refactored ParseDerChain()

Could be simplified now that we have a ParseDerChainToList() method.

1 files changed, 7 insertions, 16 deletions

diff --git a/x509util/x509util.go b/x509util/x509util.go
index b300ef3..c005bed 100644
--- a/x509util/x509util.go
+++ b/x509util/x509util.go
@@ -112,24 +112,15 @@ func ParseChain(rest []byte) ([]*x509.Certificate, error) {
 // first (zero-index) string is interpretted as an end-entity certificate and
 // the remaining ones as the an intermediate CertPool.
 func ParseDerChain(chain [][]byte) (*x509.Certificate, *x509.CertPool, error) {
-	var certificate *x509.Certificate
-	intermediatePool := x509.NewCertPool()
-	for index, der := range chain {
-		c, err := x509.ParseCertificate(der)
-		if err != nil {
-			return nil, nil, fmt.Errorf("certificate decoding failed: %v", err)
-		}
-
-		if index == 0 {
-			certificate = c
-		} else {
-			intermediatePool.AddCert(c)
-		}
+	certificates, err := ParseDerChainToList(chain)
+	if err != nil || len(certificates) == 0 {
+		return nil, nil, err
 	}
-	if certificate == nil {
-		return nil, nil, fmt.Errorf("certificate chain is empty")
+	intermediatePool := x509.NewCertPool()
+	for _, certificate := range certificates[1:] {
+		intermediatePool.AddCert(certificate)
 	}
-	return certificate, intermediatePool, nil
+	return certificates[0], intermediatePool, nil
 }
 
 // ParseDerChainToList parses a list of DER-encoded certificates