From 89ecb2d074158347aa59e6522e4e11362a68fc67 Mon Sep 17 00:00:00 2001 From: Paul Bakker Date: Mon, 24 Jun 2013 19:06:15 +0200 Subject: [PATCH] ssl_parse_certificate() now calls x509parse_crt_der() directly (cherry picked from commit 1922a4e6aade7b1d685af19d4d9339ddb5c02859) --- include/polarssl/x509.h | 12 ++++++++++++ library/ssl_tls.c | 4 ++-- 2 files changed, 14 insertions(+), 2 deletions(-) diff --git a/include/polarssl/x509.h b/include/polarssl/x509.h index ed02ad9cf..df382eaea 100644 --- a/include/polarssl/x509.h +++ b/include/polarssl/x509.h @@ -328,6 +328,18 @@ extern "C" { */ /** \ingroup x509_module */ +/** + * \brief Parse a single DER formatted certificate and add it + * to the chained list. + * + * \param chain points to the start of the chain + * \param buf buffer holding the certificate DER data + * \param buflen size of the buffer + * + * \return 0 if successful, or a specific X509 or PEM error code + */ +int x509parse_crt_der( x509_cert *chain, const unsigned char *buf, size_t buflen ); + /** * \brief Parse one or more certificates and add them * to the chained list. Parses permissively. If some diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 8d68eb6a6..81c21d9a0 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -2115,8 +2115,8 @@ int ssl_parse_certificate( ssl_context *ssl ) return( POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE ); } - ret = x509parse_crt( ssl->session_negotiate->peer_cert, ssl->in_msg + i, - n ); + ret = x509parse_crt_der( ssl->session_negotiate->peer_cert, + ssl->in_msg + i, n ); if( ret != 0 ) { SSL_DEBUG_RET( 1, " x509parse_crt", ret );