/*-
* gnutls_x509_pkcs7_extract_certificate - This function returns a certificate in a PKCS7 certificate set
* @pkcs7_struct: should contain a PKCS7 DER formatted structure
* @indx: contains the index of the certificate to extract
* @certificate: the contents of the certificate will be copied there
* @certificate_size: should hold the size of the certificate
*
* This function will return a certificate of the PKCS7 or RFC2630 certificate set.
* Returns 0 on success. If the provided buffer is not long enough,
* then GNUTLS_E_SHORT_MEMORY_BUFFER is returned.
*
* After the last certificate has been read GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE
* will be returned.
*
-*/
int
gnutls_x509_pkcs7_extract_certificate (const gnutls_datum_t *
pkcs7_struct, int indx,
char *certificate,
int *certificate_size)
{
gnutls_pkcs7_t pkcs7;
int result;
size_t size = *certificate_size;
result = gnutls_pkcs7_init (&pkcs7);
if (result < 0)
return result;
result = gnutls_pkcs7_import (pkcs7, pkcs7_struct, GNUTLS_X509_FMT_DER);
if (result < 0)
{
gnutls_pkcs7_deinit (pkcs7);
return result;
}
result = gnutls_pkcs7_get_crt_raw (pkcs7, indx, certificate, &size);
*certificate_size = size;
gnutls_pkcs7_deinit (pkcs7);
return result;
}
/*-
* gnutls_x509_pkcs7_extract_certificate_count - This function returns the number of certificates in a PKCS7 certificate set
* @pkcs7_struct: should contain a PKCS7 DER formatted structure
*
* This function will return the number of certifcates in the PKCS7 or
* RFC2630 certificate set.
*
* Returns a negative value on failure.
*
-*/
int
gnutls_x509_pkcs7_extract_certificate_count (const gnutls_datum_t *
pkcs7_struct)
{
gnutls_pkcs7_t pkcs7;
int result;
result = gnutls_pkcs7_init (&pkcs7);
if (result < 0)
return result;
result = gnutls_pkcs7_import (pkcs7, pkcs7_struct, GNUTLS_X509_FMT_DER);
if (result < 0)
{
gnutls_pkcs7_deinit (pkcs7);
return result;
}
result = gnutls_pkcs7_get_crt_count (pkcs7);
gnutls_pkcs7_deinit (pkcs7);
return result;
}
void doit(void)
{
gnutls_pkcs7_t pkcs7;
const char *oid;
gnutls_datum_t data;
int ret;
gnutls_global_set_log_function(tls_log_func);
if (debug)
gnutls_global_set_log_level(6);
/* generate a PKCS #7 structure */
ret = gnutls_pkcs7_init(&pkcs7);
if (ret < 0) {
fail("error in %d: %s\n", __LINE__, gnutls_strerror(ret));
exit(1);
}
ret = gnutls_pkcs7_import(pkcs7, &pkcs7_pem, GNUTLS_X509_FMT_PEM);
if (ret < 0) {
fail("error in %d: %s\n", __LINE__, gnutls_strerror(ret));
exit(1);
}
oid = gnutls_pkcs7_get_embedded_data_oid(pkcs7);
if (oid == NULL) {
fail("error in gnutls_pkcs7_get_embedded_data_oid\n");
exit(1);
}
assert(strcmp(oid, "1.3.6.1.4.1.311.10.1") == 0);
ret = gnutls_pkcs7_get_embedded_data(pkcs7, GNUTLS_PKCS7_EDATA_GET_RAW, &data);
if (ret < 0) {
fail("error in gnutls_pkcs7_get_embedded_data: %s\n", gnutls_strerror(ret));
exit(1);
}
assert(data.size == der_content_size);
assert(memcmp(data.data, der_content, data.size) == 0);
gnutls_pkcs7_deinit(pkcs7);
gnutls_free(data.data);
}
