Switching from PEM_read_X509 to PEM_read_bio_X509 (FILE based to BIO based input)

Question

I do this:

FILE* f_cert = fopen("cert", "rb");
X509* x_cert = NULL;
PEM_read_X509(f_cert, &x_cert, NULL, NULL);
...

now I want to read that "cert" file myself, and use PEM_read_bio_X509 instead of PEM_read_X509. So, if I already have these variables:

const char cert_data[] = {....};
const int sert_data_size = 123;

how do I init BIO, pass it to PEM_read_bio_X509 and free the temp bio?

Answer 1

Here is a sample code:

const char cert_data[] = {....};
const int cert_data_size = sizeof(cert_data);

BIO *bio = NULL;
X509* x_cert = NULL;

// Create a read-only BIO backed by the supplied memory buffer
bio = BIO_new_mem_buf((void*)cert_data, cert_data_size);

PEM_read_bio_X509(bio, &x_cert, NULL, NULL);
...

// Cleanup
BIO_free(bio);

Note: the supplied data is read directly from the supplied buffer: it is not copied first, so the supplied area of memory must be unchanged until the BIO is freed.

See OpenSSL documentation on the memory BIO for reference.