int SSL_use_certificate_ASN1(SSL *ssl, const uint8_t *der, size_t der_len) {
CRYPTO_BUFFER *buffer = CRYPTO_BUFFER_new(der, der_len, NULL);
if (buffer == NULL) {
return 0;
}
const int ok = ssl_set_cert(ssl->cert, buffer);
CRYPTO_BUFFER_free(buffer);
return ok;
}
/* x509_to_buffer returns a |CRYPTO_BUFFER| that contains the serialised
* contents of |x509|. */
static CRYPTO_BUFFER *x509_to_buffer(X509 *x509) {
uint8_t *buf = NULL;
int cert_len = i2d_X509(x509, &buf);
if (cert_len <= 0) {
return 0;
}
CRYPTO_BUFFER *buffer = CRYPTO_BUFFER_new(buf, cert_len, NULL);
OPENSSL_free(buf);
return buffer;
}
static int set_signed_cert_timestamp_list(CERT *cert, const uint8_t *list,
size_t list_len) {
CBS sct_list;
CBS_init(&sct_list, list, list_len);
if (!ssl_is_sct_list_valid(&sct_list)) {
OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_SCT_LIST);
return 0;
}
CRYPTO_BUFFER_free(cert->signed_cert_timestamp_list);
cert->signed_cert_timestamp_list =
CRYPTO_BUFFER_new(CBS_data(&sct_list), CBS_len(&sct_list), NULL);
return cert->signed_cert_timestamp_list != NULL;
}
int SSL_set_ocsp_response(SSL *ssl, const uint8_t *response,
size_t response_len) {
CRYPTO_BUFFER_free(ssl->cert->ocsp_response);
ssl->cert->ocsp_response = CRYPTO_BUFFER_new(response, response_len, NULL);
return ssl->cert->ocsp_response != NULL;
}
int SSL_CTX_set_ocsp_response(SSL_CTX *ctx, const uint8_t *response,
size_t response_len) {
CRYPTO_BUFFER_free(ctx->cert->ocsp_response);
ctx->cert->ocsp_response = CRYPTO_BUFFER_new(response, response_len, NULL);
return ctx->cert->ocsp_response != NULL;
}
CRYPTO_BUFFER* CRYPTO_BUFFER_new_from_CBS(CBS *cbs, CRYPTO_BUFFER_POOL *pool) {
return CRYPTO_BUFFER_new(CBS_data(cbs), CBS_len(cbs), pool);
}
