From 0dd96853111942330acd6b629aedbddf9dfa6ae6 Mon Sep 17 00:00:00 2001
From: Tianjie Xu <xunchang@google.com>
Date: Mon, 15 Oct 2018 11:44:14 -0700
Subject: Load X509 keys from ziparchive

Add a function to parse the zip archive and load the certificate from
all the zip entries with the suffix "x509.pem".

Bug: 116655889
Test: unittests pass
Change-Id: I93bf7aef7462c0623e89fc2d466d7af2d3a758bc
---
 verifier.h | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'verifier.h')

diff --git a/verifier.h b/verifier.h
index b13424126..b7924c71f 100644
--- a/verifier.h
+++ b/verifier.h
@@ -76,6 +76,10 @@ bool load_keys(const char* filename, std::vector<Certificate>& certs);
 // false if there is a parsing failure or the signature's encryption algorithm is not supported.
 bool LoadCertificateFromBuffer(const std::vector<uint8_t>& pem_content, Certificate* cert);
 
+// Iterates over the zip entries with the suffix "x509.pem" and returns a list of recognized
+// certificates. Returns an empty list if we fail to parse any of the entries.
+std::vector<Certificate> LoadKeysFromZipfile(const std::string& zip_name);
+
 #define VERIFY_SUCCESS        0
 #define VERIFY_FAILURE        1
 
-- 
cgit v1.2.3