/*- * gnutls_x509_pkcs7_extract_certificate - This function returns a certificate in a PKCS7 certificate set * @pkcs7_struct: should contain a PKCS7 DER formatted structure * @indx: contains the index of the certificate to extract * @certificate: the contents of the certificate will be copied there * @certificate_size: should hold the size of the certificate * * This function will return a certificate of the PKCS7 or RFC2630 certificate set. * Returns 0 on success. If the provided buffer is not long enough, * then GNUTLS_E_SHORT_MEMORY_BUFFER is returned. * * After the last certificate has been read GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE * will be returned. * -*/ int gnutls_x509_pkcs7_extract_certificate (const gnutls_datum_t * pkcs7_struct, int indx, char *certificate, int *certificate_size) { gnutls_pkcs7_t pkcs7; int result; size_t size = *certificate_size; result = gnutls_pkcs7_init (&pkcs7); if (result < 0) return result; result = gnutls_pkcs7_import (pkcs7, pkcs7_struct, GNUTLS_X509_FMT_DER); if (result < 0) { gnutls_pkcs7_deinit (pkcs7); return result; } result = gnutls_pkcs7_get_crt_raw (pkcs7, indx, certificate, &size); *certificate_size = size; gnutls_pkcs7_deinit (pkcs7); return result; }
/*- * gnutls_x509_pkcs7_extract_certificate_count - This function returns the number of certificates in a PKCS7 certificate set * @pkcs7_struct: should contain a PKCS7 DER formatted structure * * This function will return the number of certifcates in the PKCS7 or * RFC2630 certificate set. * * Returns a negative value on failure. * -*/ int gnutls_x509_pkcs7_extract_certificate_count (const gnutls_datum_t * pkcs7_struct) { gnutls_pkcs7_t pkcs7; int result; result = gnutls_pkcs7_init (&pkcs7); if (result < 0) return result; result = gnutls_pkcs7_import (pkcs7, pkcs7_struct, GNUTLS_X509_FMT_DER); if (result < 0) { gnutls_pkcs7_deinit (pkcs7); return result; } result = gnutls_pkcs7_get_crt_count (pkcs7); gnutls_pkcs7_deinit (pkcs7); return result; }
void doit(void) { gnutls_pkcs7_t pkcs7; const char *oid; gnutls_datum_t data; int ret; gnutls_global_set_log_function(tls_log_func); if (debug) gnutls_global_set_log_level(6); /* generate a PKCS #7 structure */ ret = gnutls_pkcs7_init(&pkcs7); if (ret < 0) { fail("error in %d: %s\n", __LINE__, gnutls_strerror(ret)); exit(1); } ret = gnutls_pkcs7_import(pkcs7, &pkcs7_pem, GNUTLS_X509_FMT_PEM); if (ret < 0) { fail("error in %d: %s\n", __LINE__, gnutls_strerror(ret)); exit(1); } oid = gnutls_pkcs7_get_embedded_data_oid(pkcs7); if (oid == NULL) { fail("error in gnutls_pkcs7_get_embedded_data_oid\n"); exit(1); } assert(strcmp(oid, "1.3.6.1.4.1.311.10.1") == 0); ret = gnutls_pkcs7_get_embedded_data(pkcs7, GNUTLS_PKCS7_EDATA_GET_RAW, &data); if (ret < 0) { fail("error in gnutls_pkcs7_get_embedded_data: %s\n", gnutls_strerror(ret)); exit(1); } assert(data.size == der_content_size); assert(memcmp(data.data, der_content, data.size) == 0); gnutls_pkcs7_deinit(pkcs7); gnutls_free(data.data); }