser;
+}
+rv = SEC_QuickDERDecodeItem(arena, response, ocsp_OCSPResponseTemplate, &newSrc);
+if (rv != SECSuccess) {
+	if (PORT_GetError() == SEC_ERROR_BAD_DER)
+	    PORT_SetError(SEC_ERROR_OCSP_MALFORMED_RESPONSE);
+	goto loser;
+}
+sv = (ocspResponseStatus) DER_GetInteger(&response->responseStatus);
+response->statusValue = sv;
+if (sv != ocspResponse_successful) {
+	/*
+	 * If the response status is anything but successful, then we
+	 * are all done with decoding; the status is all there is.
+	 */
+	return response;
+}
+/*
+* A successful response contains much more information, still encoded.
+* Now we need to decode that.
+*/
+rv = ocsp_DecodeResponseBytes(arena, response->responseBytes);
+if (rv != SECSuccess) {
+	goto loser;
+}
+return response;
+loser:
+if (arena != NULL) {
+	PORT_FreeArena(arena, PR_FALSE);
+}
+return NULL;
+}
+/*
+* The way an OCSPResponse is defined, there are many levels to descend
+* before getting to the actual response information.  And along the way
+* we need to check that the response *type* is recognizable, which for
+* now means that it is a BasicOCSPResponse, because that is the only
+* type currently defined.  Rather than force all routines to perform
+* a bunch of sanity checking every time they want to work on a response,
+* this function isolates that and gives back the interesting part.
+* Note that no copying is done, this just returns a pointer into the
+* substructure of the response which is passed in.
+*
+* XXX This routine only works when a valid response structure is passed
+* into it; this is checked with many assertions.  Assuming the response
+* was creating by decoding, it wouldn't make it this far without being
+* okay.  That is a sufficient assumption since the entire OCSP interface
+* is only used internally.  When this interface is officially exported,
+* each assertion below will need to be followed-up with setting an error
+* and returning (null).
+*
+* FUNCTION: ocsp_GetResponseData
+*   Returns ocspResponseData structure and a pointer to tbs response
+*   data DER from a valid ocsp response.
+* INPUTS:
+*   CERTOCSPResponse *response
+*     structure of a valid ocsp response
+* RETURN:
+*   Returns a pointer to ocspResponseData structure: decoded OCSP response
+*   data, and a pointer(tbsResponseDataDER) to its undecoded data DER.
+*/
+ocspResponseData *
+ocsp_GetResponseData(CERTOCSPResponse *response, SECItem **tbsResponseDataDER)
+{
+ocspBasicOCSPResponse *basic;
+ocspResponseData *responseData;
+PORT_Assert(response != NULL);
+PORT_Assert(response->responseBytes != NULL);
+PORT_Assert(response->responseBytes->responseTypeTag
+		== SEC_OID_PKIX_OCSP_BASIC_RESPONSE);
+basic = response->responseBytes->decodedResponse.basic;
+PORT_Assert(basic != NULL);
+responseData = basic->tbsResponseData;
+PORT_Assert(responseData != NULL);
+if (tbsResponseDataDER) {
+*tbsResponseDataDER = &basic->tbsResponseDataDER;
+PORT_Assert((*tbsResponseDataDER)->data != NULL);
+PORT_Assert((*tbsResponseDataDER)->len != 0);
+}
+return responseData;
+}
+/*
+* Much like the routine above, except it returns the response signature.
+* Again, no copy is done.
+*/
+ocspSignature *
+ocsp_GetResponseSignature(CERTOCSPResponse *response)
+{
+ocspBasicOCSPResponse *basic;
+PORT_Assert(response != NULL);
+if (NULL == response->responseBytes) {
+return NULL;
+}
+if (response->responseBytes->responseTypeTag
+!= SEC_OID_PKIX_OCSP_BASIC_RESPONSE) {
+return NULL;
+}
+basic = response->responseBytes->decodedResponse.basic;
+PORT_Assert(basic != NULL);
+return &(basic->responseSignature);
+}
+/*
+* FUNCTION: CERT_DestroyOCSPResponse
+*   Frees an OCSP Response structure.
+* INPUTS:
+*   CERTOCSPResponse *request
+*     Pointer to CERTOCSPResponse to be freed.
+* RETURN:
+*   No return value; no errors.
+*/
+void
+CERT_DestroyOCSPResponse(CERTOCSPResponse *response)
+{
+if (response != NULL) {
+	ocspSignature *signature = ocsp_GetResponseSignature(response);
+	if (signature && signature->cert != NULL)
+	    CERT_DestroyCertificate(signature->cert);
+	/*
+	 * We should actually never have a response without an arena,
+	 * but check just in case.  (If there isn't one, there is not
+	 * much we can do about it...)
+	 */
+	PORT_Assert(response->arena != NULL);
+	if (response->arena != NULL) {
+	    PORT_FreeArena(response->arena, PR_FALSE);
+	}
+}
+}
+/*
+* OVERALL OCSP CLIENT SUPPORT (make and send a request, verify a response):
+*/
+/*
+* Pick apart a URL, saving the important things in the passed-in pointers.
+*
+* We expect to find "http://<hostname>[:<port>]/[path]", though we will
+* tolerate that final slash character missing, as well as beginning and
+* trailing whitespace, and any-case-characters for "http".  All of that
+* tolerance is what complicates this routine.  What we want is just to
+* pick out the hostname, the port, and the path.
+*
+* On a successful return, the caller will need to free the output pieces
+* of hostname and path, which are copies of the values found in the url.
+*/
+static SECStatus
+ocsp_ParseURL(const char *url, char **pHostname, PRUint16 *pPort, char **pPath)
+{
+unsigned short port = 80;		/* default, in case not in url */
+char *hostname = NULL;
+char *path = NULL;
+const char *save;
+char c;
+int len;
+if (url == NULL)
+	goto loser;
+/*
+* Skip beginning whitespace.
+*/
+c = *url;
+while ((c == ' ' || c == '\t') && c != '\0') {
+	url++;
+	c = *url;
+}
+if (c == '\0')
+	goto loser;
+/*
+* Confirm, then skip, protocol.  (Since we only know how to do http,
+* that is all we will accept).
+*/
+if (PORT_Strncasecmp(url, "http://", 7) != 0)
+	goto loser;
+url += 7;
+/*
+* Whatever comes next is the hostname (or host IP address).  We just
+* save it aside and then search for its end so we can determine its
+* length and copy it.
+*
+* XXX Note that because we treat a ':' as a terminator character
+* (and below, we expect that to mean there is a port specification
+* immediately following), we will not handle IPv6 addresses.  That is
+* apparently an acceptable limitation, for the time being.  Some day,
+* when there is a clear way to specify a URL with an IPv6 address that
+* can be parsed unambiguously, this code should be made to do that.
+*/
+save = url;
+c = *url;
+while (c != '/' && c != ':' && c != '\0' && c != ' ' && c != '\t') {
+	url++;
+	c = *url;
+}
+len = url - save;
+hostname = PORT_Alloc(len + 1);
+if (hostname == NULL)
+	goto loser;
+PORT_Memcpy(hostname, save, len);
+hostname[len] = '\0';
+/*
+* Now we figure out if there was a port specified or not.
+* If so, we need to parse it (as a number) and skip it.
+*/
+if (c == ':') {
+	url++;
+	port = (unsigned short) PORT_Atoi(url);
+	c = *url;
+	while (c != '/' && c != '\0' && c != ' ' && c != '\t') {
+	    if (c < '0' || c > '9')
+		goto loser;
+	    url++;
+	    c = *url;
+	}
+}
+/*
+* Last thing to find is a path.  There *should* be a slash,
+* if nothing else -- but if there is not we provide one.
+*/
+if (c == '/') {
+	save = url;
+	while (c != '\0' && c != ' ' && c != '\t') {
+	    url++;
+	    c = *url;
+	}
+	len = url - save;
+	path = PORT_Alloc(len + 1);
+	if (path == NULL)
+	    goto loser;
+	PORT_Memcpy(path, save, len);
+	path[len] = '\0';
+} else {
+	path = PORT_Strdup("/");
+	if (path == NULL)
+	    goto loser;
+}
+*pHostname = hostname;
+*pPort = port;
+*pPath = path;
+return SECSuccess;
+loser:
+if (hostname != NULL)
+	PORT_Free(hostname);
+PORT_SetError(SEC_ERROR_CERT_BAD_ACCESS_LOCATION);
+return SECFailure;
+}
+/*
+* Open a socket to the specified host on the specified port, and return it.
+* The host is either a hostname or an IP address.
+*/
+static PRFileDesc *
+ocsp_ConnectToHost(const char *host, PRUint16 port)
+{
+PRFileDesc *sock = NULL;
+PRIntervalTime timeout;
+PRNetAddr addr;
+char *netdbbuf = NULL;
+// XXX: Do we need a unittest ifdef here? We don't want to break the tests, but
+// we want to ensure nothing can ever hit this code in production.
+#if 1
+printf("Tor Browser BUG: Attempted OSCP direct connect to %s, port %u\n", host,
+port);
+goto loser;
+#endif
+sock = PR_NewTCPSocket();
+if (sock == NULL)
+	goto loser;
+/* XXX Some day need a way to set (and get?) the following value */
+timeout = PR_SecondsToInterval(30);
+/*
+* If the following converts an IP address string in "dot notation"
+* into a PRNetAddr.  If it fails, we assume that is because we do not
+* have such an address, but instead a host *name*.  In that case we
+* then lookup the host by name.  Using the NSPR function this way
+* means we do not have to have our own logic for distinguishing a
+* valid numerical IP address from a hostname.
+*/
+if (PR_StringToNetAddr(host, &addr) != PR_SUCCESS) {
+	PRIntn hostIndex;
+	PRHostEnt hostEntry;
+	netdbbuf = PORT_Alloc(PR_NETDB_BUF_SIZE);
+	if (netdbbuf == NULL)
+	    goto loser;
+	if (PR_GetHostByName(host, netdbbuf, PR_NETDB_BUF_SIZE,
+			     &hostEntry) != PR_SUCCESS)
+	    goto loser;
+	hostIndex = 0;
+	do {
+	    hostIndex = PR_EnumerateHostEnt(hostIndex, &hostEntry, port, &addr);
+	    if (hostIndex <= 0)
+		goto loser;
+	} while (PR_Connect(sock, &addr, timeout) != PR_SUCCESS);
+	PORT_Free(netdbbuf);
+} else {
+	/*
+	 * First put the port into the address, then connect.
+	 */
+	if (PR_InitializeNetAddr(PR_IpAddrNull, port, &addr) != PR_SUCCESS)
+	    goto loser;
+	if (PR_Connect(sock, &addr, timeout) != PR_SUCCESS)
+	    goto loser;
+}
+return sock;
+loser:
+if (sock != NULL)
+	PR_Close(sock);
+if (netdbbuf != NULL)
+	PORT_Free(netdbbuf);
+return NULL;
+}
+/*
+* Sends an encoded OCSP request to the server identified by "location",
+* and returns the socket on which it was sent (so can listen for the reply).
+* "location" is expected to be a valid URL -- an error parsing it produces
+* SEC_ERROR_CERT_BAD_ACCESS_LOCATION.  Other errors are likely problems
+* connecting to it, or writing to it, or allocating memory, and the low-level
+* errors appropriate to the problem will be set.
+* if (encodedRequest == NULL)
+*   then location MUST already include the full request,
+*        including base64 and urlencode,
+*        and the request will be sent with GET
+* if (encodedRequest != NULL)
+*   then the request will be sent with POST
+*/
+static PRFileDesc *
+ocsp_SendEncodedRequest(const char *location, const SECItem *encodedRequest)
+{
+char *hostname = NULL;
+char *path = NULL;
+PRUint16 port;
+SECStatus rv;
+PRFileDesc *sock = NULL;
+PRFileDesc *returnSock = NULL;
+char *header = NULL;
+char portstr[16];
+/*
+* Take apart the location, getting the hostname, port, and path.
+*/
+rv = ocsp_ParseURL(location, &hostname, &port, &path);
+if (rv != SECSuccess)
+	goto loser;
+PORT_Assert(hostname != NULL);
+PORT_Assert(path != NULL);
+sock = ocsp_ConnectToHost(hostname, port);
+if (sock == NULL)
+	goto loser;
+portstr[0] = '\0';
+if (port != 80) {
+PR_snprintf(portstr, sizeof(portstr), ":%d", port);
+}
+if (!encodedRequest) {
+header = PR_smprintf("GET %s HTTP/1.0\r\n"
+"Host: %s%s\r\n\r\n",
+path, hostname, portstr);
+if (header == NULL)
+goto loser;
+/*
+* The NSPR documentation promises that if it can, it will write the full
+* amount; this will not return a partial value expecting us to loop.
+*/
+if (PR_Write(sock, header, (PRInt32) PORT_Strlen(header)) < 0)
+goto loser;
+}
+else {
+header = PR_smprintf("POST %s HTTP/1.0\r\n"
+"Host: %s%s\r\n"
+"Content-Type: application/ocsp-request\r\n"
+"Content-Length: %u\r\n\r\n",
+path, hostname, portstr, encodedRequest->len);
+if (header == NULL)
+goto loser;
+/*
+* The NSPR documentation promises that if it can, it will write the full
+* amount; this will not return a partial value expecting us to loop.
+*/
+if (PR_Write(sock, header, (PRInt32) PORT_Strlen(header)) < 0)
+goto loser;
+if (PR_Write(sock, encodedRequest->data,
+(PRInt32) encodedRequest->len) < 0)
+goto loser;
+}
+returnSock = sock;
+sock = NULL;
+loser:
+if (header != NULL)
+	PORT_Free(header);
+if (sock != NULL)
+	PR_Close(sock);
+if (path != NULL)
+	PORT_Free(path);
+if (hostname != NULL)
+	PORT_Free(hostname);
+return returnSock;
+}
+/*
+* Read from "fd" into "buf" -- expect/attempt to read a given number of bytes
+* Obviously, stop if hit end-of-stream. Timeout is passed in.
+*/
+static int
+ocsp_read(PRFileDesc *fd, char *buf, int toread, PRIntervalTime timeout)
+{
+int total = 0;
+while (total < toread)
+{
+PRInt32 got;
+got = PR_Recv(fd, buf + total, (PRInt32) (toread - total), 0, timeout);
+if (got < 0)
+{
+if (0 == total)
+{
+total = -1; /* report the error if we didn't read anything yet */
+}
+break;
+}
+else
+if (got == 0)
+{			/* EOS */
+break;
+}
+total += got;
+}
+return total;
+}
+#define OCSP_BUFSIZE 1024
+#define AbortHttpDecode(error) \
+{ \
+if (inBuffer) \
+PORT_Free(inBuffer); \
+PORT_SetError(error); \
+return NULL; \
+}
+/*
+* Reads on the given socket and returns an encoded response when received.
+* Properly formatted HTTP/1.0 response headers are expected to be read
+* from the socket, preceding a binary-encoded OCSP response.  Problems
+* with parsing cause the error SEC_ERROR_OCSP_BAD_HTTP_RESPONSE to be
+* set; any other problems are likely low-level i/o or memory allocation
+* errors.
+*/
+static SECItem *
+ocsp_GetEncodedResponse(PLArenaPool *arena, PRFileDesc *sock)
+{
+/* first read HTTP status line and headers */
+char* inBuffer = NULL;
+PRInt32 offset = 0;
+PRInt32 inBufsize = 0;
+const PRInt32 bufSizeIncrement = OCSP_BUFSIZE; /* 1 KB at a time */
+const PRInt32 maxBufSize = 8 * bufSizeIncrement ; /* 8 KB max */
+const char* CRLF = "\r\n";
+const PRInt32 CRLFlen = strlen(CRLF);
+const char* headerEndMark = "\r\n\r\n";
+const PRInt32 markLen = strlen(headerEndMark);
+const PRIntervalTime ocsptimeout =
+PR_SecondsToInterval(30); /* hardcoded to 30s for now */
+char* headerEnd = NULL;
+PRBool EOS = PR_FALSE;
+const char* httpprotocol = "HTTP/";
+const PRInt32 httplen = strlen(httpprotocol);
+const char* httpcode = NULL;
+const char* contenttype = NULL;
+PRInt32 contentlength = 0;
+PRInt32 bytesRead = 0;
+char* statusLineEnd = NULL;
+char* space = NULL;
+char* nextHeader = NULL;
+SECItem* result = NULL;
+/* read up to at least the end of the HTTP headers */
+do
+{
+inBufsize += bufSizeIncrement;
+inBuffer = PORT_Realloc(inBuffer, inBufsize+1);
+if (NULL == inBuffer)
+{
+AbortHttpDecode(SEC_ERROR_NO_MEMORY);
+}
+bytesRead = ocsp_read(sock, inBuffer + offset, bufSizeIncrement,
+ocsptimeout);
+if (bytesRead > 0)
+{
+PRInt32 searchOffset = (offset - markLen) >0 ? offset-markLen : 0;
+offset += bytesRead;
+*(inBuffer + offset) = '\0'; /* NULL termination */
+headerEnd = strstr((const char*)inBuffer + searchOffset, headerEndMark);
+if (bytesRead < bufSizeIncrement)
+{
+/* we read less data than requested, therefore we are at
+EOS or there was a read error */
+EOS = PR_TRUE;
+}
+}
+else
+{
+/* recv error or EOS */
+EOS = PR_TRUE;
+}
+} while ( (!headerEnd) && (PR_FALSE == EOS) &&
+(inBufsize < maxBufSize) );
+if (!headerEnd)
+{
+AbortHttpDecode(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE);
+}
+/* parse the HTTP status line  */
+statusLineEnd = strstr((const char*)inBuffer, CRLF);
+if (!statusLineEnd)
+{
+AbortHttpDecode(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE);
+}
+*statusLineEnd = '\0';
+/* check for HTTP/ response */
+space = strchr((const char*)inBuffer, ' ');
+if (!space || PORT_Strncasecmp((const char*)inBuffer, httpprotocol, httplen) != 0 )
+{
+AbortHttpDecode(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE);
+}
+/* check the HTTP status code of 200 */
+httpcode = space +1;
+space = strchr(httpcode, ' ');
+if (!space)
+{
+AbortHttpDecode(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE);
+}
+*space = 0;
+if (0 != strcmp(httpcode, "200"))
+{
+AbortHttpDecode(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE);
+}
+/* parse the HTTP headers in the buffer . We only care about
+content-type and content-length
+*/
+nextHeader = statusLineEnd + CRLFlen;
+*headerEnd = '\0'; /* terminate */
+do
+{
+char* thisHeaderEnd = NULL;
+char* value = NULL;
+char* colon = strchr(nextHeader, ':');
+if (!colon)
+{
+AbortHttpDecode(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE);
+}
+*colon = '\0';
+value = colon + 1;
+/* jpierre - note : the following code will only handle the basic form
+of HTTP/1.0 response headers, of the form "name: value" . Headers
+split among multiple lines are not supported. This is not common
+and should not be an issue, but it could become one in the
+future */
+if (*value != ' ')
+{
+AbortHttpDecode(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE);
+}
+value++;
+thisHeaderEnd  = strstr(value, CRLF);
+if (thisHeaderEnd )
+{
+*thisHeaderEnd  = '\0';
+}
+if (0 == PORT_Strcasecmp(nextHeader, "content-type"))
+{
+contenttype = value;
+}
+else
+if (0 == PORT_Strcasecmp(nextHeader, "content-length"))
+{
+contentlength = atoi(value);
+}
+if (thisHeaderEnd )
+{
+nextHeader = thisHeaderEnd + CRLFlen;
+}
+else
+{
+nextHeader = NULL;
+}
+} while (nextHeader && (nextHeader < (headerEnd + CRLFlen) ) );
+/* check content-type */
+if (!contenttype ||
+(0 != PORT_Strcasecmp(contenttype, "application/ocsp-response")) )
+{
+AbortHttpDecode(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE);
+}
+/* read the body of the OCSP response */
+offset = offset - (PRInt32) (headerEnd - (const char*)inBuffer) - markLen;
+if (offset)
+{
+/* move all data to the beginning of the buffer */
+PORT_Memmove(inBuffer, headerEnd + markLen, offset);
+}
+/* resize buffer to only what's needed to hold the current response */
+inBufsize = (1 + (offset-1) / bufSizeIncrement ) * bufSizeIncrement ;
+while ( (PR_FALSE == EOS) &&
+( (contentlength == 0) || (offset < contentlength) ) &&
+(inBufsize < maxBufSize)
+)
+{
+/* we still need to receive more body data */
+inBufsize += bufSizeIncrement;
+inBuffer = PORT_Realloc(inBuffer, inBufsize+1);
+if (NULL == inBuffer)
+{
+AbortHttpDecode(SEC_ERROR_NO_MEMORY);
+}
+bytesRead = ocsp_read(sock, inBuffer + offset, bufSizeIncrement,
+ocsptimeout);
+if (bytesRead > 0)
+{
+offset += bytesRead;
+if (bytesRead < bufSizeIncrement)
+{
+/* we read less data than requested, therefore we are at
+EOS or there was a read error */
+EOS = PR_TRUE;
+}
+}
+else
+{
+/* recv error or EOS */
+EOS = PR_TRUE;
+}
+}
+if (0 == offset)
+{
+AbortHttpDecode(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE);
+}
+/*
+* Now allocate the item to hold the data.
+*/
+result = SECITEM_AllocItem(arena, NULL, offset);
+if (NULL == result)
+{
+AbortHttpDecode(SEC_ERROR_NO_MEMORY);
+}
+/*
+* And copy the data left in the buffer.
+*/
+PORT_Memcpy(result->data, inBuffer, offset);
+/* and free the temporary buffer */
+PORT_Free(inBuffer);
+return result;
+}
+SECStatus
+CERT_ParseURL(const char *url, char **pHostname, PRUint16 *pPort, char **pPath)
+{
+return ocsp_ParseURL(url, pHostname, pPort, pPath);
+}
+/*
+* Limit the size of http responses we are willing to accept.
+*/
+#define MAX_WANTED_OCSP_RESPONSE_LEN 64*1024
+/* if (encodedRequest == NULL)
+*   then location MUST already include the full request,
+*        including base64 and urlencode,
+*        and the request will be sent with GET
+* if (encodedRequest != NULL)
+*   then the request will be sent with POST
+*/
+static SECItem *
+fetchOcspHttpClientV1(PLArenaPool *arena,
+const SEC_HttpClientFcnV1 *hcv1,
+const char *location,
+const SECItem *encodedRequest)
+{
+char *hostname = NULL;
+char *path = NULL;
+PRUint16 port;
+SECItem *encodedResponse = NULL;
+SEC_HTTP_SERVER_SESSION pServerSession = NULL;
+SEC_HTTP_REQUEST_SESSION pRequestSession = NULL;
+PRUint16 myHttpResponseCode;
+const char *myHttpResponseData;
+PRUint32 myHttpResponseDataLen;
+if (ocsp_ParseURL(location, &hostname, &port, &path) == SECFailure) {
+PORT_SetError(SEC_ERROR_OCSP_MALFORMED_REQUEST);
+goto loser;
+}
+PORT_Assert(hostname != NULL);
+PORT_Assert(path != NULL);
+if ((*hcv1->createSessionFcn)(
+hostname,
+port,
+&pServerSession) != SECSuccess) {
+PORT_SetError(SEC_ERROR_OCSP_SERVER_ERROR);
+goto loser;
+}
+/* We use a non-zero timeout, which means:
+- the client will use blocking I/O
+- TryFcn will not return WOULD_BLOCK nor a poll descriptor
+- it's sufficient to call TryFcn once
+No lock for accessing OCSP_Global.timeoutSeconds, bug 406120
+*/
+if ((*hcv1->createFcn)(
+pServerSession,
+"http",
+path,
+encodedRequest ? "POST" : "GET",
+PR_TicksPerSecond() * OCSP_Global.timeoutSeconds,
+&pRequestSession) != SECSuccess) {
+PORT_SetError(SEC_ERROR_OCSP_SERVER_ERROR);
+goto loser;
+}
+if (encodedRequest &&
+(*hcv1->setPostDataFcn)(
+pRequestSession,
+(char*)encodedRequest->data,
+encodedRequest->len,
+"application/ocsp-request") != SECSuccess) {
+PORT_SetError(SEC_ERROR_OCSP_SERVER_ERROR);
+goto loser;
+}
+/* we don't want result objects larger than this: */
+myHttpResponseDataLen = MAX_WANTED_OCSP_RESPONSE_LEN;
+OCSP_TRACE(("OCSP trySendAndReceive %s\n", location));
+if ((*hcv1->trySendAndReceiveFcn)(
+pRequestSession,
+NULL,
+&myHttpResponseCode,
+NULL,
+NULL,
+&myHttpResponseData,
+&myHttpResponseDataLen) != SECSuccess) {
+PORT_SetError(SEC_ERROR_OCSP_SERVER_ERROR);
+goto loser;
+}
+OCSP_TRACE(("OCSP trySendAndReceive result http %d\n", myHttpResponseCode));
+if (myHttpResponseCode != 200) {
+PORT_SetError(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE);
+goto loser;
+}
+encodedResponse = SECITEM_AllocItem(arena, NULL, myHttpResponseDataLen);
+if (!encodedResponse) {
+PORT_SetError(SEC_ERROR_NO_MEMORY);
+goto loser;
+}
+PORT_Memcpy(encodedResponse->data, myHttpResponseData, myHttpResponseDataLen);
+loser:
+if (pRequestSession != NULL)
+(*hcv1->freeFcn)(pRequestSession);
+if (pServerSession != NULL)
+(*hcv1->freeSessionFcn)(pServerSession);
+if (path != NULL)
+	PORT_Free(path);
+if (hostname != NULL)
+	PORT_Free(hostname);
+return encodedResponse;
+}
+/*
+* FUNCTION: CERT_GetEncodedOCSPResponseByMethod
+*   Creates and sends a request to an OCSP responder, then reads and
+*   returns the (encoded) response.
+* INPUTS:
+*   PLArenaPool *arena
+*     Pointer to arena from which return value will be allocated.
+*     If NULL, result will be allocated from the heap (and thus should
+*     be freed via SECITEM_FreeItem).
+*   CERTCertList *certList
+*     A list of certs for which status will be requested.
+*     Note that all of these certificates should have the same issuer,
+*     or it's expected the response will be signed by a trusted responder.
+*     If the certs need to be broken up into multiple requests, that
+*     must be handled by the caller (and thus by having multiple calls
+*     to this routine), who knows about where the request(s) are being
+*     sent and whether there are any trusted responders in place.
+*   const char *location
+*     The location of the OCSP responder (a URL).
+*   const char *method
+*     The protocol method used when retrieving the OCSP response.
+*     Currently support: "GET" (http GET) and "POST" (http POST).
+*     Additionals methods for http or other protocols might be added
+*     in the future.
+*   PRTime time
+*     Indicates the time for which the certificate status is to be
+*     determined -- this may be used in the search for the cert's issuer
+*     but has no other bearing on the operation.
+*   PRBool addServiceLocator
+*     If true, the Service Locator extension should be added to the
+*     single request(s) for each cert.
+*   CERTCertificate *signerCert
+*     If non-NULL, means sign the request using this cert.  Otherwise,
+*     do not sign.
+*   void *pwArg
+*     Pointer to argument for password prompting, if needed.  (Definitely
+*     not needed if not signing.)
+* OUTPUTS:
+*   CERTOCSPRequest **pRequest
+*     Pointer in which to store the OCSP request created for the given
+*     list of certificates.  It is only filled in if the entire operation
+*     is successful and the pointer is not null -- and in that case the
+*     caller is then reponsible for destroying it.
+* RETURN:
+*   Returns a pointer to the SECItem holding the response.
+*   On error, returns null with error set describing the reason:
+*	SEC_ERROR_UNKNOWN_ISSUER
+*	SEC_ERROR_CERT_BAD_ACCESS_LOCATION
+*	SEC_ERROR_OCSP_BAD_HTTP_RESPONSE
+*   Other errors are low-level problems (no memory, bad database, etc.).
+*/
+SECItem *
+CERT_GetEncodedOCSPResponseByMethod(PLArenaPool *arena, CERTCertList *certList,
+				    const char *location, const char *method,
+				    PRTime time, PRBool addServiceLocator,
+				    CERTCertificate *signerCert, void *pwArg,
+				    CERTOCSPRequest **pRequest)
+{
+CERTOCSPRequest *request;
+request = CERT_CreateOCSPRequest(certList, time, addServiceLocator,
+signerCert);
+if (!request)
+return NULL;
+return ocsp_GetEncodedOCSPResponseFromRequest(arena, request, location,
+method, time, addServiceLocator,
+pwArg, pRequest);
+}
+/*
+* FUNCTION: CERT_GetEncodedOCSPResponse
+*   Creates and sends a request to an OCSP responder, then reads and
+*   returns the (encoded) response.
+*
+* This is a legacy API that behaves identically to
+* CERT_GetEncodedOCSPResponseByMethod using the "POST" method.
+*/
+SECItem *
+CERT_GetEncodedOCSPResponse(PLArenaPool *arena, CERTCertList *certList,
+			    const char *location, PRTime time,
+			    PRBool addServiceLocator,
+			    CERTCertificate *signerCert, void *pwArg,
+			    CERTOCSPRequest **pRequest)
+{
+return CERT_GetEncodedOCSPResponseByMethod(arena, certList, location,
+					       "POST", time, addServiceLocator,
+					       signerCert, pwArg, pRequest);
+}
+/* URL encode a buffer that consists of base64-characters, only,
+* which means we can use a simple encoding logic.
+*
+* No output buffer size checking is performed.
+* You should call the function twice, to calculate the required buffer size.
+*
+* If the outpufBuf parameter is NULL, the function will calculate the
+* required size, including the trailing zero termination char.
+*
+* The function returns the number of bytes calculated or produced.
+*/
+size_t
+ocsp_UrlEncodeBase64Buf(const char *base64Buf, char *outputBuf)
+{
+const char *walkInput = NULL;
+char *walkOutput = outputBuf;
+size_t count = 0;
+for (walkInput=base64Buf; *walkInput; ++walkInput) {
+	char c = *walkInput;
+	if (isspace(c))
+	    continue;
+	switch (c) {
+	  case '+':
+	    if (outputBuf) {
+		strcpy(walkOutput, "%2B");
+		walkOutput += 3;
+	    }
+	    count += 3;
+	    break;
+	  case '/':
+	    if (outputBuf) {
+		strcpy(walkOutput, "%2F");
+		walkOutput += 3;
+	    }
+	    count += 3;
+	    break;
+	  case '=':
+	    if (outputBuf) {
+		strcpy(walkOutput, "%3D");
+		walkOutput += 3;
+	    }
+	    count += 3;
+	    break;
+	  default:
+	    if (outputBuf) {
+		*walkOutput = *walkInput;
+		++walkOutput;
+	    }
+	    ++count;
+	    break;
+	}
+}
+if (outputBuf) {
+	*walkOutput = 0;
+}
+++count;
+return count;
+}
+enum { max_get_request_size = 255 }; /* defined by RFC2560 */
+static SECItem *
+cert_GetOCSPResponse(PLArenaPool *arena, const char *location,
+const SECItem *encodedRequest);
+static SECItem *
+ocsp_GetEncodedOCSPResponseFromRequest(PLArenaPool *arena,
+CERTOCSPRequest *request,
+const char *location,
+				       const char *method,
+				       PRTime time,
+PRBool addServiceLocator,
+void *pwArg,
+CERTOCSPRequest **pRequest)
+{
+SECItem *encodedRequest = NULL;
+SECItem *encodedResponse = NULL;
+SECStatus rv;
+if (!location || !*location) /* location should be at least one byte */
+goto loser;
+rv = CERT_AddOCSPAcceptableResponses(request,
+					 SEC_OID_PKIX_OCSP_BASIC_RESPONSE);
+if (rv != SECSuccess)
+	goto loser;
+encodedRequest = CERT_EncodeOCSPRequest(NULL, request, pwArg);
+if (encodedRequest == NULL)
+	goto loser;
+if (!strcmp(method, "GET")) {
+encodedResponse = cert_GetOCSPResponse(arena, location, encodedRequest);
+}
+else if (!strcmp(method, "POST")) {
+encodedResponse = CERT_PostOCSPRequest(arena, location, encodedRequest);
+}
+else {
+	goto loser;
+}
+if (encodedResponse != NULL && pRequest != NULL) {
+	*pRequest = request;
+	request = NULL;			/* avoid destroying below */
+}
+loser:
+if (request != NULL)
+	CERT_DestroyOCSPRequest(request);
+if (encodedRequest != NULL)
+	SECITEM_FreeItem(encodedRequest, PR_TRUE);
+return encodedResponse;
+}
+static SECItem *
+cert_FetchOCSPResponse(PLArenaPool *arena,  const char *location,
+const SECItem *encodedRequest);
+/* using HTTP GET method */
+static SECItem *
+cert_GetOCSPResponse(PLArenaPool *arena, const char *location,
+const SECItem *encodedRequest)
+{
+char *walkOutput = NULL;
+char *fullGetPath = NULL;
+size_t pathLength;
+PRInt32 urlEncodedBufLength;
+size_t base64size;
+char b64ReqBuf[max_get_request_size+1];
+size_t slashLengthIfNeeded = 0;
+size_t getURLLength;
+SECItem *item;
+if (!location || !*location) {
+	return NULL;
+}
+pathLength = strlen(location);
+if (location[pathLength-1] != '/') {
+	slashLengthIfNeeded = 1;
+}
+/* Calculation as documented by PL_Base64Encode function.
+* Use integer conversion to avoid having to use function ceil().
+*/
+base64size = (((encodedRequest->len +2)/3) * 4);
+if (base64size > max_get_request_size) {
+	return NULL;
+}
+memset(b64ReqBuf, 0, sizeof(b64ReqBuf));
+PL_Base64Encode((const char*)encodedRequest->data, encodedRequest->len,
+		    b64ReqBuf);
+urlEncodedBufLength = ocsp_UrlEncodeBase64Buf(b64ReqBuf, NULL);
+getURLLength = pathLength + urlEncodedBufLength + slashLengthIfNeeded;
+/* urlEncodedBufLength already contains room for the zero terminator.
+* Add another if we must add the '/' char.
+*/
+if (arena) {
+fullGetPath = (char*)PORT_ArenaAlloc(arena, getURLLength);
+} else {
+fullGetPath = (char*)PORT_Alloc(getURLLength);
+}
+if (!fullGetPath) {
+	return NULL;
+}
+strcpy(fullGetPath, location);
+walkOutput = fullGetPath + pathLength;
+if (walkOutput > fullGetPath && slashLengthIfNeeded) {
+strcpy(walkOutput, "/");
+++walkOutput;
+}
+ocsp_UrlEncodeBase64Buf(b64ReqBuf, walkOutput);
+item = cert_FetchOCSPResponse(arena, fullGetPath, NULL);
+if (!arena) {
+	PORT_Free(fullGetPath);
+}
+return item;
+}
+SECItem *
+CERT_PostOCSPRequest(PLArenaPool *arena,  const char *location,
+const SECItem *encodedRequest)
+{
+return cert_FetchOCSPResponse(arena, location, encodedRequest);
+}
+SECItem *
+cert_FetchOCSPResponse(PLArenaPool *arena,  const char *location,
+const SECItem *encodedRequest)
+{
+const SEC_HttpClientFcn *registeredHttpClient;
+SECItem *encodedResponse = NULL;
+registeredHttpClient = SEC_GetRegisteredHttpClient();
+if (registeredHttpClient && registeredHttpClient->version == 1) {
+encodedResponse = fetchOcspHttpClientV1(
+arena,
+&registeredHttpClient->fcnTable.ftable1,
+location,
+encodedRequest);
+} else {
+/* use internal http client */
+PRFileDesc *sock = ocsp_SendEncodedRequest(location, encodedRequest);
+if (sock) {
+encodedResponse = ocsp_GetEncodedResponse(arena, sock);
+PR_Close(sock);
+}
+}
+return encodedResponse;
+}
+static SECItem *
+ocsp_GetEncodedOCSPResponseForSingleCert(PLArenaPool *arena,
+CERTOCSPCertID *certID,
+CERTCertificate *singleCert,
+const char *location,
+					 const char *method,
+					 PRTime time,
+PRBool addServiceLocator,
+void *pwArg,
+CERTOCSPRequest **pRequest)
+{
+CERTOCSPRequest *request;
+request = cert_CreateSingleCertOCSPRequest(certID, singleCert, time,
+addServiceLocator, NULL);
+if (!request)
+return NULL;
+return ocsp_GetEncodedOCSPResponseFromRequest(arena, request, location,
+method, time, addServiceLocator,
+pwArg, pRequest);
+}
+/* Checks a certificate for the key usage extension of OCSP signer. */
+static PRBool
+ocsp_CertIsOCSPDesignatedResponder(CERTCertificate *cert)
+{
+SECStatus rv;
+SECItem extItem;
+SECItem **oids;
+SECItem *oid;
+SECOidTag oidTag;
+PRBool retval;
+CERTOidSequence *oidSeq = NULL;
+extItem.data = NULL;
+rv = CERT_FindCertExtension(cert, SEC_OID_X509_EXT_KEY_USAGE, &extItem);
+if ( rv != SECSuccess ) {
+	goto loser;
+}
+oidSeq = CERT_DecodeOidSequence(&extItem);
+if ( oidSeq == NULL ) {
+	goto loser;
+}
+oids = oidSeq->oids;
+while ( *oids != NULL ) {
+	oid = *oids;
+	oidTag = SECOID_FindOIDTag(oid);
+	if ( oidTag == SEC_OID_OCSP_RESPONDER ) {
+	    goto success;
+	}
+	oids++;
+}
+loser:
+retval = PR_FALSE;
+PORT_SetError(SEC_ERROR_OCSP_INVALID_SIGNING_CERT);
+goto done;
+success:
+retval = PR_TRUE;
+done:
+if ( extItem.data != NULL ) {
+	PORT_Free(extItem.data);
+}
+if ( oidSeq != NULL ) {
+	CERT_DestroyOidSequence(oidSeq);
+}
+return(retval);
+}
+#ifdef LATER	/*
+		 * XXX This function is not currently used, but will
+		 * be needed later when we do revocation checking of
+		 * the responder certificate.  Of course, it may need
+		 * revising then, if the cert extension interface has
+		 * changed.  (Hopefully it will!)
+		 */
+/* Checks a certificate to see if it has the OCSP no check extension. */
+static PRBool
+ocsp_CertHasNoCheckExtension(CERTCertificate *cert)
+{
+SECStatus rv;
+rv = CERT_FindCertExtension(cert, SEC_OID_PKIX_OCSP_NO_CHECK,
+				NULL);
+if (rv == SECSuccess) {
+	return PR_TRUE;
+}
+return PR_FALSE;
+}
+#endif	/* LATER */
+static PRBool
+ocsp_matchcert(SECItem *certIndex,CERTCertificate *testCert)
+{
+SECItem item;
+unsigned char buf[HASH_LENGTH_MAX];
+item.data = buf;
+item.len = SHA1_LENGTH;
+if (CERT_GetSubjectPublicKeyDigest(NULL,testCert,SEC_OID_SHA1,
+				       &item) == NULL) {
+	return PR_FALSE;
+}
+if  (SECITEM_ItemsAreEqual(certIndex,&item)) {
+	return PR_TRUE;
+}
+if (CERT_GetSubjectPublicKeyDigest(NULL,testCert,SEC_OID_MD5,
+				       &item) == NULL) {
+	return PR_FALSE;
+}
+if  (SECITEM_ItemsAreEqual(certIndex,&item)) {
+	return PR_TRUE;
+}
+if (CERT_GetSubjectPublicKeyDigest(NULL,testCert,SEC_OID_MD2,
+				       &item) == NULL) {
+	return PR_FALSE;
+}
+if  (SECITEM_ItemsAreEqual(certIndex,&item)) {
+	return PR_TRUE;
+}
+return PR_FALSE;
+}
+static CERTCertificate *
+ocsp_CertGetDefaultResponder(CERTCertDBHandle *handle,CERTOCSPCertID *certID);
+CERTCertificate *
+ocsp_GetSignerCertificate(CERTCertDBHandle *handle, ocspResponseData *tbsData,
+ocspSignature *signature, CERTCertificate *issuer)
+{
+CERTCertificate **certs = NULL;
+CERTCertificate *signerCert = NULL;
+SECStatus rv = SECFailure;
+PRBool lookupByName = PR_TRUE;
+void *certIndex = NULL;
+int certCount = 0;
+PORT_Assert(tbsData->responderID != NULL);
+switch (tbsData->responderID->responderIDType) {
+case ocspResponderID_byName:
+	lookupByName = PR_TRUE;
+	certIndex = &tbsData->derResponderID;
+	break;
+case ocspResponderID_byKey:
+	lookupByName = PR_FALSE;
+	certIndex = &tbsData->responderID->responderIDValue.keyHash;
+	break;
+case ocspResponderID_other:
+default:
+	PORT_Assert(0);
+	PORT_SetError(SEC_ERROR_OCSP_MALFORMED_RESPONSE);
+	return NULL;
+}
+/*
+* If the signature contains some certificates as well, temporarily
+* import them in case they are needed for verification.
+*
+* Note that the result of this is that each cert in "certs" needs
+* to be destroyed.
+*/
+if (signature->derCerts != NULL) {
+	for (; signature->derCerts[certCount] != NULL; certCount++) {
+	    /* just counting */
+	}
+	rv = CERT_ImportCerts(handle, certUsageStatusResponder, certCount,
+	                      signature->derCerts, &certs,
+	                      PR_FALSE, PR_FALSE, NULL);
+	if (rv != SECSuccess)
+	     goto finish;
+}
+/*
+* Now look up the certificate that did the signing.
+* The signer can be specified either by name or by key hash.
+*/
+if (lookupByName) {
+	SECItem *crIndex = (SECItem*)certIndex;
+	SECItem encodedName;
+	PLArenaPool *arena;
+	arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+	if (arena != NULL) {
+	    rv = SEC_QuickDERDecodeItem(arena, &encodedName,
+	                                ocsp_ResponderIDDerNameTemplate,
+	                                crIndex);
+	    if (rv != SECSuccess) {
+	        if (PORT_GetError() == SEC_ERROR_BAD_DER)
+	            PORT_SetError(SEC_ERROR_OCSP_MALFORMED_RESPONSE);
+	    } else {
+	            signerCert = CERT_FindCertByName(handle, &encodedName);
+	    }
+	    PORT_FreeArena(arena, PR_FALSE);
+	}
+} else {
+	/*
+	 * The signer is either 1) a known issuer CA we passed in,
+	 * 2) the default OCSP responder, or 3) an intermediate CA
+	 * passed in the cert list to use. Figure out which it is.
+	 */
+	int i;
+	CERTCertificate *responder =
+ocsp_CertGetDefaultResponder(handle, NULL);
+	if (responder && ocsp_matchcert(certIndex,responder)) {
+	    signerCert = CERT_DupCertificate(responder);
+	} else if (issuer && ocsp_matchcert(certIndex,issuer)) {
+	    signerCert = CERT_DupCertificate(issuer);
+	}
+	for (i=0; (signerCert == NULL) && (i < certCount); i++) {
+	    if (ocsp_matchcert(certIndex,certs[i])) {
+		signerCert = CERT_DupCertificate(certs[i]);
+	    }
+	}
+	if (signerCert == NULL) {
+	    PORT_SetError(SEC_ERROR_UNKNOWN_CERT);
+	}
+}
+finish:
+if (certs != NULL) {
+	CERT_DestroyCertArray(certs, certCount);
+}
+return signerCert;
+}
+SECStatus
+ocsp_VerifyResponseSignature(CERTCertificate *signerCert,
+ocspSignature *signature,
+SECItem *tbsResponseDataDER,
+void *pwArg)
+{
+SECKEYPublicKey *signerKey = NULL;
+SECStatus rv = SECFailure;
+CERTSignedData signedData;
+/*
+* Now get the public key from the signer's certificate; we need
+* it to perform the verification.
+*/
+signerKey = CERT_ExtractPublicKey(signerCert);
+if (signerKey == NULL) {
+return SECFailure;
+}
+/*
+* We copy the signature data *pointer* and length, so that we can
+* modify the length without damaging the original copy.  This is a
+* simple copy, not a dup, so no destroy/free is necessary.
+*/
+signedData.signature = signature->signature;
+signedData.signatureAlgorithm = signature->signatureAlgorithm;
+signedData.data = *tbsResponseDataDER;
+rv = CERT_VerifySignedDataWithPublicKey(&signedData, signerKey, pwArg);
+if (rv != SECSuccess &&
+(PORT_GetError() == SEC_ERROR_BAD_SIGNATURE ||
+PORT_GetError() == SEC_ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED)) {
+PORT_SetError(SEC_ERROR_OCSP_BAD_SIGNATURE);
+}
+if (signerKey != NULL) {
+SECKEY_DestroyPublicKey(signerKey);
+}
+return rv;
+}
+/*
+* FUNCTION: CERT_VerifyOCSPResponseSignature
+*   Check the signature on an OCSP Response.  Will also perform a
+*   verification of the signer's certificate.  Note, however, that a
+*   successful verification does not make any statement about the
+*   signer's *authority* to provide status for the certificate(s),
+*   that must be checked individually for each certificate.
+* INPUTS:
+*   CERTOCSPResponse *response
+*     Pointer to response structure with signature to be checked.
+*   CERTCertDBHandle *handle
+*     Pointer to CERTCertDBHandle for certificate DB to use for verification.
+*   void *pwArg
+*     Pointer to argument for password prompting, if needed.
+* OUTPUTS:
+*   CERTCertificate **pSignerCert
+*     Pointer in which to store signer's certificate; only filled-in if
+*     non-null.
+* RETURN:
+*   Returns SECSuccess when signature is valid, anything else means invalid.
+*   Possible errors set:
+*	SEC_ERROR_OCSP_MALFORMED_RESPONSE - unknown type of ResponderID
+*	SEC_ERROR_INVALID_TIME - bad format of "ProducedAt" time
+*	SEC_ERROR_UNKNOWN_SIGNER - signer's cert could not be found
+*	SEC_ERROR_BAD_SIGNATURE - the signature did not verify
+*   Other errors are any of the many possible failures in cert verification
+*   (e.g. SEC_ERROR_REVOKED_CERTIFICATE, SEC_ERROR_UNTRUSTED_ISSUER) when
+*   verifying the signer's cert, or low-level problems (no memory, etc.)
+*/
+SECStatus
+CERT_VerifyOCSPResponseSignature(CERTOCSPResponse *response,
+				 CERTCertDBHandle *handle, void *pwArg,
+				 CERTCertificate **pSignerCert,
+				 CERTCertificate *issuer)
+{
+SECItem *tbsResponseDataDER;
+CERTCertificate *signerCert = NULL;
+SECStatus rv = SECFailure;
+PRTime producedAt;
+/* ocsp_DecodeBasicOCSPResponse will fail if asn1 decoder is unable
+* to properly decode tbsData (see the function and
+* ocsp_BasicOCSPResponseTemplate). Thus, tbsData can not be
+* equal to null */
+ocspResponseData *tbsData = ocsp_GetResponseData(response,
+&tbsResponseDataDER);
+ocspSignature *signature = ocsp_GetResponseSignature(response);
+if (!signature) {
+PORT_SetError(SEC_ERROR_OCSP_BAD_SIGNATURE);
+return SECFailure;
+}
+/*
+* If this signature has already gone through verification, just
+* return the cached result.
+*/
+if (signature->wasChecked) {
+	if (signature->status == SECSuccess) {
+	    if (pSignerCert != NULL)
+		*pSignerCert = CERT_DupCertificate(signature->cert);
+	} else {
+	    PORT_SetError(signature->failureReason);
+	}
+	return signature->status;
+}
+signerCert = ocsp_GetSignerCertificate(handle, tbsData,
+signature, issuer);
+if (signerCert == NULL) {
+	rv = SECFailure;
+	if (PORT_GetError() == SEC_ERROR_UNKNOWN_CERT) {
+	    /* Make the error a little more specific. */
+	    PORT_SetError(SEC_ERROR_OCSP_INVALID_SIGNING_CERT);
+	}
+	goto finish;
+}
+/*
+* We could mark this true at the top of this function, or always
+* below at "finish", but if the problem was just that we could not
+* find the signer's cert, leave that as if the signature hasn't
+* been checked in case a subsequent call might have better luck.
+*/
+signature->wasChecked = PR_TRUE;
+/*
+* The function will also verify the signer certificate; we
+* need to tell it *when* that certificate must be valid -- for our
+* purposes we expect it to be valid when the response was signed.
+* The value of "producedAt" is the signing time.
+*/
+rv = DER_GeneralizedTimeToTime(&producedAt, &tbsData->producedAt);
+if (rv != SECSuccess)
+goto finish;
+/*
+* Just because we have a cert does not mean it is any good; check
+* it for validity, trust and usage.
+*/
+if (ocsp_CertIsOCSPDefaultResponder(handle, signerCert)) {
+rv = SECSuccess;
+} else {
+SECCertUsage certUsage;
+if (CERT_IsCACert(signerCert, NULL)) {
+certUsage = certUsageAnyCA;
+} else {
+certUsage = certUsageStatusResponder;
+}
+rv = cert_VerifyCertWithFlags(handle, signerCert, PR_TRUE, certUsage,
+producedAt, CERT_VERIFYCERT_SKIP_OCSP,
+pwArg, NULL);
+if (rv != SECSuccess) {
+PORT_SetError(SEC_ERROR_OCSP_INVALID_SIGNING_CERT);
+goto finish;
+}
+}
+rv = ocsp_VerifyResponseSignature(signerCert, signature,
+tbsResponseDataDER,
+pwArg);
+finish:
+if (signature->wasChecked)
+	signature->status = rv;
+if (rv != SECSuccess) {
+	signature->failureReason = PORT_GetError();
+	if (signerCert != NULL)
+	    CERT_DestroyCertificate(signerCert);
+} else {
+	/*
+	 * Save signer's certificate in signature.
+	 */
+	signature->cert = signerCert;
+	if (pSignerCert != NULL) {
+	    /*
+	     * Pass pointer to signer's certificate back to our caller,
+	     * who is also now responsible for destroying it.
+	     */
+	    *pSignerCert = CERT_DupCertificate(signerCert);
+	}
+}
+return rv;
+}
+/*
+* See if the request's certID and the single response's certID match.
+* This can be easy or difficult, depending on whether the same hash
+* algorithm was used.
+*/
+static PRBool
+ocsp_CertIDsMatch(CERTOCSPCertID *requestCertID,
+		  CERTOCSPCertID *responseCertID)
+{
+PRBool match = PR_FALSE;
+SECOidTag hashAlg;
+SECItem *keyHash = NULL;
+SECItem *nameHash = NULL;
+/*
+* In order to match, they must have the same issuer and the same
+* serial number.
+*
+* We just compare the easier things first.
+*/
+if (SECITEM_CompareItem(&requestCertID->serialNumber,
+			    &responseCertID->serialNumber) != SECEqual) {
+	goto done;
+}
+/*
+* Make sure the "parameters" are not too bogus.  Since we encoded
+* requestCertID->hashAlgorithm, we don't need to check it.
+*/
+if (responseCertID->hashAlgorithm.parameters.len > 2) {
+	goto done;
+}
+if (SECITEM_CompareItem(&requestCertID->hashAlgorithm.algorithm,
+		&responseCertID->hashAlgorithm.algorithm) == SECEqual) {
+	/*
+	 * If the hash algorithms match then we can do a simple compare
+	 * of the hash values themselves.
+	 */
+	if ((SECITEM_CompareItem(&requestCertID->issuerNameHash,
+				&responseCertID->issuerNameHash) == SECEqual)
+	    && (SECITEM_CompareItem(&requestCertID->issuerKeyHash,
+				&responseCertID->issuerKeyHash) == SECEqual)) {
+	    match = PR_TRUE;
+	}
+	goto done;
+}
+hashAlg = SECOID_FindOIDTag(&responseCertID->hashAlgorithm.algorithm);
+switch (hashAlg) {
+case SEC_OID_SHA1:
+	keyHash = &requestCertID->issuerSHA1KeyHash;
+	nameHash = &requestCertID->issuerSHA1NameHash;
+	break;
+case SEC_OID_MD5:
+	keyHash = &requestCertID->issuerMD5KeyHash;
+	nameHash = &requestCertID->issuerMD5NameHash;
+	break;
+case SEC_OID_MD2:
+	keyHash = &requestCertID->issuerMD2KeyHash;
+	nameHash = &requestCertID->issuerMD2NameHash;
+	break;
+default:
+	PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
+	return PR_FALSE;
+}
+if ((keyHash != NULL)
+	&& (SECITEM_CompareItem(nameHash,
+				&responseCertID->issuerNameHash) == SECEqual)
+	&& (SECITEM_CompareItem(keyHash,
+				&responseCertID->issuerKeyHash) == SECEqual)) {
+	match = PR_TRUE;
+}
+done:
+return match;
+}
+/*
+* Find the single response for the cert specified by certID.
+* No copying is done; this just returns a pointer to the appropriate
+* response within responses, if it is found (and null otherwise).
+* This is fine, of course, since this function is internal-use only.
+*/
+static CERTOCSPSingleResponse *
+ocsp_GetSingleResponseForCertID(CERTOCSPSingleResponse **responses,
+				CERTCertDBHandle *handle,
+				CERTOCSPCertID *certID)
+{
+CERTOCSPSingleResponse *single;
+int i;
+if (responses == NULL)
+	return NULL;
+for (i = 0; responses[i] != NULL; i++) {
+	single = responses[i];
+	if (ocsp_CertIDsMatch(certID, single->certID)) {
+	    return single;
+	}
+}
+/*
+* The OCSP server should have included a response even if it knew
+* nothing about the certificate in question.  Since it did not,
+* this will make it look as if it had.
+*
+* XXX Should we make this a separate error to notice the server's
+* bad behavior?
+*/
+PORT_SetError(SEC_ERROR_OCSP_UNKNOWN_CERT);
+return NULL;
+}
+static ocspCheckingContext *
+ocsp_GetCheckingContext(CERTCertDBHandle *handle)
+{
+CERTStatusConfig *statusConfig;
+ocspCheckingContext *ocspcx = NULL;
+statusConfig = CERT_GetStatusConfig(handle);
+if (statusConfig != NULL) {
+	ocspcx = statusConfig->statusContext;
+	/*
+	 * This is actually an internal error, because we should never
+	 * have a good statusConfig without a good statusContext, too.
+	 * For lack of anything better, though, we just assert and use
+	 * the same error as if there were no statusConfig (set below).
+	 */
+	PORT_Assert(ocspcx != NULL);
+}
+if (ocspcx == NULL)
+	PORT_SetError(SEC_ERROR_OCSP_NOT_ENABLED);
+return ocspcx;
+}
+/*
+* Return cert reference if the given signerCert is the default responder for
+* the given certID.  If not, or if any error, return NULL.
+*/
+static CERTCertificate *
+ocsp_CertGetDefaultResponder(CERTCertDBHandle *handle, CERTOCSPCertID *certID)
+{
+ocspCheckingContext *ocspcx;
+ocspcx = ocsp_GetCheckingContext(handle);
+if (ocspcx == NULL)
+	goto loser;
+/*
+* Right now we have only one default responder.  It applies to
+* all certs when it is used, so the check is simple and certID
+* has no bearing on the answer.  Someday in the future we may
+* allow configuration of different responders for different
+* issuers, and then we would have to use the issuer specified
+* in certID to determine if signerCert is the right one.
+*/
+if (ocspcx->useDefaultResponder) {
+	PORT_Assert(ocspcx->defaultResponderCert != NULL);
+	return ocspcx->defaultResponderCert;
+}
+loser:
+return NULL;
+}
+/*
+* Return true if the cert is one of the default responders configured for
+* ocsp context. If not, or if any error, return false.
+*/
+PRBool
+ocsp_CertIsOCSPDefaultResponder(CERTCertDBHandle *handle, CERTCertificate *cert)
+{
+ocspCheckingContext *ocspcx;
+ocspcx = ocsp_GetCheckingContext(handle);
+if (ocspcx == NULL)
+	return PR_FALSE;
+/*
+* Right now we have only one default responder.  It applies to
+* all certs when it is used, so the check is simple and certID
+* has no bearing on the answer.  Someday in the future we may
+* allow configuration of different responders for different
+* issuers, and then we would have to use the issuer specified
+* in certID to determine if signerCert is the right one.
+*/
+if (ocspcx->useDefaultResponder &&
+CERT_CompareCerts(ocspcx->defaultResponderCert, cert)) {
+	return PR_TRUE;
+}
+return PR_FALSE;
+}
+/*
+* Check that the given signer certificate is authorized to sign status
+* information for the given certID.  Return true if it is, false if not
+* (or if there is any error along the way).  If false is returned because
+* the signer is not authorized, the following error will be set:
+*	SEC_ERROR_OCSP_UNAUTHORIZED_RESPONSE
+* Other errors are low-level problems (no memory, bad database, etc.).
+*
+* There are three ways to be authorized.  In the order in which we check,
+* using the terms used in the OCSP spec, the signer must be one of:
+*  1.  A "trusted responder" -- it matches a local configuration
+*      of OCSP signing authority for the certificate in question.
+*  2.  The CA who issued the certificate in question.
+*  3.  A "CA designated responder", aka an "authorized responder" -- it
+*      must be represented by a special cert issued by the CA who issued
+*      the certificate in question.
+*/
+static PRBool
+ocsp_AuthorizedResponderForCertID(CERTCertDBHandle *handle,
+				  CERTCertificate *signerCert,
+				  CERTOCSPCertID *certID,
+				  PRTime thisUpdate)
+{
+CERTCertificate *issuerCert = NULL, *defRespCert;
+SECItem *keyHash = NULL;
+SECItem *nameHash = NULL;
+SECOidTag hashAlg;
+PRBool keyHashEQ = PR_FALSE, nameHashEQ = PR_FALSE;
+/*
+* Check first for a trusted responder, which overrides everything else.
+*/
+if ((defRespCert = ocsp_CertGetDefaultResponder(handle, certID)) &&
+CERT_CompareCerts(defRespCert, signerCert)) {
+return PR_TRUE;
+}
+/*
+* In the other two cases, we need to do an issuer comparison.
+* How we do it depends on whether the signer certificate has the
+* special extension (for a designated responder) or not.
+*
+* First, lets check if signer of the response is the actual issuer
+* of the cert. For that we will use signer cert key hash and cert subj
+* name hash and will compare them with already calculated issuer key
+* hash and issuer name hash. The hash algorithm is picked from response
+* certID hash to avoid second hash calculation.
+*/
+hashAlg = SECOID_FindOIDTag(&certID->hashAlgorithm.algorithm);
+keyHash = CERT_GetSubjectPublicKeyDigest(NULL, signerCert, hashAlg, NULL);
+if (keyHash != NULL) {
+keyHashEQ =
+(SECITEM_CompareItem(keyHash,
+&certID->issuerKeyHash) == SECEqual);
+SECITEM_FreeItem(keyHash, PR_TRUE);
+}
+if (keyHashEQ &&
+(nameHash = CERT_GetSubjectNameDigest(NULL, signerCert,
+hashAlg, NULL))) {
+nameHashEQ =
+(SECITEM_CompareItem(nameHash,
+&certID->issuerNameHash) == SECEqual);
+SECITEM_FreeItem(nameHash, PR_TRUE);
+if (nameHashEQ) {
+/* The issuer of the cert is the the signer of the response */
+return PR_TRUE;
+}
+}
+keyHashEQ = PR_FALSE;
+nameHashEQ = PR_FALSE;
+if (!ocsp_CertIsOCSPDesignatedResponder(signerCert)) {
+PORT_SetError(SEC_ERROR_OCSP_UNAUTHORIZED_RESPONSE);
+return PR_FALSE;
+}
+/*
+* The signer is a designated responder.  Its issuer must match
+* the issuer of the cert being checked.
+*/
+issuerCert = CERT_FindCertIssuer(signerCert, thisUpdate,
+certUsageAnyCA);
+if (issuerCert == NULL) {
+/*
+* We could leave the SEC_ERROR_UNKNOWN_ISSUER error alone,
+* but the following will give slightly more information.
+* Once we have an error stack, things will be much better.
+*/
+PORT_SetError(SEC_ERROR_OCSP_UNAUTHORIZED_RESPONSE);
+return PR_FALSE;
+}
+keyHash = CERT_GetSubjectPublicKeyDigest(NULL, issuerCert, hashAlg, NULL);
+nameHash = CERT_GetSubjectNameDigest(NULL, issuerCert, hashAlg, NULL);
+CERT_DestroyCertificate(issuerCert);
+if (keyHash != NULL && nameHash != NULL) {
+keyHashEQ =
+(SECITEM_CompareItem(keyHash,
+&certID->issuerKeyHash) == SECEqual);
+nameHashEQ =
+(SECITEM_CompareItem(nameHash,
+&certID->issuerNameHash) == SECEqual);
+}
+if (keyHash) {
+SECITEM_FreeItem(keyHash, PR_TRUE);
+}
+if (nameHash) {
+SECITEM_FreeItem(nameHash, PR_TRUE);
+}
+if (keyHashEQ && nameHashEQ) {
+return PR_TRUE;
+}
+PORT_SetError(SEC_ERROR_OCSP_UNAUTHORIZED_RESPONSE);
+return PR_FALSE;
+}
+/*
+* We need to check that a responder gives us "recent" information.
+* Since a responder can pre-package responses, we need to pick an amount
+* of time that is acceptable to us, and reject any response that is
+* older than that.
+*
+* XXX This *should* be based on some configuration parameter, so that
+* different usages could specify exactly what constitutes "sufficiently
+* recent".  But that is not going to happen right away.  For now, we
+* want something from within the last 24 hours.  This macro defines that
+* number in seconds.
+*/
+#define OCSP_ALLOWABLE_LAPSE_SECONDS	(24L * 60L * 60L)
+static PRBool
+ocsp_TimeIsRecent(PRTime checkTime)
+{
+PRTime now = PR_Now();
+PRTime lapse, tmp;
+LL_I2L(lapse, OCSP_ALLOWABLE_LAPSE_SECONDS);
+LL_I2L(tmp, PR_USEC_PER_SEC);
+LL_MUL(lapse, lapse, tmp);		/* allowable lapse in microseconds */
+LL_ADD(checkTime, checkTime, lapse);
+if (LL_CMP(now, >, checkTime))
+	return PR_FALSE;
+return PR_TRUE;
+}
+#define OCSP_SLOP (5L*60L) /* OCSP responses are allowed to be 5 minutes
+in the future by default */
+static PRUint32 ocspsloptime = OCSP_SLOP;	/* seconds */
+/*
+* If an old response contains the revoked certificate status, we want
+* to return SECSuccess so the response will be used.
+*/
+static SECStatus
+ocsp_HandleOldSingleResponse(CERTOCSPSingleResponse *single, PRTime time)
+{
+SECStatus rv;
+ocspCertStatus *status = single->certStatus;
+if (status->certStatusType == ocspCertStatus_revoked) {
+rv = ocsp_CertRevokedAfter(status->certStatusInfo.revokedInfo, time);
+if (rv != SECSuccess &&
+PORT_GetError() == SEC_ERROR_REVOKED_CERTIFICATE) {
+/*
+* Return SECSuccess now.  The subsequent ocsp_CertRevokedAfter
+* call in ocsp_CertHasGoodStatus will cause
+* ocsp_CertHasGoodStatus to fail with
+* SEC_ERROR_REVOKED_CERTIFICATE.
+*/
+return SECSuccess;
+}
+}
+PORT_SetError(SEC_ERROR_OCSP_OLD_RESPONSE);
+return SECFailure;
+}
+/*
+* Check that this single response is okay.  A return of SECSuccess means:
+*   1. The signer (represented by "signerCert") is authorized to give status
+*	for the cert represented by the individual response in "single".
+*   2. The value of thisUpdate is earlier than now.
+*   3. The value of producedAt is later than or the same as thisUpdate.
+*   4. If nextUpdate is given:
+*	- The value of nextUpdate is later than now.
+*	- The value of producedAt is earlier than nextUpdate.
+*	Else if no nextUpdate:
+*	- The value of thisUpdate is fairly recent.
+*	- The value of producedAt is fairly recent.
+*	However we do not need to perform an explicit check for this last
+*	constraint because it is already guaranteed by checking that
+*	producedAt is later than thisUpdate and thisUpdate is recent.
+* Oh, and any responder is "authorized" to say that a cert is unknown to it.
+*
+* If any of those checks fail, SECFailure is returned and an error is set:
+*	SEC_ERROR_OCSP_FUTURE_RESPONSE
+*	SEC_ERROR_OCSP_OLD_RESPONSE
+*	SEC_ERROR_OCSP_UNAUTHORIZED_RESPONSE
+* Other errors are low-level problems (no memory, bad database, etc.).
+*/
+static SECStatus
+ocsp_VerifySingleResponse(CERTOCSPSingleResponse *single,
+			  CERTCertDBHandle *handle,
+			  CERTCertificate *signerCert,
+			  PRTime producedAt)
+{
+CERTOCSPCertID *certID = single->certID;
+PRTime now, thisUpdate, nextUpdate, tmstamp, tmp;
+SECStatus rv;
+OCSP_TRACE(("OCSP ocsp_VerifySingleResponse, nextUpdate: %d\n",
+((single->nextUpdate) != 0)));
+/*
+* If all the responder said was that the given cert was unknown to it,
+* that is a valid response.  Not very interesting to us, of course,
+* but all this function is concerned with is validity of the response,
+* not the status of the cert.
+*/
+PORT_Assert(single->certStatus != NULL);
+if (single->certStatus->certStatusType == ocspCertStatus_unknown)
+	return SECSuccess;
+/*
+* We need to extract "thisUpdate" for use below and to pass along
+* to AuthorizedResponderForCertID in case it needs it for doing an
+* issuer look-up.
+*/
+rv = DER_GeneralizedTimeToTime(&thisUpdate, &single->thisUpdate);
+if (rv != SECSuccess)
+	return rv;
+/*
+* First confirm that signerCert is authorized to give this status.
+*/
+if (ocsp_AuthorizedResponderForCertID(handle, signerCert, certID,
+					  thisUpdate) != PR_TRUE)
+	return SECFailure;
+/*
+* Now check the time stuff, as described above.
+*/
+now = PR_Now();
+/* allow slop time for future response */
+LL_UI2L(tmstamp, ocspsloptime); /* get slop time in seconds */
+LL_UI2L(tmp, PR_USEC_PER_SEC);
+LL_MUL(tmp, tmstamp, tmp); /* convert the slop time to PRTime */
+LL_ADD(tmstamp, tmp, now); /* add current time to it */
+if (LL_CMP(thisUpdate, >, tmstamp) || LL_CMP(producedAt, <, thisUpdate)) {
+	PORT_SetError(SEC_ERROR_OCSP_FUTURE_RESPONSE);
+	return SECFailure;
+}
+if (single->nextUpdate != NULL) {
+	rv = DER_GeneralizedTimeToTime(&nextUpdate, single->nextUpdate);
+	if (rv != SECSuccess)
+	    return rv;
+	LL_ADD(tmp, tmp, nextUpdate);
+	if (LL_CMP(tmp, <, now) || LL_CMP(producedAt, >, nextUpdate))
+	    return ocsp_HandleOldSingleResponse(single, now);
+} else if (ocsp_TimeIsRecent(thisUpdate) != PR_TRUE) {
+	return ocsp_HandleOldSingleResponse(single, now);
+}
+return SECSuccess;
+}
+/*
+* FUNCTION: CERT_GetOCSPAuthorityInfoAccessLocation
+*   Get the value of the URI of the OCSP responder for the given cert.
+*   This is found in the (optional) Authority Information Access extension
+*   in the cert.
+* INPUTS:
+*   CERTCertificate *cert
+*     The certificate being examined.
+* RETURN:
+*   char *
+*     A copy of the URI for the OCSP method, if found.  If either the
+*     extension is not present or it does not contain an entry for OCSP,
+*     SEC_ERROR_CERT_BAD_ACCESS_LOCATION will be set and a NULL returned.
+*     Any other error will also result in a NULL being returned.
+*
+*     This result should be freed (via PORT_Free) when no longer in use.
+*/
+char *
+CERT_GetOCSPAuthorityInfoAccessLocation(const CERTCertificate *cert)
+{
+CERTGeneralName *locname = NULL;
+SECItem *location = NULL;
+SECItem *encodedAuthInfoAccess = NULL;
+CERTAuthInfoAccess **authInfoAccess = NULL;
+char *locURI = NULL;
+PLArenaPool *arena = NULL;
+SECStatus rv;
+int i;
+/*
+* Allocate this one from the heap because it will get filled in
+* by CERT_FindCertExtension which will also allocate from the heap,
+* and we can free the entire thing on our way out.
+*/
+encodedAuthInfoAccess = SECITEM_AllocItem(NULL, NULL, 0);
+if (encodedAuthInfoAccess == NULL)
+	goto loser;
+rv = CERT_FindCertExtension(cert, SEC_OID_X509_AUTH_INFO_ACCESS,
+				encodedAuthInfoAccess);
+if (rv == SECFailure) {
+	PORT_SetError(SEC_ERROR_CERT_BAD_ACCESS_LOCATION);
+	goto loser;
+}
+/*
+* The rest of the things allocated in the routine will come out of
+* this arena, which is temporary just for us to decode and get at the
+* AIA extension.  The whole thing will be destroyed on our way out,
+* after we have copied the location string (url) itself (if found).
+*/
+arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+if (arena == NULL)
+	goto loser;
+authInfoAccess = CERT_DecodeAuthInfoAccessExtension(arena,
+							encodedAuthInfoAccess);
+if (authInfoAccess == NULL)
+	goto loser;
+for (i = 0; authInfoAccess[i] != NULL; i++) {
+	if (SECOID_FindOIDTag(&authInfoAccess[i]->method) == SEC_OID_PKIX_OCSP)
+	    locname = authInfoAccess[i]->location;
+}
+/*
+* If we found an AIA extension, but it did not include an OCSP method,
+* that should look to our caller as if we did not find the extension
+* at all, because it is only an OCSP method that we care about.
+* So set the same error that would be set if the AIA extension was
+* not there at all.
+*/
+if (locname == NULL) {
+	PORT_SetError(SEC_ERROR_CERT_BAD_ACCESS_LOCATION);
+	goto loser;
+}
+/*
+* The following is just a pointer back into locname (i.e. not a copy);
+* thus it should not be freed.
+*/
+location = CERT_GetGeneralNameByType(locname, certURI, PR_FALSE);
+if (location == NULL) {
+	/*
+	 * XXX Appears that CERT_GetGeneralNameByType does not set an
+	 * error if there is no name by that type.  For lack of anything
+	 * better, act as if the extension was not found.  In the future
+	 * this should probably be something more like the extension was
+	 * badly formed.
+	 */
+	PORT_SetError(SEC_ERROR_CERT_BAD_ACCESS_LOCATION);
+	goto loser;
+}
+/*
+* That location is really a string, but it has a specified length
+* without a null-terminator.  We need a real string that does have
+* a null-terminator, and we need a copy of it anyway to return to
+* our caller -- so allocate and copy.
+*/
+locURI = PORT_Alloc(location->len + 1);
+if (locURI == NULL) {
+	goto loser;
+}
+PORT_Memcpy(locURI, location->data, location->len);
+locURI[location->len] = '\0';
+loser:
+if (arena != NULL)
+	PORT_FreeArena(arena, PR_FALSE);
+if (encodedAuthInfoAccess != NULL)
+	SECITEM_FreeItem(encodedAuthInfoAccess, PR_TRUE);
+return locURI;
+}
+/*
+* Figure out where we should go to find out the status of the given cert
+* via OCSP.  If allowed to use a default responder uri and a default
+* responder is set up, then that is our answer.
+* If not, see if the certificate has an Authority Information Access (AIA)
+* extension for OCSP, and return the value of that.  Otherwise return NULL.
+* We also let our caller know whether or not the responder chosen was
+* a default responder or not through the output variable isDefault;
+* its value has no meaning unless a good (non-null) value is returned
+* for the location.
+*
+* The result needs to be freed (PORT_Free) when no longer in use.
+*/
+char *
+ocsp_GetResponderLocation(CERTCertDBHandle *handle, CERTCertificate *cert,
+			  PRBool canUseDefault, PRBool *isDefault)
+{
+ocspCheckingContext *ocspcx = NULL;
+char *ocspUrl = NULL;
+if (canUseDefault) {
+ocspcx = ocsp_GetCheckingContext(handle);
+}
+if (ocspcx != NULL && ocspcx->useDefaultResponder) {
+	/*
+	 * A default responder wins out, if specified.
+	 * XXX Someday this may be a more complicated determination based
+	 * on the cert's issuer.  (That is, we could have different default
+	 * responders configured for different issuers.)
+	 */
+	PORT_Assert(ocspcx->defaultResponderURI != NULL);
+	*isDefault = PR_TRUE;
+	return (PORT_Strdup(ocspcx->defaultResponderURI));
+}
+/*
+* No default responder set up, so go see if we can find an AIA
+* extension that has a value for OCSP, and get the url from that.
+*/
+*isDefault = PR_FALSE;
+ocspUrl = CERT_GetOCSPAuthorityInfoAccessLocation(cert);
+if (!ocspUrl) {
+	CERT_StringFromCertFcn altFcn;
+	PR_EnterMonitor(OCSP_Global.monitor);
+	altFcn = OCSP_Global.alternateOCSPAIAFcn;
+	PR_ExitMonitor(OCSP_Global.monitor);
+	if (altFcn) {
+	    ocspUrl = (*altFcn)(cert);
+	    if (ocspUrl)
+		*isDefault = PR_TRUE;
+	}
+}
+return ocspUrl;
+}
+/*
+* Return SECSuccess if the cert was revoked *after* "time",
+* SECFailure otherwise.
+*/
+static SECStatus
+ocsp_CertRevokedAfter(ocspRevokedInfo *revokedInfo, PRTime time)
+{
+PRTime revokedTime;
+SECStatus rv;
+rv = DER_GeneralizedTimeToTime(&revokedTime, &revokedInfo->revocationTime);
+if (rv != SECSuccess)
+	return rv;
+/*
+* Set the error even if we will return success; someone might care.
+*/
+PORT_SetError(SEC_ERROR_REVOKED_CERTIFICATE);
+if (LL_CMP(revokedTime, >, time))
+	return SECSuccess;
+return SECFailure;
+}
+/*
+* See if the cert represented in the single response had a good status
+* at the specified time.
+*/
+SECStatus
+ocsp_CertHasGoodStatus(ocspCertStatus *status, PRTime time)
+{
+SECStatus rv;
+switch (status->certStatusType) {
+case ocspCertStatus_good:
+rv = SECSuccess;
+break;
+case ocspCertStatus_revoked:
+rv = ocsp_CertRevokedAfter(status->certStatusInfo.revokedInfo, time);
+break;
+case ocspCertStatus_unknown:
+PORT_SetError(SEC_ERROR_OCSP_UNKNOWN_CERT);
+rv = SECFailure;
+break;
+case ocspCertStatus_other:
+default:
+PORT_Assert(0);
+PORT_SetError(SEC_ERROR_OCSP_MALFORMED_RESPONSE);
+rv = SECFailure;
+break;
+}
+return rv;
+}
+static SECStatus
+ocsp_SingleResponseCertHasGoodStatus(CERTOCSPSingleResponse *single,
+PRTime time)
+{
+return ocsp_CertHasGoodStatus(single->certStatus, time);
+}
+/* SECFailure means the arguments were invalid.
+* On SECSuccess, the out parameters contain the OCSP status.
+* rvOcsp contains the overall result of the OCSP operation.
+* Depending on input parameter ignoreGlobalOcspFailureSetting,
+* a soft failure might be converted into *rvOcsp=SECSuccess.
+* If the cached attempt to obtain OCSP information had resulted
+* in a failure, missingResponseError shows the error code of
+* that failure.
+* cacheFreshness is ocspMissing if no entry was found,
+*                   ocspFresh if a fresh entry was found, or
+*                   ocspStale if a stale entry was found.
+*/
+SECStatus
+ocsp_GetCachedOCSPResponseStatus(CERTOCSPCertID *certID,
+PRTime time,
+PRBool ignoreGlobalOcspFailureSetting,
+SECStatus *rvOcsp,
+SECErrorCodes *missingResponseError,
+OCSPFreshness *cacheFreshness)
+{
+OCSPCacheItem *cacheItem = NULL;
+if (!certID || !missingResponseError || !rvOcsp || !cacheFreshness) {
+PORT_SetError(SEC_ERROR_INVALID_ARGS);
+return SECFailure;
+}
+*rvOcsp = SECFailure;
+*missingResponseError = 0;
+*cacheFreshness = ocspMissing;
+PR_EnterMonitor(OCSP_Global.monitor);
+cacheItem = ocsp_FindCacheEntry(&OCSP_Global.cache, certID);
+if (cacheItem) {
+*cacheFreshness = ocsp_IsCacheItemFresh(cacheItem) ? ocspFresh
+: ocspStale;
+/* having an arena means, we have a cached certStatus */
+if (cacheItem->certStatusArena) {
+*rvOcsp = ocsp_CertHasGoodStatus(&cacheItem->certStatus, time);
+if (*rvOcsp != SECSuccess) {
+*missingResponseError = PORT_GetError();
+}
+} else {
+/*
+* No status cached, the previous attempt failed.
+* If OCSP is required, we never decide based on a failed attempt
+* However, if OCSP is optional, a recent OCSP failure is
+* an allowed good state.
+*/
+if (*cacheFreshness == ocspFresh &&
+!ignoreGlobalOcspFailureSetting &&
+OCSP_Global.ocspFailureMode ==
+ocspMode_FailureIsNotAVerificationFailure) {
+*rvOcsp = SECSuccess;
+}
+*missingResponseError = cacheItem->missingResponseError;
+}
+}
+PR_ExitMonitor(OCSP_Global.monitor);
+return SECSuccess;
+}
+PRBool
+ocsp_FetchingFailureIsVerificationFailure(void)
+{
+PRBool isFailure;
+PR_EnterMonitor(OCSP_Global.monitor);
+isFailure =
+OCSP_Global.ocspFailureMode == ocspMode_FailureIsVerificationFailure;
+PR_ExitMonitor(OCSP_Global.monitor);
+return isFailure;
+}
+/*
+* FUNCTION: CERT_CheckOCSPStatus
+*   Checks the status of a certificate via OCSP.  Will only check status for
+*   a certificate that has an AIA (Authority Information Access) extension
+*   for OCSP *or* when a "default responder" is specified and enabled.
+*   (If no AIA extension for OCSP and no default responder in place, the
+*   cert is considered to have a good status and SECSuccess is returned.)
+* INPUTS:
+*   CERTCertDBHandle *handle
+*     certificate DB of the cert that is being checked
+*   CERTCertificate *cert
+*     the certificate being checked
+*   XXX in the long term also need a boolean parameter that specifies
+*	whether to check the cert chain, as well; for now we check only
+*	the leaf (the specified certificate)
+*   PRTime time
+*     time for which status is to be determined
+*   void *pwArg
+*     argument for password prompting, if needed
+* RETURN:
+*   Returns SECSuccess if an approved OCSP responder "knows" the cert
+*   *and* returns a non-revoked status for it; SECFailure otherwise,
+*   with an error set describing the reason:
+*
+*	SEC_ERROR_OCSP_BAD_HTTP_RESPONSE
+*	SEC_ERROR_OCSP_FUTURE_RESPONSE
+*	SEC_ERROR_OCSP_MALFORMED_REQUEST
+*	SEC_ERROR_OCSP_MALFORMED_RESPONSE
+*	SEC_ERROR_OCSP_OLD_RESPONSE
+*	SEC_ERROR_OCSP_REQUEST_NEEDS_SIG
+*	SEC_ERROR_OCSP_SERVER_ERROR
+*	SEC_ERROR_OCSP_TRY_SERVER_LATER
+*	SEC_ERROR_OCSP_UNAUTHORIZED_REQUEST
+*	SEC_ERROR_OCSP_UNAUTHORIZED_RESPONSE
+*	SEC_ERROR_OCSP_UNKNOWN_CERT
+*	SEC_ERROR_OCSP_UNKNOWN_RESPONSE_STATUS
+*	SEC_ERROR_OCSP_UNKNOWN_RESPONSE_TYPE
+*
+*	SEC_ERROR_BAD_SIGNATURE
+*	SEC_ERROR_CERT_BAD_ACCESS_LOCATION
+*	SEC_ERROR_INVALID_TIME
+*	SEC_ERROR_REVOKED_CERTIFICATE
+*	SEC_ERROR_UNKNOWN_ISSUER
+*	SEC_ERROR_UNKNOWN_SIGNER
+*
+*   Other errors are any of the many possible failures in cert verification
+*   (e.g. SEC_ERROR_REVOKED_CERTIFICATE, SEC_ERROR_UNTRUSTED_ISSUER) when
+*   verifying the signer's cert, or low-level problems (error allocating
+*   memory, error performing ASN.1 decoding, etc.).
+*/
+SECStatus
+CERT_CheckOCSPStatus(CERTCertDBHandle *handle, CERTCertificate *cert,
+		     PRTime time, void *pwArg)
+{
+CERTOCSPCertID *certID;
+PRBool certIDWasConsumed = PR_FALSE;
+SECStatus rv;
+SECStatus rvOcsp;
+SECErrorCodes cachedErrorCode;
+OCSPFreshness cachedResponseFreshness;
+OCSP_TRACE_CERT(cert);
+OCSP_TRACE_TIME("## requested validity time:", time);
+certID = CERT_CreateOCSPCertID(cert, time);
+if (!certID)
+return SECFailure;
+rv = ocsp_GetCachedOCSPResponseStatus(
+certID, time, PR_FALSE, /* ignoreGlobalOcspFailureSetting */
+&rvOcsp, &cachedErrorCode, &cachedResponseFreshness);
+if (rv != SECSuccess) {
+CERT_DestroyOCSPCertID(certID);
+return SECFailure;
+}
+if (cachedResponseFreshness == ocspFresh) {
+CERT_DestroyOCSPCertID(certID);
+if (rvOcsp != SECSuccess) {
+PORT_SetError(cachedErrorCode);
+}
+return rvOcsp;
+}
+rv = ocsp_GetOCSPStatusFromNetwork(handle, certID, cert, time, pwArg,
+&certIDWasConsumed,
+&rvOcsp);
+if (rv != SECSuccess) {
+PRErrorCode err = PORT_GetError();
+if (ocsp_FetchingFailureIsVerificationFailure()) {
+PORT_SetError(err);
+rvOcsp = SECFailure;
+} else if (cachedResponseFreshness == ocspStale &&
+(cachedErrorCode == SEC_ERROR_OCSP_UNKNOWN_CERT ||
+cachedErrorCode == SEC_ERROR_REVOKED_CERTIFICATE)) {
+/* If we couldn't get a response for a certificate that the OCSP
+* responder previously told us was bad, then assume it is still
+* bad until we hear otherwise, as it is very unlikely that the
+* certificate status has changed from "revoked" to "good" and it
+* is also unlikely that the certificate status has changed from
+* "unknown" to "good", except for some buggy OCSP responders.
+*/
+PORT_SetError(cachedErrorCode);
+rvOcsp = SECFailure;
+} else {
+rvOcsp = SECSuccess;
+}
+}
+if (!certIDWasConsumed) {
+CERT_DestroyOCSPCertID(certID);
+}
+return rvOcsp;
+}
+/*
+* FUNCTION: CERT_CacheOCSPResponseFromSideChannel
+*   First, this function checks the OCSP cache to see if a good response
+*   for the given certificate already exists. If it does, then the function
+*   returns successfully.
+*
+*   If not, then it validates that the given OCSP response is a valid,
+*   good response for the given certificate and inserts it into the
+*   cache.
+*
+*   This function is intended for use when OCSP responses are provided via a
+*   side-channel, i.e. TLS OCSP stapling (a.k.a. the status_request extension).
+*
+* INPUTS:
+*   CERTCertDBHandle *handle
+*     certificate DB of the cert that is being checked
+*   CERTCertificate *cert
+*     the certificate being checked
+*   PRTime time
+*     time for which status is to be determined
+*   SECItem *encodedResponse
+*     the DER encoded bytes of the OCSP response
+*   void *pwArg
+*     argument for password prompting, if needed
+* RETURN:
+*   SECSuccess if the cert was found in the cache, or if the OCSP response was
+*   found to be valid and inserted into the cache. SECFailure otherwise.
+*/
+SECStatus
+CERT_CacheOCSPResponseFromSideChannel(CERTCertDBHandle *handle,
+				      CERTCertificate *cert,
+				      PRTime time,
+				      const SECItem *encodedResponse,
+				      void *pwArg)
+{
+CERTOCSPCertID *certID = NULL;
+PRBool certIDWasConsumed = PR_FALSE;
+SECStatus rv = SECFailure;
+SECStatus rvOcsp = SECFailure;
+SECErrorCodes dummy_error_code; /* we ignore this */
+CERTOCSPResponse *decodedResponse = NULL;
+CERTOCSPSingleResponse *singleResponse = NULL;
+OCSPFreshness freshness;
+/* The OCSP cache can be in three states regarding this certificate:
+*    + Good (cached, timely, 'good' response, or revoked in the future)
+*    + Revoked (cached, timely, but doesn't fit in the last category)
+*    + Miss (no knowledge)
+*
+* Likewise, the side-channel information can be
+*    + Good (timely, 'good' response, or revoked in the future)
+*    + Revoked (timely, but doesn't fit in the last category)
+*    + Invalid (bad syntax, bad signature, not timely etc)
+*
+* The common case is that the cache result is Good and so is the
+* side-channel information. We want to save processing time in this case
+* so we say that any time we see a Good result from the cache we return
+* early.
+*
+*                       Cache result
+*      | Good             Revoked               Miss
+*   ---+--------------------------------------------
+*    G |  noop           Cache more           Cache it
+* S    |                 recent result
+* i    |
+* d    |
+* e    |
+*    R |  noop           Cache more           Cache it
+* C    |                 recent result
+* h    |
+* a    |
+* n    |
+* n  I |  noop           Noop                  Noop
+* e    |
+* l    |
+*
+* When we fetch from the network we might choose to cache a negative
+* result when the response is invalid. This saves us hammering, uselessly,
+* at a broken responder. However, side channels are commonly attacker
+* controlled and so we must not cache a negative result for an Invalid
+* side channel.
+*/
+if (!cert || !encodedResponse) {
+PORT_SetError(SEC_ERROR_INVALID_ARGS);
+return SECFailure;
+}
+certID = CERT_CreateOCSPCertID(cert, time);
+if (!certID)
+return SECFailure;
+/* We pass PR_TRUE for ignoreGlobalOcspFailureSetting so that a cached
+* error entry is not interpreted as being a 'Good' entry here.
+*/
+rv = ocsp_GetCachedOCSPResponseStatus(
+certID, time, PR_TRUE, /* ignoreGlobalOcspFailureSetting */
+&rvOcsp, &dummy_error_code, &freshness);
+if (rv == SECSuccess && rvOcsp == SECSuccess && freshness == ocspFresh) {
+/* The cached value is good. We don't want to waste time validating
+* this OCSP response. This is the first column in the table above. */
+CERT_DestroyOCSPCertID(certID);
+return rv;
+}
+/* The logic for caching the more recent response is handled in
+* ocsp_CacheSingleResponse. */
+rv = ocsp_GetDecodedVerifiedSingleResponseForID(handle, certID, cert,
+						    time, pwArg,
+						    encodedResponse,
+						    &decodedResponse,
+						    &singleResponse);
+if (rv == SECSuccess) {
+	rvOcsp = ocsp_SingleResponseCertHasGoodStatus(singleResponse, time);
+	/* Cache any valid singleResponse, regardless of status. */
+	ocsp_CacheSingleResponse(certID, singleResponse, &certIDWasConsumed);
+}
+if (decodedResponse) {
+	CERT_DestroyOCSPResponse(decodedResponse);
+}
+if (!certIDWasConsumed) {
+CERT_DestroyOCSPCertID(certID);
+}
+return rv == SECSuccess ? rvOcsp : rv;
+}
+/*
+* Status in *certIDWasConsumed will always be correct, regardless of
+* return value.
+*/
+static SECStatus
+ocsp_GetOCSPStatusFromNetwork(CERTCertDBHandle *handle,
+CERTOCSPCertID *certID,
+CERTCertificate *cert,
+PRTime time,
+void *pwArg,
+PRBool *certIDWasConsumed,
+SECStatus *rv_ocsp)
+{
+char *location = NULL;
+PRBool locationIsDefault;
+SECItem *encodedResponse = NULL;
+CERTOCSPRequest *request = NULL;
+SECStatus rv = SECFailure;
+CERTOCSPResponse *decodedResponse = NULL;
+CERTOCSPSingleResponse *singleResponse = NULL;
+enum { stageGET, stagePOST } currentStage;
+PRBool retry = PR_FALSE;
+if (!certIDWasConsumed || !rv_ocsp) {
+PORT_SetError(SEC_ERROR_INVALID_ARGS);
+return SECFailure;
+}
+*certIDWasConsumed = PR_FALSE;
+*rv_ocsp = SECFailure;
+if (!OCSP_Global.monitor) {
+PORT_SetError(SEC_ERROR_NOT_INITIALIZED);
+return SECFailure;
+}
+PR_EnterMonitor(OCSP_Global.monitor);
+if (OCSP_Global.forcePost) {
+currentStage = stagePOST;
+} else {
+currentStage = stageGET;
+}
+PR_ExitMonitor(OCSP_Global.monitor);
+/*
+* The first thing we need to do is find the location of the responder.
+* This will be the value of the default responder (if enabled), else
+* it will come out of the AIA extension in the cert (if present).
+* If we have no such location, then this cert does not "deserve" to
+* be checked -- that is, we consider it a success and just return.
+* The way we tell that is by looking at the error number to see if
+* the problem was no AIA extension was found; any other error was
+* a true failure that we unfortunately have to treat as an overall
+* failure here.
+*/
+location = ocsp_GetResponderLocation(handle, cert, PR_TRUE,
+&locationIsDefault);
+if (location == NULL) {
+int err = PORT_GetError();
+if (err == SEC_ERROR_EXTENSION_NOT_FOUND ||
+err == SEC_ERROR_CERT_BAD_ACCESS_LOCATION) {
+PORT_SetError(0);
+*rv_ocsp = SECSuccess;
+return SECSuccess;
+}
+return SECFailure;
+}
+/*
+* XXX In the fullness of time, we will want/need to handle a
+* certificate chain.  This will be done either when a new parameter
+* tells us to, or some configuration variable tells us to.  In any
+* case, handling it is complicated because we may need to send as
+* many requests (and receive as many responses) as we have certs
+* in the chain.  If we are going to talk to a default responder,
+* and we only support one default responder, we can put all of the
+* certs together into one request.  Otherwise, we must break them up
+* into multiple requests.  (Even if all of the requests will go to
+* the same location, the signature on each response will be different,
+* because each issuer is different.  Carefully read the OCSP spec
+* if you do not understand this.)
+*/
+/*
+* XXX If/when signing of requests is supported, that second NULL
+* should be changed to be the signer certificate.  Not sure if that
+* should be passed into this function or retrieved via some operation
+* on the handle/context.
+*/
+do {
+	const char *method;
+	PRBool validResponseWithAccurateInfo = PR_FALSE;
+	retry = PR_FALSE;
+	*rv_ocsp = SECFailure;
+	if (currentStage == stageGET) {
+	    method = "GET";
+	} else {
+	    PORT_Assert(currentStage == stagePOST);
+	    method = "POST";
+	}
+	encodedResponse =
+	    ocsp_GetEncodedOCSPResponseForSingleCert(NULL, certID, cert,
+						     location, method,
+						     time, locationIsDefault,
+						     pwArg, &request);
+	if (encodedResponse) {
+	    rv = ocsp_GetDecodedVerifiedSingleResponseForID(handle, certID, cert,
+							    time, pwArg,
+							    encodedResponse,
+							    &decodedResponse,
+							    &singleResponse);
+	    if (rv == SECSuccess) {
+		switch (singleResponse->certStatus->certStatusType) {
+		    case ocspCertStatus_good:
+		    case ocspCertStatus_revoked:
+			validResponseWithAccurateInfo = PR_TRUE;
+			break;
+		    default:
+			break;
+		}
+		*rv_ocsp = ocsp_SingleResponseCertHasGoodStatus(singleResponse, time);
+	    }
+	}
+	if (currentStage == stageGET) {
+	    /* only accept GET response if good or revoked */
+	    if (validResponseWithAccurateInfo) {
+		ocsp_CacheSingleResponse(certID, singleResponse,
+					 certIDWasConsumed);
+	    } else {
+		retry = PR_TRUE;
+		currentStage = stagePOST;
+	    }
+	} else {
+	    /* cache the POST respone, regardless of status */
+	    if (!singleResponse) {
+		cert_RememberOCSPProcessingFailure(certID, certIDWasConsumed);
+	    } else {
+		ocsp_CacheSingleResponse(certID, singleResponse,
+					 certIDWasConsumed);
+	    }
+	}
+	if (encodedResponse) {
+	    SECITEM_FreeItem(encodedResponse, PR_TRUE);
+	    encodedResponse = NULL;
+	}
+	if (request) {
+	    CERT_DestroyOCSPRequest(request);
+	    request = NULL;
+	}
+	if (decodedResponse) {
+	    CERT_DestroyOCSPResponse(decodedResponse);
+	    decodedResponse = NULL;
+	}
+	singleResponse = NULL;
+} while (retry);
+PORT_Free(location);
+return rv;
+}
+/*
+* FUNCTION: ocsp_GetDecodedVerifiedSingleResponseForID
+*   This function decodes an OCSP response and checks for a valid response
+*   concerning the given certificate.
+*
+*   Note: a 'valid' response is one that parses successfully, is not an OCSP
+*   exception (see RFC 2560 Section 2.3), is correctly signed and is current.
+*   A 'good' response is a valid response that attests that the certificate
+*   is not currently revoked (see RFC 2560 Section 2.2).
+*
+* INPUTS:
+*   CERTCertDBHandle *handle
+*     certificate DB of the cert that is being checked
+*   CERTOCSPCertID *certID
+*     the cert ID corresponding to |cert|
+*   CERTCertificate *cert
+*     the certificate being checked
+*   PRTime time
+*     time for which status is to be determined
+*   void *pwArg
+*     the opaque argument to the password prompting function.
+*   SECItem *encodedResponse
+*     the DER encoded bytes of the OCSP response
+*   CERTOCSPResponse **pDecodedResponse
+*     (output) The caller must ALWAYS check for this output parameter,
+*     and if it's non-null, must destroy it using CERT_DestroyOCSPResponse.
+*   CERTOCSPSingleResponse **pSingle
+*     (output) on success, this points to the single response that corresponds
+*     to the certID parameter. Points to the inside of pDecodedResponse.
+*     It isn't a copy, don't free it.
+* RETURN:
+*   SECSuccess iff the response is valid.
+*/
+static SECStatus
+ocsp_GetDecodedVerifiedSingleResponseForID(CERTCertDBHandle *handle,
+					   CERTOCSPCertID *certID,
+					   CERTCertificate *cert,
+					   PRTime time,
+					   void *pwArg,
+					   const SECItem *encodedResponse,
+					   CERTOCSPResponse **pDecodedResponse,
+					   CERTOCSPSingleResponse **pSingle)
+{
+CERTCertificate *signerCert = NULL;
+CERTCertificate *issuerCert = NULL;
+SECStatus rv = SECFailure;
+if (!pSingle || !pDecodedResponse) {
+	return SECFailure;
+}
+*pSingle = NULL;
+*pDecodedResponse = CERT_DecodeOCSPResponse(encodedResponse);
+if (!*pDecodedResponse) {
+	return SECFailure;
+}
+/*
+* Okay, we at least have a response that *looks* like a response!
+* Now see if the overall response status value is good or not.
+* If not, we set an error and give up.  (It means that either the
+* server had a problem, or it didn't like something about our
+* request.  Either way there is nothing to do but give up.)
+* Otherwise, we continue to find the actual per-cert status
+* in the response.
+*/
+if (CERT_GetOCSPResponseStatus(*pDecodedResponse) != SECSuccess) {
+	goto loser;
+}
+/*
+* If we've made it this far, we expect a response with a good signature.
+* So, check for that.
+*/
+issuerCert = CERT_FindCertIssuer(cert, time, certUsageAnyCA);
+rv = CERT_VerifyOCSPResponseSignature(*pDecodedResponse, handle, pwArg,
+&signerCert, issuerCert);
+if (rv != SECSuccess) {
+	goto loser;
+}
+PORT_Assert(signerCert != NULL);	/* internal consistency check */
+/* XXX probably should set error, return failure if signerCert is null */
+/*
+* Again, we are only doing one request for one cert.
+* XXX When we handle cert chains, the following code will obviously
+* have to be modified, in coordation with the code above that will
+* have to determine how to make multiple requests, etc.
+*/
+rv = ocsp_GetVerifiedSingleResponseForCertID(handle, *pDecodedResponse, certID,
+signerCert, time, pSingle);
+loser:
+if (issuerCert != NULL)
+	CERT_DestroyCertificate(issuerCert);
+if (signerCert != NULL)
+	CERT_DestroyCertificate(signerCert);
+return rv;
+}
+/*
+* FUNCTION: ocsp_CacheSingleResponse
+*   This function requires that the caller has checked that the response
+*   is valid and verified.
+*   The (positive or negative) valid response will be used to update the cache.
+* INPUTS:
+*   CERTOCSPCertID *certID
+*     the cert ID corresponding to |cert|
+*   PRBool *certIDWasConsumed
+*     (output) on return, this is true iff |certID| was consumed by this
+*     function.
+*/
+void
+ocsp_CacheSingleResponse(CERTOCSPCertID *certID,
+			 CERTOCSPSingleResponse *single,
+			 PRBool *certIDWasConsumed)
+{
+if (single != NULL) {
+	PR_EnterMonitor(OCSP_Global.monitor);
+	if (OCSP_Global.maxCacheEntries >= 0) {
+	    ocsp_CreateOrUpdateCacheEntry(&OCSP_Global.cache, certID, single,
+					  certIDWasConsumed);
+	    /* ignore cache update failures */
+	}
+	PR_ExitMonitor(OCSP_Global.monitor);
+}
+}
+SECStatus
+ocsp_GetVerifiedSingleResponseForCertID(CERTCertDBHandle *handle,
+CERTOCSPResponse *response,
+CERTOCSPCertID   *certID,
+CERTCertificate  *signerCert,
+PRTime            time,
+CERTOCSPSingleResponse
+**pSingleResponse)
+{
+SECStatus rv;
+ocspResponseData *responseData;
+PRTime producedAt;
+CERTOCSPSingleResponse *single;
+/*
+* The ResponseData part is the real guts of the response.
+*/
+responseData = ocsp_GetResponseData(response, NULL);
+if (responseData == NULL) {
+rv = SECFailure;
+goto loser;
+}
+/*
+* There is one producedAt time for the entire response (and a separate
+* thisUpdate time for each individual single response).  We need to
+* compare them, so get the overall time to pass into the check of each
+* single response.
+*/
+rv = DER_GeneralizedTimeToTime(&producedAt, &responseData->producedAt);
+if (rv != SECSuccess)
+goto loser;
+single = ocsp_GetSingleResponseForCertID(responseData->responses,
+handle, certID);
+if (single == NULL) {
+rv = SECFailure;
+goto loser;
+}
+rv = ocsp_VerifySingleResponse(single, handle, signerCert, producedAt);
+if (rv != SECSuccess)
+goto loser;
+*pSingleResponse = single;
+loser:
+return rv;
+}
+SECStatus
+CERT_GetOCSPStatusForCertID(CERTCertDBHandle *handle,
+CERTOCSPResponse *response,
+CERTOCSPCertID   *certID,
+CERTCertificate  *signerCert,
+PRTime            time)
+{
+/*
+* We do not update the cache, because:
+*
+* CERT_GetOCSPStatusForCertID is an old exported API that was introduced
+* before the OCSP cache got implemented.
+*
+* The implementation of helper function cert_ProcessOCSPResponse
+* requires the ability to transfer ownership of the the given certID to
+* the cache. The external API doesn't allow us to prevent the caller from
+* destroying the certID. We don't have the original certificate available,
+* therefore we are unable to produce another certID object (that could
+* be stored in the cache).
+*
+* Should we ever implement code to produce a deep copy of certID,
+* then this could be changed to allow updating the cache.
+* The duplication would have to be done in
+* cert_ProcessOCSPResponse, if the out parameter to indicate
+* a transfer of ownership is NULL.
+*/
+return cert_ProcessOCSPResponse(handle, response, certID,
+signerCert, time,
+NULL, NULL);
+}
+/*
+* The first 5 parameters match the definition of CERT_GetOCSPStatusForCertID.
+*/
+SECStatus
+cert_ProcessOCSPResponse(CERTCertDBHandle *handle,
+CERTOCSPResponse *response,
+CERTOCSPCertID   *certID,
+CERTCertificate  *signerCert,
+PRTime            time,
+PRBool           *certIDWasConsumed,
+SECStatus        *cacheUpdateStatus)
+{
+SECStatus rv;
+SECStatus rv_cache = SECSuccess;
+CERTOCSPSingleResponse *single = NULL;
+rv = ocsp_GetVerifiedSingleResponseForCertID(handle, response, certID,
+signerCert, time, &single);
+if (rv == SECSuccess) {
+/*
+* Check whether the status says revoked, and if so
+* how that compares to the time value passed into this routine.
+*/
+rv = ocsp_SingleResponseCertHasGoodStatus(single, time);
+}
+if (certIDWasConsumed) {
+/*
+* We don't have copy-of-certid implemented. In order to update
+* the cache, the caller must supply an out variable
+* certIDWasConsumed, allowing us to return ownership status.
+*/
+PR_EnterMonitor(OCSP_Global.monitor);
+if (OCSP_Global.maxCacheEntries >= 0) {
+/* single == NULL means: remember response failure */
+rv_cache =
+ocsp_CreateOrUpdateCacheEntry(&OCSP_Global.cache, certID,
+single, certIDWasConsumed);
+}
+PR_ExitMonitor(OCSP_Global.monitor);
+if (cacheUpdateStatus) {
+*cacheUpdateStatus = rv_cache;
+}
+}
+return rv;
+}
+SECStatus
+cert_RememberOCSPProcessingFailure(CERTOCSPCertID *certID,
+PRBool         *certIDWasConsumed)
+{
+SECStatus rv = SECSuccess;
+PR_EnterMonitor(OCSP_Global.monitor);
+if (OCSP_Global.maxCacheEntries >= 0) {
+rv = ocsp_CreateOrUpdateCacheEntry(&OCSP_Global.cache, certID, NULL,
+certIDWasConsumed);
+}
+PR_ExitMonitor(OCSP_Global.monitor);
+return rv;
+}
+/*
+* Disable status checking and destroy related structures/data.
+*/
+static SECStatus
+ocsp_DestroyStatusChecking(CERTStatusConfig *statusConfig)
+{
+ocspCheckingContext *statusContext;
+/*
+* Disable OCSP checking
+*/
+statusConfig->statusChecker = NULL;
+statusContext = statusConfig->statusContext;
+PORT_Assert(statusContext != NULL);
+if (statusContext == NULL)
+	return SECFailure;
+if (statusContext->defaultResponderURI != NULL)
+	PORT_Free(statusContext->defaultResponderURI);
+if (statusContext->defaultResponderNickname != NULL)
+	PORT_Free(statusContext->defaultResponderNickname);
+PORT_Free(statusContext);
+statusConfig->statusContext = NULL;
+PORT_Free(statusConfig);
+return SECSuccess;
+}
+/*
+* FUNCTION: CERT_DisableOCSPChecking
+*   Turns off OCSP checking for the given certificate database.
+*   This routine disables OCSP checking.  Though it will return
+*   SECFailure if OCSP checking is not enabled, it is "safe" to
+*   call it that way and just ignore the return value, if it is
+*   easier to just call it than to "remember" whether it is enabled.
+* INPUTS:
+*   CERTCertDBHandle *handle
+*     Certificate database for which OCSP checking will be disabled.
+* RETURN:
+*   Returns SECFailure if an error occurred (usually means that OCSP
+*   checking was not enabled or status contexts were not initialized --
+*   error set will be SEC_ERROR_OCSP_NOT_ENABLED); SECSuccess otherwise.
+*/
+SECStatus
+CERT_DisableOCSPChecking(CERTCertDBHandle *handle)
+{
+CERTStatusConfig *statusConfig;
+ocspCheckingContext *statusContext;
+if (handle == NULL) {
+	PORT_SetError(SEC_ERROR_INVALID_ARGS);
+	return SECFailure;
+}
+statusConfig = CERT_GetStatusConfig(handle);
+statusContext = ocsp_GetCheckingContext(handle);
+if (statusContext == NULL)
+	return SECFailure;
+if (statusConfig->statusChecker != CERT_CheckOCSPStatus) {
+	/*
+	 * Status configuration is present, but either not currently
+	 * enabled or not for OCSP.
+	 */
+	PORT_SetError(SEC_ERROR_OCSP_NOT_ENABLED);
+	return SECFailure;
+}
+/* cache no longer necessary */
+CERT_ClearOCSPCache();
+/*
+* This is how we disable status checking.  Everything else remains
+* in place in case we are enabled again.
+*/
+statusConfig->statusChecker = NULL;
+return SECSuccess;
+}
+/*
+* Allocate and initialize the informational structures for status checking.
+* This is done when some configuration of OCSP is being done or when OCSP
+* checking is being turned on, whichever comes first.
+*/
+static SECStatus
+ocsp_InitStatusChecking(CERTCertDBHandle *handle)
+{
+CERTStatusConfig *statusConfig = NULL;
+ocspCheckingContext *statusContext = NULL;
+PORT_Assert(CERT_GetStatusConfig(handle) == NULL);
+if (CERT_GetStatusConfig(handle) != NULL) {
+	/* XXX or call statusConfig->statusDestroy and continue? */
+	return SECFailure;
+}
+statusConfig = PORT_ZNew(CERTStatusConfig);
+if (statusConfig == NULL)
+	goto loser;
+statusContext = PORT_ZNew(ocspCheckingContext);
+if (statusContext == NULL)
+	goto loser;
+statusConfig->statusDestroy = ocsp_DestroyStatusChecking;
+statusConfig->statusContext = statusContext;
+CERT_SetStatusConfig(handle, statusConfig);
+return SECSuccess;
+loser:
+if (statusConfig != NULL)
+	PORT_Free(statusConfig);
+return SECFailure;
+}
+/*
+* FUNCTION: CERT_EnableOCSPChecking
+*   Turns on OCSP checking for the given certificate database.
+* INPUTS:
+*   CERTCertDBHandle *handle
+*     Certificate database for which OCSP checking will be enabled.
+* RETURN:
+*   Returns SECFailure if an error occurred (likely only problem
+*   allocating memory); SECSuccess otherwise.
+*/
+SECStatus
+CERT_EnableOCSPChecking(CERTCertDBHandle *handle)
+{
+CERTStatusConfig *statusConfig;
+SECStatus rv;
+if (handle == NULL) {
+	PORT_SetError(SEC_ERROR_INVALID_ARGS);
+	return SECFailure;
+}
+statusConfig = CERT_GetStatusConfig(handle);
+if (statusConfig == NULL) {
+	rv = ocsp_InitStatusChecking(handle);
+	if (rv != SECSuccess)
+	    return rv;
+	/* Get newly established value */
+	statusConfig = CERT_GetStatusConfig(handle);
+	PORT_Assert(statusConfig != NULL);
+}
+/*
+* Setting the checker function is what really enables the checking
+* when each cert verification is done.
+*/
+statusConfig->statusChecker = CERT_CheckOCSPStatus;
+return SECSuccess;
+}
+/*
+* FUNCTION: CERT_SetOCSPDefaultResponder
+*   Specify the location and cert of the default responder.
+*   If OCSP checking is already enabled *and* use of a default responder
+*   is also already enabled, all OCSP checking from now on will go directly
+*   to the specified responder.  If OCSP checking is not enabled, or if
+*   it is but use of a default responder is not enabled, the information
+*   will be recorded and take effect whenever both are enabled.
+* INPUTS:
+*   CERTCertDBHandle *handle
+*     Cert database on which OCSP checking should use the default responder.
+*   char *url
+*     The location of the default responder (e.g. "http://foo.com:80/ocsp")
+*     Note that the location will not be tested until the first attempt
+*     to send a request there.
+*   char *name
+*     The nickname of the cert to trust (expected) to sign the OCSP responses.
+*     If the corresponding cert cannot be found, SECFailure is returned.
+* RETURN:
+*   Returns SECFailure if an error occurred; SECSuccess otherwise.
+*   The most likely error is that the cert for "name" could not be found
+*   (probably SEC_ERROR_UNKNOWN_CERT).  Other errors are low-level (no memory,
+*   bad database, etc.).
+*/
+SECStatus
+CERT_SetOCSPDefaultResponder(CERTCertDBHandle *handle,
+			     const char *url, const char *name)
+{
+CERTCertificate *cert;
+ocspCheckingContext *statusContext;
+char *url_copy = NULL;
+char *name_copy = NULL;
+SECStatus rv;
+if (handle == NULL || url == NULL || name == NULL) {
+	/*
+	 * XXX When interface is exported, probably want better errors;
+	 * perhaps different one for each parameter.
+	 */
+	PORT_SetError(SEC_ERROR_INVALID_ARGS);
+	return SECFailure;
+}
+/*
+* Find the certificate for the specified nickname.  Do this first
+* because it seems the most likely to fail.
+*
+* XXX Shouldn't need that cast if the FindCertByNickname interface
+* used const to convey that it does not modify the name.  Maybe someday.
+*/
+cert = CERT_FindCertByNickname(handle, (char *) name);
+if (cert == NULL) {
+/*
+* look for the cert on an external token.
+*/
+cert = PK11_FindCertFromNickname((char *)name, NULL);
+}
+if (cert == NULL)
+	return SECFailure;
+/*
+* Make a copy of the url and nickname.
+*/
+url_copy = PORT_Strdup(url);
+name_copy = PORT_Strdup(name);
+if (url_copy == NULL || name_copy == NULL) {
+	rv = SECFailure;
+	goto loser;
+}
+statusContext = ocsp_GetCheckingContext(handle);
+/*
+* Allocate and init the context if it doesn't already exist.
+*/
+if (statusContext == NULL) {
+	rv = ocsp_InitStatusChecking(handle);
+	if (rv != SECSuccess)
+	    goto loser;
+	statusContext = ocsp_GetCheckingContext(handle);
+	PORT_Assert(statusContext != NULL);	/* extreme paranoia */
+}
+/*
+* Note -- we do not touch the status context until after all of
+* the steps which could cause errors.  If something goes wrong,
+* we want to leave things as they were.
+*/
+/*
+* Get rid of old url and name if there.
+*/
+if (statusContext->defaultResponderNickname != NULL)
+	PORT_Free(statusContext->defaultResponderNickname);
+if (statusContext->defaultResponderURI != NULL)
+	PORT_Free(statusContext->defaultResponderURI);
+/*
+* And replace them with the new ones.
+*/
+statusContext->defaultResponderURI = url_copy;
+statusContext->defaultResponderNickname = name_copy;
+/*
+* If there was already a cert in place, get rid of it and replace it.
+* Otherwise, we are not currently enabled, so we don't want to save it;
+* it will get re-found and set whenever use of a default responder is
+* enabled.
+*/
+if (statusContext->defaultResponderCert != NULL) {
+	CERT_DestroyCertificate(statusContext->defaultResponderCert);
+	statusContext->defaultResponderCert = cert;
+/*OCSP enabled, switching responder: clear cache*/
+CERT_ClearOCSPCache();
+} else {
+	PORT_Assert(statusContext->useDefaultResponder == PR_FALSE);
+	CERT_DestroyCertificate(cert);
+/*OCSP currently not enabled, no need to clear cache*/
+}
+return SECSuccess;
+loser:
+CERT_DestroyCertificate(cert);
+if (url_copy != NULL)
+	PORT_Free(url_copy);
+if (name_copy != NULL)
+	PORT_Free(name_copy);
+return rv;
+}
+/*
+* FUNCTION: CERT_EnableOCSPDefaultResponder
+*   Turns on use of a default responder when OCSP checking.
+*   If OCSP checking is already enabled, this will make subsequent checks
+*   go directly to the default responder.  (The location of the responder
+*   and the nickname of the responder cert must already be specified.)
+*   If OCSP checking is not enabled, this will be recorded and take effect
+*   whenever it is enabled.
+* INPUTS:
+*   CERTCertDBHandle *handle
+*     Cert database on which OCSP checking should use the default responder.
+* RETURN:
+*   Returns SECFailure if an error occurred; SECSuccess otherwise.
+*   No errors are especially likely unless the caller did not previously
+*   perform a successful call to SetOCSPDefaultResponder (in which case
+*   the error set will be SEC_ERROR_OCSP_NO_DEFAULT_RESPONDER).
+*/
+SECStatus
+CERT_EnableOCSPDefaultResponder(CERTCertDBHandle *handle)
+{
+ocspCheckingContext *statusContext;
+CERTCertificate *cert;
+SECStatus rv;
+SECCertificateUsage usage;
+if (handle == NULL) {
+	PORT_SetError(SEC_ERROR_INVALID_ARGS);
+	return SECFailure;
+}
+statusContext = ocsp_GetCheckingContext(handle);
+if (statusContext == NULL) {
+	/*
+	 * Strictly speaking, the error already set is "correct",
+	 * but cover over it with one more helpful in this context.
+	 */
+	PORT_SetError(SEC_ERROR_OCSP_NO_DEFAULT_RESPONDER);
+	return SECFailure;
+}
+if (statusContext->defaultResponderURI == NULL) {
+	PORT_SetError(SEC_ERROR_OCSP_NO_DEFAULT_RESPONDER);
+	return SECFailure;
+}
+if (statusContext->defaultResponderNickname == NULL) {
+	PORT_SetError(SEC_ERROR_OCSP_NO_DEFAULT_RESPONDER);
+	return SECFailure;
+}
+/*
+* Find the cert for the nickname.
+*/
+cert = CERT_FindCertByNickname(handle,
+				   statusContext->defaultResponderNickname);
+if (cert == NULL) {
+cert = PK11_FindCertFromNickname(statusContext->defaultResponderNickname,
+NULL);
+}
+/*
+* We should never have trouble finding the cert, because its
+* existence should have been proven by SetOCSPDefaultResponder.
+*/
+PORT_Assert(cert != NULL);
+if (cert == NULL)
+	return SECFailure;
+/*
+* Supplied cert should at least have  a signing capability in order for us
+* to use it as a trusted responder cert. Ability to sign is guaranteed  if
+* cert is validated to have any set of the usages below.
+*/
+rv = CERT_VerifyCertificateNow(handle, cert, PR_TRUE,
+certificateUsageCheckAllUsages,
+NULL, &usage);
+if (rv != SECSuccess || (usage & (certificateUsageSSLClient |
+certificateUsageSSLServer |
+certificateUsageSSLServerWithStepUp |
+certificateUsageEmailSigner |
+certificateUsageObjectSigner |
+certificateUsageStatusResponder |
+certificateUsageSSLCA)) == 0) {
+	PORT_SetError(SEC_ERROR_OCSP_RESPONDER_CERT_INVALID);
+	return SECFailure;
+}
+/*
+* And hang onto it.
+*/
+statusContext->defaultResponderCert = cert;
+/* we don't allow a mix of cache entries from different responders */
+CERT_ClearOCSPCache();
+/*
+* Finally, record the fact that we now have a default responder enabled.
+*/
+statusContext->useDefaultResponder = PR_TRUE;
+return SECSuccess;
+}
+/*
+* FUNCTION: CERT_DisableOCSPDefaultResponder
+*   Turns off use of a default responder when OCSP checking.
+*   (Does nothing if use of a default responder is not enabled.)
+* INPUTS:
+*   CERTCertDBHandle *handle
+*     Cert database on which OCSP checking should stop using a default
+*     responder.
+* RETURN:
+*   Returns SECFailure if an error occurred; SECSuccess otherwise.
+*   Errors very unlikely (like random memory corruption...).
+*/
+SECStatus
+CERT_DisableOCSPDefaultResponder(CERTCertDBHandle *handle)
+{
+CERTStatusConfig *statusConfig;
+ocspCheckingContext *statusContext;
+CERTCertificate *tmpCert;
+if (handle == NULL) {
+	PORT_SetError(SEC_ERROR_INVALID_ARGS);
+	return SECFailure;
+}
+statusConfig = CERT_GetStatusConfig(handle);
+if (statusConfig == NULL)
+	return SECSuccess;
+statusContext = ocsp_GetCheckingContext(handle);
+PORT_Assert(statusContext != NULL);
+if (statusContext == NULL)
+	return SECFailure;
+tmpCert = statusContext->defaultResponderCert;
+if (tmpCert) {
+	statusContext->defaultResponderCert = NULL;
+	CERT_DestroyCertificate(tmpCert);
+/* we don't allow a mix of cache entries from different responders */
+CERT_ClearOCSPCache();
+}
+/*
+* Finally, record the fact.
+*/
+statusContext->useDefaultResponder = PR_FALSE;
+return SECSuccess;
+}
+SECStatus
+CERT_ForcePostMethodForOCSP(PRBool forcePost)
+{
+if (!OCSP_Global.monitor) {
+PORT_SetError(SEC_ERROR_NOT_INITIALIZED);
+return SECFailure;
+}
+PR_EnterMonitor(OCSP_Global.monitor);
+OCSP_Global.forcePost = forcePost;
+PR_ExitMonitor(OCSP_Global.monitor);
+return SECSuccess;
+}
+SECStatus
+CERT_GetOCSPResponseStatus(CERTOCSPResponse *response)
+{
+PORT_Assert(response);
+if (response->statusValue == ocspResponse_successful)
+	return SECSuccess;
+switch (response->statusValue) {
+case ocspResponse_malformedRequest:
+	PORT_SetError(SEC_ERROR_OCSP_MALFORMED_REQUEST);
+	break;
+case ocspResponse_internalError:
+	PORT_SetError(SEC_ERROR_OCSP_SERVER_ERROR);
+	break;
+case ocspResponse_tryLater:
+	PORT_SetError(SEC_ERROR_OCSP_TRY_SERVER_LATER);
+	break;
+case ocspResponse_sigRequired:
+	/* XXX We *should* retry with a signature, if possible. */
+	PORT_SetError(SEC_ERROR_OCSP_REQUEST_NEEDS_SIG);
+	break;
+case ocspResponse_unauthorized:
+	PORT_SetError(SEC_ERROR_OCSP_UNAUTHORIZED_REQUEST);
+	break;
+case ocspResponse_unused:
+default:
+	PORT_SetError(SEC_ERROR_OCSP_UNKNOWN_RESPONSE_STATUS);
+	break;
+}
+return SECFailure;
+}

The Tor Browser / file comparison

comparison: security/nss/lib/certhigh/ocsp.c

security/nss/lib/certhigh/ocsp.c