Parse peer's CRT chain in-place from the input buffer

commit: 0056eab3cd6d3a84015a81d655418e59f036de60 [log] [tgz]
author: Hanno Becker <hanno.becker@arm.com> Fri Feb 08 14:39:16 2019 +0000
committer: Hanno Becker <hanno.becker@arm.com> Tue Feb 26 14:38:09 2019 +0000
tree: 378ee91e2ee155619d43bf59161671612a412a5a
parent: ae553dde3a6aa563722d7667032a43449997d648 [diff] [blame]
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index b75101b..03944b4 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c

@@ -5910,7 +5910,13 @@
 #endif /* MBEDTLS_SSL_RENEGOTIATION && MBEDTLS_SSL_CLI_C */
 
         /* Parse the next certificate in the chain. */
+#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
         ret = mbedtls_x509_crt_parse_der( chain, ssl->in_msg + i, n );
+#else
+        /* If we don't need to store the CRT chani permanently, parse
+         * it in-place from the input buffer instead of making a copy. */
+        ret = mbedtls_x509_crt_parse_der_nocopy( chain, ssl->in_msg + i, n );
+#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
         switch( ret )
         {
             case 0: /*ok*/
commit	0056eab3cd6d3a84015a81d655418e59f036de60	[log] [tgz]
author	Hanno Becker <hanno.becker@arm.com>	Fri Feb 08 14:39:16 2019 +0000
committer	Hanno Becker <hanno.becker@arm.com>	Tue Feb 26 14:38:09 2019 +0000
tree	378ee91e2ee155619d43bf59161671612a412a5a
parent	ae553dde3a6aa563722d7667032a43449997d648 [diff] [blame]