I would like to make the following functionality be exposed via the Rust API:

• int OCSP_request_add1_nonce(OCSP_REQUEST *req, unsigned char *val, int len)
• int OCSP_basic_add1_nonce(OCSP_BASICRESP *resp, unsigned char *val, int len)
• int OCSP_check_nonce(OCSP_REQUEST *req, OCSP_BASICRESP *bs)
• int OCSP_copy_nonce(OCSP_BASICRESP *resp, OCSP_REQUEST *req)

I am happy to make a pull request for this, however I am a bit unfamiliar (read: almost totally unfamiliar) with Rust FFI and am not sure exactly how to expose the unsigned char *val, int len tuple in Rust.

Also, where should the check and copy functionality be implemented? My instinct is OCSP_check_nonce should be a free function and that OCSP_copy_nonce should be on the response object, but input on this is welcome.

Here is an outline of my proposed implementation of this. The version for OCSP_BASICRESP is obviously similar.

impl OcspRequestRef {
    pub fn add_nonce(&mut self, &val: Option<some_type>) -> Result<something, ErrorStack> {
        unsafe {
            // if val is None, pass NULL as val and 0 as len--how best to do?
            cvt(ffi::OCSP_request_add1_nonce(self.as_ptr(), val.as_ptr(), val.len()))?;
            Ok(something)
        }
    }
}