summaryrefslogtreecommitdiff
path: root/usr.sbin/rpki-client/cert.c
diff options
context:
space:
mode:
Diffstat (limited to 'usr.sbin/rpki-client/cert.c')
-rw-r--r--usr.sbin/rpki-client/cert.c30
1 files changed, 11 insertions, 19 deletions
diff --git a/usr.sbin/rpki-client/cert.c b/usr.sbin/rpki-client/cert.c
index 7a384194f08..36380d03c0c 100644
--- a/usr.sbin/rpki-client/cert.c
+++ b/usr.sbin/rpki-client/cert.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: cert.c,v 1.40 2021/10/23 16:06:04 claudio Exp $ */
+/* $OpenBSD: cert.c,v 1.41 2021/10/26 13:31:05 claudio Exp $ */
/*
* Copyright (c) 2021 Job Snijders <job@openbsd.org>
* Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv>
@@ -976,7 +976,8 @@ out:
* is also dereferenced.
*/
static struct cert *
-cert_parse_inner(X509 **xp, const char *fn, int ta)
+cert_parse_inner(X509 **xp, const char *fn, const unsigned char *der,
+ size_t len, int ta)
{
int rc = 0, extsz, c;
int sia_present = 0;
@@ -985,28 +986,19 @@ cert_parse_inner(X509 **xp, const char *fn, int ta)
X509_EXTENSION *ext = NULL;
ASN1_OBJECT *obj;
struct parse p;
- BIO *bio = NULL;
- FILE *f;
*xp = NULL;
- if ((f = fopen(fn, "rb")) == NULL) {
- warn("%s", fn);
+ /* just fail for empty buffers, the warning was printed elsewhere */
+ if (der == NULL)
return NULL;
- }
-
- if ((bio = BIO_new_fp(f, BIO_CLOSE)) == NULL) {
- if (verbose > 0)
- cryptowarnx("%s: BIO_new_file", fn);
- return NULL;
- }
memset(&p, 0, sizeof(struct parse));
p.fn = fn;
if ((p.res = calloc(1, sizeof(struct cert))) == NULL)
err(1, NULL);
- if ((x = *xp = d2i_X509_bio(bio, NULL)) == NULL) {
+ if ((x = *xp = d2i_X509(NULL, &der, len)) == NULL) {
cryptowarnx("%s: d2i_X509_bio", p.fn);
goto out;
}
@@ -1144,7 +1136,6 @@ cert_parse_inner(X509 **xp, const char *fn, int ta)
rc = 1;
out:
- BIO_free_all(bio);
if (rc == 0) {
cert_free(p.res);
X509_free(x);
@@ -1154,19 +1145,20 @@ out:
}
struct cert *
-cert_parse(X509 **xp, const char *fn)
+cert_parse(X509 **xp, const char *fn, const unsigned char *der, size_t len)
{
- return cert_parse_inner(xp, fn, 0);
+ return cert_parse_inner(xp, fn, der, len, 0);
}
struct cert *
-ta_parse(X509 **xp, const char *fn, const unsigned char *pkey, size_t pkeysz)
+ta_parse(X509 **xp, const char *fn, const unsigned char *der, size_t len,
+ const unsigned char *pkey, size_t pkeysz)
{
EVP_PKEY *pk = NULL, *opk = NULL;
struct cert *p;
int rc = 0;
- if ((p = cert_parse_inner(xp, fn, 1)) == NULL)
+ if ((p = cert_parse_inner(xp, fn, der, len, 1)) == NULL)
return NULL;
if (pkey != NULL) {