/* This function will convert a der certificate to a format * (structure) that gnutls can understand and use. Actually the * important thing on this function is that it extracts the * certificate's (public key) parameters. * * The noext flag is used to complete the handshake even if the * extensions found in the certificate are unsupported and critical. * The critical extensions will be catched by the verification functions. */ int _gnutls_x509_raw_cert_to_gcert (gnutls_cert * gcert, const gnutls_datum_t * derCert, int flags /* OR of ConvFlags */ ) { int ret; gnutls_x509_crt_t cert; ret = gnutls_x509_crt_init (&cert); if (ret < 0) { gnutls_assert (); return ret; } ret = gnutls_x509_crt_import (cert, derCert, GNUTLS_X509_FMT_DER); if (ret < 0) { gnutls_assert (); gnutls_x509_crt_deinit (cert); return ret; } ret = _gnutls_x509_crt_to_gcert (gcert, cert, flags); gnutls_x509_crt_deinit (cert); return ret; }
/* Reads a DER encoded certificate list from memory and stores it to a * gnutls_cert structure. Returns the number of certificates parsed. */ static int parse_crt_mem (gnutls_cert ** cert_list, unsigned *ncerts, gnutls_x509_crt_t cert) { int i; int ret; i = *ncerts + 1; *cert_list = (gnutls_cert *) gnutls_realloc_fast (*cert_list, i * sizeof (gnutls_cert)); if (*cert_list == NULL) { gnutls_assert (); return GNUTLS_E_MEMORY_ERROR; } ret = _gnutls_x509_crt_to_gcert (&cert_list[0][i - 1], cert, 0); if (ret < 0) { gnutls_assert (); return ret; } *ncerts = i; return 1; /* one certificate parsed */ }