Function s2n_tls_sys::s2n_cert_get_der

pub unsafe extern "C" fn s2n_cert_get_der(
    cert: *const s2n_cert,
    out_cert_der: *mut *const u8,
    cert_length: *mut u32
) -> c_int

Returns the s2n certificate in DER format along with its length.

The API gets the s2n certificate cert in DER format. The certificate is returned in the out_cert_der buffer. Here, cert_len represents the length of the certificate.

A caller can use certificate parsing tools such as the ones provided by OpenSSL to parse the DER encoded certificate chain returned.

Safety

The memory for the out_cert_der buffer is allocated and owned by s2n-tls. Since the size of the certificate can potentially be very large, a pointer to internal connection data is returned instead of copying the contents into a caller-provided buffer.

The pointer to the output buffer out_cert_der is valid only while the connection exists. The s2n_connection_free API frees the memory associated with the out_cert_der buffer and after the s2n_connection_wipe API is called the memory pointed by out_cert_der is invalid.

If a caller wishes to persist the out_cert_der beyond the lifetime of the connection, the contents would need to be copied prior to the connection termination.

@param cert A pointer to the s2n_cert object being read. @param out_cert_der A pointer to the output buffer which will hold the s2n certificate cert in DER format. @param cert_length This return value represents the length of the certificate.