+/**
+ * Parse a DNS CERT record.
+ *
+ * @param udp_payload reference to UDP packet
+ * @param udp_payload_length length of @a udp_payload
+ * @param off pointer to the offset of the query to parse in the CERT record (to be
+ * incremented by the size of the record), unchanged on error
+ * @return the parsed CERT record, NULL on error
+ */
+struct GNUNET_DNSPARSER_CertRecord *
+GNUNET_DNSPARSER_parse_cert (const char *udp_payload,
+ size_t udp_payload_length,
+ size_t *off)
+{
+ struct GNUNET_DNSPARSER_CertRecord *cert;
+ struct GNUNET_TUN_DnsCertRecord dcert;
+
+ if (*off + sizeof (struct GNUNET_TUN_DnsCertRecord) >= udp_payload_length)
+ {
+ GNUNET_break_op (0);
+ return NULL;
+ }
+ memcpy (&dcert, &udp_payload[*off], sizeof (struct GNUNET_TUN_DnsCertRecord));
+ (*off) += sizeof (struct GNUNET_TUN_DnsCertRecord);
+ cert = GNUNET_new (struct GNUNET_DNSPARSER_CertRecord);
+ cert->cert_type = ntohs (dcert.cert_type);
+ cert->cert_tag = ntohs (dcert.cert_tag);
+ cert->algorithm = dcert.algorithm;
+ cert->certificate_size = udp_payload_length - (*off);
+ cert->certificate_data = GNUNET_malloc (cert->certificate_size);
+ memcpy (cert->certificate_data,
+ &udp_payload[*off],
+ cert->certificate_size);
+ (*off) += cert->certificate_size;
+ return cert;
+}
+
+