LCOV - code coverage report
Current view: top level - builds/gnutls/coverage/gnutls-git/lib - pcert.c (source / functions) Hit Total Coverage
Test: GnuTLS-3.6.14 Code Coverage Lines: 149 193 77.2 %
Date: 2020-10-30 04:50:48 Functions: 10 10 100.0 %
Legend: Lines: hit not hit

          Line data    Source code
       1             : /*
       2             :  * Copyright (C) 2011-2012 Free Software Foundation, Inc.
       3             :  *
       4             :  * Author: Nikos Mavrogiannopoulos
       5             :  *
       6             :  * This file is part of GnuTLS.
       7             :  *
       8             :  * The GnuTLS is free software; you can redistribute it and/or
       9             :  * modify it under the terms of the GNU Lesser General Public License
      10             :  * as published by the Free Software Foundation; either version 2.1 of
      11             :  * the License, or (at your option) any later version.
      12             :  *
      13             :  * This library is distributed in the hope that it will be useful, but
      14             :  * WITHOUT ANY WARRANTY; without even the implied warranty of
      15             :  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
      16             :  * Lesser General Public License for more details.
      17             :  *
      18             :  * You should have received a copy of the GNU Lesser General Public License
      19             :  * along with this program.  If not, see <https://www.gnu.org/licenses/>
      20             :  *
      21             :  */
      22             : 
      23             : #include "gnutls_int.h"
      24             : #include "errors.h"
      25             : #include <auth/cert.h>
      26             : #include <x509/common.h>
      27             : #include <x509.h>
      28             : #include "x509/x509_int.h"
      29             : #include <gnutls/x509.h>
      30             : #include "x509_b64.h"
      31             : 
      32             : /**
      33             :  * gnutls_pcert_import_x509:
      34             :  * @pcert: The pcert structure
      35             :  * @crt: The certificate to be imported
      36             :  * @flags: zero for now
      37             :  *
      38             :  * This convenience function will import the given certificate to a
      39             :  * #gnutls_pcert_st structure. The structure must be deinitialized
      40             :  * afterwards using gnutls_pcert_deinit();
      41             :  *
      42             :  * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
      43             :  *   negative error value.
      44             :  *
      45             :  * Since: 3.0
      46             :  **/
      47       17215 : int gnutls_pcert_import_x509(gnutls_pcert_st * pcert,
      48             :                              gnutls_x509_crt_t crt, unsigned int flags)
      49             : {
      50       17215 :         int ret;
      51             : 
      52       17215 :         memset(pcert, 0, sizeof(*pcert));
      53             : 
      54       17215 :         pcert->type = GNUTLS_CRT_X509;
      55       17215 :         pcert->cert.data = NULL;
      56             : 
      57       17215 :         ret =
      58       17215 :             gnutls_x509_crt_export2(crt, GNUTLS_X509_FMT_DER,
      59             :                                     &pcert->cert);
      60       17215 :         if (ret < 0) {
      61           0 :                 ret = gnutls_assert_val(ret);
      62           0 :                 goto cleanup;
      63             :         }
      64             : 
      65       17215 :         ret = gnutls_pubkey_init(&pcert->pubkey);
      66       17215 :         if (ret < 0) {
      67           0 :                 ret = gnutls_assert_val(ret);
      68           0 :                 goto cleanup;
      69             :         }
      70             : 
      71       17215 :         ret = gnutls_pubkey_import_x509(pcert->pubkey, crt, 0);
      72       17215 :         if (ret < 0) {
      73          30 :                 gnutls_pubkey_deinit(pcert->pubkey);
      74          30 :                 pcert->pubkey = NULL;
      75          30 :                 ret = gnutls_assert_val(ret);
      76          30 :                 goto cleanup;
      77             :         }
      78             : 
      79             :         return 0;
      80             : 
      81          30 :       cleanup:
      82          30 :         _gnutls_free_datum(&pcert->cert);
      83             : 
      84             :         return ret;
      85             : }
      86             : 
      87             : /**
      88             :  * gnutls_pcert_import_x509_list:
      89             :  * @pcert_list: The structures to store the certificates; must not contain initialized #gnutls_pcert_st structures.
      90             :  * @crt: The certificates to be imported
      91             :  * @ncrt: The number of certificates in @crt; will be updated if necessary
      92             :  * @flags: zero or %GNUTLS_X509_CRT_LIST_SORT
      93             :  *
      94             :  * This convenience function will import the given certificates to an
      95             :  * already allocated set of #gnutls_pcert_st structures. The structures must
      96             :  * be deinitialized afterwards using gnutls_pcert_deinit(). @pcert_list
      97             :  * should contain space for at least @ncrt elements.
      98             :  *
      99             :  * In the case %GNUTLS_X509_CRT_LIST_SORT is specified and that
     100             :  * function cannot sort the list, %GNUTLS_E_CERTIFICATE_LIST_UNSORTED
     101             :  * will be returned. Currently sorting can fail if the list size
     102             :  * exceeds an internal constraint (16).
     103             :  *
     104             :  * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
     105             :  *   negative error value.
     106             :  *
     107             :  * Since: 3.4.0
     108             :  **/
     109        2395 : int gnutls_pcert_import_x509_list(gnutls_pcert_st * pcert_list,
     110             :                                   gnutls_x509_crt_t *crt, unsigned *ncrt,
     111             :                                   unsigned int flags)
     112             : {
     113        2395 :         int ret;
     114        2395 :         unsigned i;
     115        2395 :         unsigned current = 0;
     116        2395 :         gnutls_x509_crt_t sorted[DEFAULT_MAX_VERIFY_DEPTH];
     117        2395 :         gnutls_x509_crt_t *s;
     118             : 
     119        2395 :         s = crt;
     120             : 
     121        2395 :         if (flags & GNUTLS_X509_CRT_LIST_SORT && *ncrt > 1) {
     122        1081 :                 if (*ncrt > DEFAULT_MAX_VERIFY_DEPTH) {
     123           0 :                         ret = _gnutls_check_if_sorted(crt, *ncrt);
     124           0 :                         if (ret < 0) {
     125           0 :                                 gnutls_assert();
     126           0 :                                 return GNUTLS_E_CERTIFICATE_LIST_UNSORTED;
     127             :                         }
     128             :                 } else {
     129        1081 :                         s = _gnutls_sort_clist(sorted, crt, ncrt, NULL);
     130        1081 :                         if (s == crt) {
     131           0 :                                 gnutls_assert();
     132           0 :                                 return GNUTLS_E_UNIMPLEMENTED_FEATURE;
     133             :                         }
     134             :                 }
     135             :         }
     136             : 
     137        5887 :         for (i=0;i<*ncrt;i++) {
     138        3492 :                 ret = gnutls_pcert_import_x509(&pcert_list[i], s[i], 0);
     139        3492 :                 if (ret < 0) {
     140           0 :                         current = i;
     141           0 :                         goto cleanup;
     142             :                 }
     143             :         }
     144             : 
     145             :         return 0;
     146             : 
     147           0 :  cleanup:
     148           0 :         for (i=0;i<current;i++) {
     149           0 :                 gnutls_pcert_deinit(&pcert_list[i]);
     150             :         }
     151             :         return ret;
     152             : 
     153             : }
     154             : 
     155             : /**
     156             :  * gnutls_pcert_list_import_x509_raw:
     157             :  * @pcert_list: The structures to store the certificates; must not contain initialized #gnutls_pcert_st structures.
     158             :  * @pcert_list_size: Initially must hold the maximum number of certs. It will be updated with the number of certs available.
     159             :  * @data: The certificates.
     160             :  * @format: One of DER or PEM.
     161             :  * @flags: must be (0) or an OR'd sequence of gnutls_certificate_import_flags.
     162             :  *
     163             :  * This function will import the provided DER or PEM encoded certificates to an
     164             :  * already allocated set of #gnutls_pcert_st structures. The structures must
     165             :  * be deinitialized afterwards using gnutls_pcert_deinit(). @pcert_list
     166             :  * should contain space for at least @pcert_list_size elements.
     167             :  *
     168             :  * If the Certificate is PEM encoded it should have a header of "X509
     169             :  * CERTIFICATE", or "CERTIFICATE".
     170             :  *
     171             :  * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
     172             :  *   negative error value; if the @pcert list doesn't have enough space
     173             :  *   %GNUTLS_E_SHORT_MEMORY_BUFFER will be returned.
     174             :  *
     175             :  * Since: 3.0
     176             :  **/
     177             : int
     178          72 : gnutls_pcert_list_import_x509_raw(gnutls_pcert_st *pcert_list,
     179             :                                   unsigned int *pcert_list_size,
     180             :                                   const gnutls_datum_t *data,
     181             :                                   gnutls_x509_crt_fmt_t format,
     182             :                                   unsigned int flags)
     183             : {
     184          72 :         int ret;
     185          72 :         unsigned int i = 0, j;
     186          72 :         gnutls_x509_crt_t *crt;
     187             : 
     188          72 :         crt = gnutls_malloc((*pcert_list_size) * sizeof(gnutls_x509_crt_t));
     189             : 
     190          72 :         if (crt == NULL)
     191           0 :                 return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
     192             : 
     193          72 :         ret =
     194          72 :             gnutls_x509_crt_list_import(crt, pcert_list_size, data, format,
     195             :                                         flags);
     196          72 :         if (ret < 0) {
     197           1 :                 ret = gnutls_assert_val(ret);
     198           1 :                 goto cleanup_crt;
     199             :         }
     200             : 
     201         165 :         for (i = 0; i < *pcert_list_size; i++) {
     202          94 :                 ret = gnutls_pcert_import_x509(&pcert_list[i], crt[i], flags);
     203          94 :                 if (ret < 0) {
     204           0 :                         ret = gnutls_assert_val(ret);
     205           0 :                         goto cleanup_pcert;
     206             :                 }
     207             :         }
     208             : 
     209          71 :         ret = 0;
     210          71 :         goto cleanup;
     211             : 
     212           0 :  cleanup_pcert:
     213           0 :         for (j = 0; j < i; j++)
     214           0 :                 gnutls_pcert_deinit(&pcert_list[j]);
     215             : 
     216           0 :  cleanup:
     217         165 :         for (i = 0; i < *pcert_list_size; i++)
     218          94 :                 gnutls_x509_crt_deinit(crt[i]);
     219             : 
     220          71 :  cleanup_crt:
     221          72 :         gnutls_free(crt);
     222          72 :         return ret;
     223             : 
     224             : }
     225             : 
     226             : /**
     227             :  * gnutls_pcert_list_import_x509_url:
     228             :  * @pcert_list: The structures to store the certificates; must not contain initialized #gnutls_pcert_st structures.
     229             :  * @pcert_list_size: Initially must hold the maximum number of certs. It will be updated with the number of certs available.
     230             :  * @file: A file or supported URI with the certificates to load
     231             :  * @format: %GNUTLS_X509_FMT_DER or %GNUTLS_X509_FMT_PEM if a file is given
     232             :  * @pin_fn: a PIN callback if not globally set
     233             :  * @pin_fn_userdata: parameter for the PIN callback
     234             :  * @flags: zero or flags from %gnutls_certificate_import_flags
     235             :  *
     236             :  * This convenience function will import a certificate chain from the given
     237             :  * file or supported URI to #gnutls_pcert_st structures. The structures
     238             :  * must be deinitialized afterwards using gnutls_pcert_deinit().
     239             :  *
     240             :  * This function will always return a sorted certificate chain.
     241             :  *
     242             :  * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
     243             :  *   negative error value; if the @pcert list doesn't have enough space
     244             :  *   %GNUTLS_E_SHORT_MEMORY_BUFFER will be returned.
     245             :  *
     246             :  * Since: 3.6.3
     247             :  **/
     248           4 : int gnutls_pcert_list_import_x509_file(gnutls_pcert_st *pcert_list,
     249             :                                        unsigned *pcert_list_size,
     250             :                                        const char *file,
     251             :                                        gnutls_x509_crt_fmt_t format,
     252             :                                        gnutls_pin_callback_t pin_fn,
     253             :                                        void *pin_fn_userdata,
     254             :                                        unsigned int flags)
     255             : {
     256           4 :         int ret, ret2;
     257           4 :         unsigned i;
     258           4 :         gnutls_x509_crt_t *crts = NULL;
     259           4 :         unsigned crts_size = 0;
     260           4 :         gnutls_datum_t data = {NULL, 0};
     261             : 
     262           4 :         if (gnutls_url_is_supported(file) != 0) {
     263           2 :                 ret = gnutls_x509_crt_list_import_url(&crts, &crts_size, file, pin_fn, pin_fn_userdata, 0);
     264           2 :                 if (ret < 0) {
     265           2 :                         ret2 = gnutls_x509_crt_list_import_url(&crts, &crts_size, file, pin_fn, pin_fn_userdata, GNUTLS_PKCS11_OBJ_FLAG_LOGIN);
     266           2 :                         if (ret2 >= 0) ret = ret2;
     267             :                 }
     268             : 
     269           2 :                 if (ret < 0) {
     270           0 :                         gnutls_assert();
     271           0 :                         goto cleanup;
     272             :                 }
     273             : 
     274             :         } else { /* file */
     275           2 :                 ret = gnutls_load_file(file, &data);
     276           2 :                 if (ret < 0)
     277           0 :                         return gnutls_assert_val(ret);
     278             : 
     279           2 :                 ret = gnutls_x509_crt_list_import2(&crts, &crts_size, &data, format, flags|GNUTLS_X509_CRT_LIST_SORT);
     280           2 :                 if (ret < 0) {
     281           0 :                         gnutls_assert();
     282           0 :                         goto cleanup;
     283             :                 }
     284             :         }
     285             : 
     286           4 :         if (crts_size > *pcert_list_size) {
     287           2 :                 gnutls_assert();
     288           2 :                 ret = GNUTLS_E_SHORT_MEMORY_BUFFER;
     289           2 :                 goto cleanup;
     290             :         }
     291             : 
     292           2 :         ret = gnutls_pcert_import_x509_list(pcert_list, crts, &crts_size, flags);
     293           2 :         if (ret < 0) {
     294           0 :                 gnutls_assert();
     295           0 :                 goto cleanup;
     296             :         }
     297           2 :         *pcert_list_size = crts_size;
     298             : 
     299           2 :         ret = 0;
     300           4 : cleanup:
     301          24 :         for (i=0;i<crts_size;i++)
     302          20 :                 gnutls_x509_crt_deinit(crts[i]);
     303           4 :         gnutls_free(crts);
     304           4 :         gnutls_free(data.data);
     305           4 :         return ret;
     306             : }
     307             : 
     308             : 
     309             : /**
     310             :  * gnutls_pcert_import_x509_raw:
     311             :  * @pcert: The pcert structure
     312             :  * @cert: The raw certificate to be imported
     313             :  * @format: The format of the certificate
     314             :  * @flags: zero for now
     315             :  *
     316             :  * This convenience function will import the given certificate to a
     317             :  * #gnutls_pcert_st structure. The structure must be deinitialized
     318             :  * afterwards using gnutls_pcert_deinit();
     319             :  *
     320             :  * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
     321             :  *   negative error value.
     322             :  *
     323             :  * Since: 3.0
     324             :  **/
     325        4915 : int gnutls_pcert_import_x509_raw(gnutls_pcert_st * pcert,
     326             :                                  const gnutls_datum_t * cert,
     327             :                                  gnutls_x509_crt_fmt_t format,
     328             :                                  unsigned int flags)
     329             : {
     330        4915 :         int ret;
     331        4915 :         gnutls_x509_crt_t crt;
     332             : 
     333        4915 :         memset(pcert, 0, sizeof(*pcert));
     334             : 
     335        4915 :         ret = gnutls_x509_crt_init(&crt);
     336        4915 :         if (ret < 0)
     337           0 :                 return gnutls_assert_val(ret);
     338             : 
     339        4915 :         ret = gnutls_x509_crt_import(crt, cert, format);
     340        4915 :         if (ret < 0) {
     341         225 :                 ret = gnutls_assert_val(ret);
     342         225 :                 goto cleanup;
     343             :         }
     344             : 
     345        4690 :         ret = gnutls_pcert_import_x509(pcert, crt, flags);
     346        4690 :         if (ret < 0) {
     347          30 :                 ret = gnutls_assert_val(ret);
     348          30 :                 goto cleanup;
     349             :         }
     350             : 
     351             :         ret = 0;
     352             : 
     353        4915 :       cleanup:
     354        4915 :         gnutls_x509_crt_deinit(crt);
     355             : 
     356        4915 :         return ret;
     357             : }
     358             : 
     359             : /**
     360             :  * gnutls_pcert_import_rawpk:
     361             :  * @pcert: The pcert structure to import the data into.
     362             :  * @pubkey: The raw public-key in #gnutls_pubkey_t format to be imported
     363             :  * @flags: zero for now
     364             :  *
     365             :  * This convenience function will import (i.e. convert) the given raw
     366             :  * public key @pubkey into a #gnutls_pcert_st structure. The structure
     367             :  * must be deinitialized afterwards using gnutls_pcert_deinit(). The
     368             :  * given @pubkey must not be deinitialized because it will be associated
     369             :  * with the given @pcert structure and will be deinitialized with it.
     370             :  *
     371             :  * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
     372             :  *   negative error value.
     373             :  *
     374             :  * Since: 3.6.6
     375             :  **/
     376           2 : int gnutls_pcert_import_rawpk(gnutls_pcert_st* pcert,
     377             :                              gnutls_pubkey_t pubkey, unsigned int flags)
     378             : {
     379           2 :         int ret;
     380             : 
     381           2 :         if (pubkey == NULL) {
     382           1 :                 return gnutls_assert_val(GNUTLS_E_INSUFFICIENT_CREDENTIALS);
     383             :         }
     384             : 
     385           1 :         memset(pcert, 0, sizeof(*pcert));
     386             : 
     387             :         /* A pcert struct holds a raw copy of the certificate data.
     388             :          * Therefore we convert our gnutls_pubkey_t to its raw DER
     389             :          * representation and copy it into our pcert. It is this raw data
     390             :          * that will be transferred to the peer via a Certificate msg.
     391             :          * According to the spec (RFC7250) a DER representation must be used.
     392             :          */
     393           1 :         ret = gnutls_pubkey_export2(pubkey, GNUTLS_X509_FMT_DER, &pcert->cert);
     394           1 :         if (ret < 0) {
     395           0 :                 return gnutls_assert_val(ret);
     396             :         }
     397             : 
     398           1 :         pcert->pubkey = pubkey;
     399             : 
     400           1 :         pcert->type = GNUTLS_CRT_RAWPK;
     401             : 
     402           1 :         return GNUTLS_E_SUCCESS;
     403             : }
     404             : 
     405             : /**
     406             :  * gnutls_pcert_import_rawpk_raw:
     407             :  * @pcert: The pcert structure to import the data into.
     408             :  * @rawpubkey: The raw public-key in #gnutls_datum_t format to be imported.
     409             :  * @format: The format of the raw public-key. DER or PEM.
     410             :  * @key_usage: An ORed sequence of %GNUTLS_KEY_* flags.
     411             :  * @flags: zero for now
     412             :  *
     413             :  * This convenience function will import (i.e. convert) the given raw
     414             :  * public key @rawpubkey into a #gnutls_pcert_st structure. The structure
     415             :  * must be deinitialized afterwards using gnutls_pcert_deinit().
     416             :  * Note that the caller is responsible for freeing @rawpubkey. All necessary
     417             :  * values will be copied into @pcert.
     418             :  *
     419             :  * Key usage (as defined by X.509 extension (2.5.29.15)) can be explicitly
     420             :  * set because there is no certificate structure around the key to define
     421             :  * this value. See for more info gnutls_x509_crt_get_key_usage().
     422             :  *
     423             :  * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
     424             :  *   negative error value.
     425             :  *
     426             :  * Since: 3.6.6
     427             :  **/
     428         130 : int gnutls_pcert_import_rawpk_raw(gnutls_pcert_st* pcert,
     429             :                                     const gnutls_datum_t* rawpubkey,
     430             :                                     gnutls_x509_crt_fmt_t format,
     431             :                                     unsigned int key_usage, unsigned int flags)
     432             : {
     433         130 :         int ret;
     434             : 
     435         130 :         if (rawpubkey == NULL) {
     436           1 :                 return gnutls_assert_val(GNUTLS_E_INSUFFICIENT_CREDENTIALS);
     437             :         }
     438             : 
     439         129 :         memset(pcert, 0, sizeof(*pcert));
     440             : 
     441         129 :         ret = gnutls_pubkey_init(&pcert->pubkey);
     442         129 :         if (ret < 0) {
     443           0 :                 return gnutls_assert_val(ret);
     444             :         }
     445             : 
     446             :         // Convert our raw public-key to a gnutls_pubkey_t structure
     447         129 :         ret = gnutls_pubkey_import(pcert->pubkey, rawpubkey, format);
     448         129 :         if (ret < 0) {
     449           0 :                 return gnutls_assert_val(ret);
     450             :         }
     451             : 
     452         129 :         pcert->pubkey->key_usage = key_usage;
     453             : 
     454             :         /* A pcert struct holds a raw copy of the certificate data.
     455             :          * It is this raw data that will be transferred to the peer via a
     456             :          * Certificate message. According to the spec (RFC7250) a DER
     457             :          * representation must be used. Therefore we check the format and
     458             :          * convert if necessary.
     459             :          */
     460         129 :         if (format == GNUTLS_X509_FMT_PEM) {
     461         118 :                 ret = _gnutls_fbase64_decode(PEM_PK,
     462          59 :                                         rawpubkey->data, rawpubkey->size,
     463             :                                         &pcert->cert);
     464             : 
     465          59 :                 if (ret < 0) {
     466           0 :                         gnutls_pubkey_deinit(pcert->pubkey);
     467             : 
     468           0 :                         return gnutls_assert_val(ret);
     469             :                 }
     470             :         } else {
     471             :                 // Directly copy the raw DER data to our pcert
     472          70 :                 ret = _gnutls_set_datum(&pcert->cert, rawpubkey->data, rawpubkey->size);
     473             : 
     474          70 :                 if (ret < 0) {
     475           0 :                         gnutls_pubkey_deinit(pcert->pubkey);
     476             : 
     477           0 :                         return gnutls_assert_val(ret);
     478             :                 }
     479             :         }
     480             : 
     481         129 :         pcert->type = GNUTLS_CRT_RAWPK;
     482             : 
     483         129 :         return GNUTLS_E_SUCCESS;
     484             : }
     485             : 
     486             : /**
     487             :  * gnutls_pcert_export_x509:
     488             :  * @pcert: The pcert structure.
     489             :  * @crt: An initialized #gnutls_x509_crt_t.
     490             :  *
     491             :  * Converts the given #gnutls_pcert_t type into a #gnutls_x509_crt_t.
     492             :  * This function only works if the type of @pcert is %GNUTLS_CRT_X509.
     493             :  * When successful, the value written to @crt must be freed with
     494             :  * gnutls_x509_crt_deinit() when no longer needed.
     495             :  *
     496             :  * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
     497             :  * negative error value.
     498             :  *
     499             :  * Since: 3.4.0
     500             :  */
     501           2 : int gnutls_pcert_export_x509(gnutls_pcert_st * pcert,
     502             :                              gnutls_x509_crt_t * crt)
     503             : {
     504           2 :         int ret;
     505             : 
     506           2 :         if (pcert->type != GNUTLS_CRT_X509) {
     507           0 :                 gnutls_assert();
     508           0 :                 return GNUTLS_E_INVALID_REQUEST;
     509             :         }
     510             : 
     511           2 :         ret = gnutls_x509_crt_init(crt);
     512           2 :         if (ret < 0)
     513           0 :                 return gnutls_assert_val(ret);
     514             : 
     515           2 :         ret = gnutls_x509_crt_import(*crt, &pcert->cert, GNUTLS_X509_FMT_DER);
     516           2 :         if (ret < 0) {
     517           0 :                 gnutls_x509_crt_deinit(*crt);
     518           0 :                 *crt = NULL;
     519             : 
     520           0 :                 return gnutls_assert_val(ret);
     521             :         }
     522             : 
     523             :         return 0;
     524             : }
     525             : 
     526             : /**
     527             :  * gnutls_pcert_deinit:
     528             :  * @pcert: The structure to be deinitialized
     529             :  *
     530             :  * This function will deinitialize a pcert structure.
     531             :  *
     532             :  * Since: 3.0
     533             :  **/
     534       16832 : void gnutls_pcert_deinit(gnutls_pcert_st * pcert)
     535             : {
     536       16832 :         if (pcert->pubkey)
     537       16795 :                 gnutls_pubkey_deinit(pcert->pubkey);
     538       16832 :         pcert->pubkey = NULL;
     539       16832 :         _gnutls_free_datum(&pcert->cert);
     540       16832 : }
     541             : 
     542             : /* Converts the first certificate for the cert_auth_info structure
     543             :  * to a pcert.
     544             :  */
     545             : int
     546        2136 : _gnutls_get_auth_info_pcert(gnutls_pcert_st * pcert,
     547             :                             gnutls_certificate_type_t type,
     548             :                             cert_auth_info_t info)
     549             : {
     550        2136 :         switch (type) {
     551        2091 :                 case GNUTLS_CRT_X509:
     552        2091 :                         return gnutls_pcert_import_x509_raw(pcert,
     553        2091 :                                                         &info->raw_certificate_list[0],
     554             :                                                         GNUTLS_X509_FMT_DER,
     555             :                                                         0);
     556          45 :                 case GNUTLS_CRT_RAWPK:
     557          45 :                         return gnutls_pcert_import_rawpk_raw(pcert,
     558          45 :                                                         &info->raw_certificate_list[0],
     559             :                                                         GNUTLS_X509_FMT_DER,
     560             :                                                         0, 0);
     561             :                 default:
     562           0 :                         return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
     563             :         }
     564             : }

Generated by: LCOV version 1.14