ssl_parse_certificate() now calls x509parse_crt_der() directly

(cherry picked from commit 1922a4e6aa)

Conflicts:
	library/ssl_tls.c

ChangeLog

@@ -6,6 +6,9 @@ Changes
 
 Bugfix
    * x509parse_crt() now better handles PEM error situations
+   * ssl_parse_certificate() now calls x509parse_crt_der() directly
+     instead of the x509parse_crt() wrapper that can also parse PEM
+	 certificates
 
 = Version 1.1.6 released on 2013-03-11
 Bugfix

include/polarssl/x509.h

@@ -416,6 +416,18 @@ extern "C" {
  */
 
 /** \ingroup x509_module */
+/**
+ * \brief          Parse a single DER formatted certificate and add it
+ *                 to the chained list.
+ *
+ * \param chain    points to the start of the chain
+ * \param buf      buffer holding the certificate DER data
+ * \param buflen   size of the buffer
+ *
+ * \return         0 if successful, or a specific X509 or PEM error code
+ */
+int x509parse_crt_der( x509_cert *chain, const unsigned char *buf, size_t buflen );
+
 /**
  * \brief          Parse one or more certificates and add them
  *                 to the chained list. Parses permissively. If some

library/ssl_tls.c

@@ -1474,7 +1474,7 @@ int ssl_parse_certificate( ssl_context *ssl )
             return( POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE );
         }
 
-        ret = x509parse_crt( ssl->peer_cert, ssl->in_msg + i, n );
+        ret = x509parse_crt_der( ssl->peer_cert, ssl->in_msg + i, n );
         if( ret != 0 )
         {
             SSL_DEBUG_RET( 1, " x509parse_crt", ret );