allow parsing several certificates from a single pem

Signed-off-by: Marc-Antoine Perennou <[email protected]>

Author: Keruspe

src/imp/openssl.rs

@@ -177,6 +177,11 @@ impl Certificate {
         Ok(Certificate(cert))
     }
 
+    pub fn stack_from_pem(buf: &[u8]) -> Result<Vec<Certificate>, Error> {
+        let mut certs = X509::stack_from_pem(buf)?;
+        Ok(certs.drain(..).map(Certificate).collect())
+    }
+
     pub fn to_der(&self) -> Result<Vec<u8>, Error> {
         let der = self.0.to_der()?;
         Ok(der)

src/imp/security_framework.rs

@@ -167,6 +167,22 @@ impl Certificate {
         panic!("Not implemented on iOS");
     }
 
+    #[cfg(not(target_os = "ios"))]
+    pub fn stack_from_pem(buf: &[u8]) -> Result<Vec<Certificate>, Error> {
+        let mut items = SecItems::default();
+        ImportOptions::new().items(&mut items).import(buf)?;
+        if items.identities.is_empty() && items.keys.is_empty() {
+            Ok(items.certificates.drain(..).map(Certificate).collect())
+        } else {
+            Err(Error(base::Error::from(errSecParam)))
+        }
+    }
+
+    #[cfg(target_os = "ios")]
+    pub fn stack_from_pem(buf: &[u8]) -> Result<Vec<Certificate>, Error> {
+        panic!("Not implemented on iOS");
+    }
+
     pub fn to_der(&self) -> Result<Vec<u8>, Error> {
         Ok(self.0.to_der())
     }

src/lib.rs

@@ -198,6 +198,12 @@ impl Certificate {
         Ok(Certificate(cert))
     }
 
+    /// Parses some PEM-formatted X509 certificates.
+    pub fn stack_from_pem(buf: &[u8]) -> Result<Vec<Certificate>> {
+        let mut certs = imp::Certificate::stack_from_pem(buf)?;
+        Ok(certs.drain(..).map(Certificate).collect())
+    }
+
     /// Returns the DER-encoded representation of this certificate.
     pub fn to_der(&self) -> Result<Vec<u8>> {
         let der = self.0.to_der()?;