ssl_parse_certificate() now calls x509parse_crt_der() directly

This commit is contained in:
Paul Bakker 2013-06-06 15:11:16 +02:00
parent 6417186365
commit 1922a4e6aa
3 changed files with 17 additions and 2 deletions

View file

@ -10,6 +10,9 @@ Bugfix
* Fixed offset for cert_type list in ssl_parse_certificate_request() * Fixed offset for cert_type list in ssl_parse_certificate_request()
* Fixed const correctness issues that have no impact on the ABI * Fixed const correctness issues that have no impact on the ABI
* x509parse_crt() now better handles PEM error situations * x509parse_crt() now better handles PEM error situations
* ssl_parse_certificate() now calls x509parse_crt_der() directly
instead of the x509parse_crt() wrapper that can also parse PEM
certificates
= Version 1.2.7 released 2013-04-13 = Version 1.2.7 released 2013-04-13
Features Features

View file

@ -424,6 +424,18 @@ extern "C" {
*/ */
/** \ingroup x509_module */ /** \ingroup x509_module */
/**
* \brief Parse a single DER formatted certificate and add it
* to the chained list.
*
* \param chain points to the start of the chain
* \param buf buffer holding the certificate DER data
* \param buflen size of the buffer
*
* \return 0 if successful, or a specific X509 or PEM error code
*/
int x509parse_crt_der( x509_cert *chain, const unsigned char *buf, size_t buflen );
/** /**
* \brief Parse one or more certificates and add them * \brief Parse one or more certificates and add them
* to the chained list. Parses permissively. If some * to the chained list. Parses permissively. If some

View file

@ -2375,8 +2375,8 @@ int ssl_parse_certificate( ssl_context *ssl )
return( POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE ); return( POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE );
} }
ret = x509parse_crt( ssl->session_negotiate->peer_cert, ssl->in_msg + i, ret = x509parse_crt_der( ssl->session_negotiate->peer_cert,
n ); ssl->in_msg + i, n );
if( ret != 0 ) if( ret != 0 )
{ {
SSL_DEBUG_RET( 1, " x509parse_crt", ret ); SSL_DEBUG_RET( 1, " x509parse_crt", ret );