Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(2)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: nss/mozilla/security/nss/lib/certhigh/ocsp.h

Issue 593027: Update NSS and NSPR to NSS_3_12_6_BETA1 and NSPR_4_8_4_BETA1.... (Closed) Base URL: svn://chrome-svn/chrome/trunk/deps/third_party/
Patch Set: Created 10 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « nss/mozilla/nsprpub/pr/include/md/_win95.cfg ('k') | nss/mozilla/security/nss/lib/certhigh/ocsp.c » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: nss/mozilla/security/nss/lib/certhigh/ocsp.h
===================================================================
--- nss/mozilla/security/nss/lib/certhigh/ocsp.h (revision 38521)
+++ nss/mozilla/security/nss/lib/certhigh/ocsp.h (working copy)
@@ -37,7 +37,7 @@
/*
* Interface to the OCSP implementation.
*
- * $Id: ocsp.h,v 1.14 2009/03/21 01:40:35 nelson%bolyard.com Exp $
+ * $Id: ocsp.h,v 1.17 2010/02/01 20:09:32 wtc%google.com Exp $
*/
#ifndef _OCSP_H_
@@ -550,7 +550,43 @@
extern SECStatus
CERT_CheckOCSPStatus(CERTCertDBHandle *handle, CERTCertificate *cert,
PRTime time, void *pwArg);
+
/*
+ * FUNCTION: CERT_CacheOCSPResponseFromSideChannel
+ * First, this function checks the OCSP cache to see if a good response
+ * for the given certificate already exists. If it does, then the function
+ * returns successfully.
+ *
+ * If not, then it validates that the given OCSP response is a valid,
+ * good response for the given certificate and inserts it into the
+ * cache.
+ *
+ * This function is intended for use when OCSP responses are provided via a
+ * side-channel, i.e. TLS OCSP stapling (a.k.a. the status_request extension).
+ *
+ * INPUTS:
+ * CERTCertDBHandle *handle
+ * certificate DB of the cert that is being checked
+ * CERTCertificate *cert
+ * the certificate being checked
+ * PRTime time
+ * time for which status is to be determined
+ * SECItem *encodedResponse
+ * the DER encoded bytes of the OCSP response
+ * void *pwArg
+ * argument for password prompting, if needed
+ * RETURN:
+ * SECSuccess if the cert was found in the cache, or if the OCSP response was
+ * found to be valid and inserted into the cache. SECFailure otherwise.
+ */
+extern SECStatus
+CERT_CacheOCSPResponseFromSideChannel(CERTCertDBHandle *handle,
+ CERTCertificate *cert,
+ PRTime time,
+ SECItem *encodedResponse,
+ void *pwArg);
+
+/*
* FUNCTION: CERT_GetOCSPStatusForCertID
* Returns the OCSP status contained in the passed in paramter response
* that corresponds to the certID passed in.
« no previous file with comments | « nss/mozilla/nsprpub/pr/include/md/_win95.cfg ('k') | nss/mozilla/security/nss/lib/certhigh/ocsp.c » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698