551
551
CERT_CheckOCSPStatus(CERTCertDBHandle *handle, CERTCertificate *cert,
552
552
PRTime time, void *pwArg);
555
* FUNCTION: CERT_CacheOCSPResponseFromSideChannel
556
* First, this function checks the OCSP cache to see if a good response
557
* for the given certificate already exists. If it does, then the function
558
* returns successfully.
560
* If not, then it validates that the given OCSP response is a valid,
561
* good response for the given certificate and inserts it into the
564
* This function is intended for use when OCSP responses are provided via a
565
* side-channel, i.e. TLS OCSP stapling (a.k.a. the status_request extension).
568
* CERTCertDBHandle *handle
569
* certificate DB of the cert that is being checked
570
* CERTCertificate *cert
571
* the certificate being checked
573
* time for which status is to be determined
574
* SECItem *encodedResponse
575
* the DER encoded bytes of the OCSP response
577
* argument for password prompting, if needed
579
* SECSuccess if the cert was found in the cache, or if the OCSP response was
580
* found to be valid and inserted into the cache. SECFailure otherwise.
583
CERT_CacheOCSPResponseFromSideChannel(CERTCertDBHandle *handle,
584
CERTCertificate *cert,
586
SECItem *encodedResponse,
554
590
* FUNCTION: CERT_GetOCSPStatusForCertID
555
591
* Returns the OCSP status contained in the passed in paramter response