1 #include <openssl/pem.h>
2 #include <vppinfra/error.h>
6 ptls_compare_separator_line (const char *line, const char *begin_or_end,
9 int ret = strncmp (line, "-----", 5);
10 size_t text_index = 5;
14 size_t begin_or_end_length = strlen (begin_or_end);
15 ret = strncmp (line + text_index, begin_or_end, begin_or_end_length);
16 text_index += begin_or_end_length;
21 ret = line[text_index] - ' ';
27 size_t label_length = strlen (label);
28 ret = strncmp (line + text_index, label, label_length);
29 text_index += label_length;
34 ret = strncmp (line + text_index, "-----", 5);
41 ptls_get_bio_pem_object (BIO * bio, const char *label, ptls_buffer_t * buf)
43 int ret = PTLS_ERROR_PEM_LABEL_NOT_FOUND;
45 ptls_base64_decode_state_t state;
47 /* Get the label on a line by itself */
48 while (BIO_gets (bio, line, 256))
50 if (ptls_compare_separator_line (line, "BEGIN", label) == 0)
53 ptls_base64_decode_init (&state);
57 /* Get the data in the buffer */
58 while (ret == 0 && BIO_gets (bio, line, 256))
60 if (ptls_compare_separator_line (line, "END", label) == 0)
62 if (state.status == PTLS_BASE64_DECODE_DONE
63 || (state.status == PTLS_BASE64_DECODE_IN_PROGRESS
70 ret = PTLS_ERROR_INCORRECT_BASE64;
76 ret = ptls_base64_decode (line, &state, buf);
84 ptls_load_bio_pem_objects (BIO * bio, const char *label, ptls_iovec_t * list,
85 size_t list_max, size_t * nb_objects)
94 while (count < list_max)
98 ptls_buffer_init (&buf, "", 0);
100 ret = ptls_get_bio_pem_object (bio, label, &buf);
104 if (buf.off > 0 && buf.is_allocated)
106 list[count].base = buf.base;
107 list[count].len = buf.off;
112 ptls_buffer_dispose (&buf);
117 ptls_buffer_dispose (&buf);
123 if (ret == PTLS_ERROR_PEM_LABEL_NOT_FOUND && count > 0)
133 #define PTLS_MAX_CERTS_IN_CONTEXT 16
136 ptls_load_bio_certificates (ptls_context_t * ctx, BIO * bio)
140 ctx->certificates.list =
141 (ptls_iovec_t *) malloc (PTLS_MAX_CERTS_IN_CONTEXT *
142 sizeof (ptls_iovec_t));
144 if (ctx->certificates.list == NULL)
146 ret = PTLS_ERROR_NO_MEMORY;
151 ptls_load_bio_pem_objects (bio, "CERTIFICATE", ctx->certificates.list,
152 PTLS_MAX_CERTS_IN_CONTEXT,
153 &ctx->certificates.count);
160 load_bio_certificate_chain (ptls_context_t * ctx, const char *cert_data)
163 cert_bio = BIO_new_mem_buf (cert_data, -1);
164 if (ptls_load_bio_certificates (ctx, cert_bio) != 0)
174 load_bio_private_key (ptls_context_t * ctx, const char *pk_data)
176 static ptls_openssl_sign_certificate_t sc;
180 key_bio = BIO_new_mem_buf (pk_data, -1);
181 pkey = PEM_read_bio_PrivateKey (key_bio, NULL, NULL, NULL);
187 ptls_openssl_init_sign_certificate (&sc, pkey);
188 EVP_PKEY_free (pkey);
190 ctx->sign_certificate = &sc.super;
195 * fd.io coding-style-patch-verification: ON
198 * eval: (c-set-style "gnu")