/**
* gnutls_x509_crt_set_proxy_dn:
* @crt: a gnutls_x509_crt_t structure with the new proxy cert
* @eecrt: the end entity certificate that will be issuing the proxy
* @raw_flag: must be 0, or 1 if the CN is DER encoded
* @name: a pointer to the CN name, may be NULL (but MUST then be added later)
* @sizeof_name: holds the size of @name
*
* This function will set the subject in @crt to the end entity's
* @eecrt subject name, and add a single Common Name component @name
* of size @sizeof_name. This corresponds to the required proxy
* certificate naming style. Note that if @name is %NULL, you MUST
* set it later by using gnutls_x509_crt_set_dn_by_oid() or similar.
*
* Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
* negative error value.
**/
int
gnutls_x509_crt_set_proxy_dn(gnutls_x509_crt_t crt,
gnutls_x509_crt_t eecrt,
unsigned int raw_flag, const void *name,
unsigned int sizeof_name)
{
int result;
if (crt == NULL || eecrt == NULL) {
return GNUTLS_E_INVALID_REQUEST;
}
result = asn1_copy_node(crt->cert, "tbsCertificate.subject",
eecrt->cert, "tbsCertificate.subject");
if (result != ASN1_SUCCESS) {
gnutls_assert();
return _gnutls_asn2err(result);
}
if (name && sizeof_name) {
return _gnutls_x509_set_dn_oid(crt->cert,
"tbsCertificate.subject",
GNUTLS_OID_X520_COMMON_NAME,
raw_flag, name,
sizeof_name);
}
return 0;
}
/**
* gnutls_x509_crt_set_dn_by_oid:
* @crt: a certificate of type #gnutls_x509_crt_t
* @oid: holds an Object Identifier in a null terminated string
* @raw_flag: must be 0, or 1 if the data are DER encoded
* @name: a pointer to the name
* @sizeof_name: holds the size of @name
*
* This function will set the part of the name of the Certificate
* subject, specified by the given OID. The input string should be
* ASCII or UTF-8 encoded.
*
* Some helper macros with popular OIDs can be found in gnutls/x509.h
* With this function you can only set the known OIDs. You can test
* for known OIDs using gnutls_x509_dn_oid_known(). For OIDs that are
* not known (by gnutls) you should properly DER encode your data,
* and call this function with @raw_flag set.
*
* Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
* negative error value.
**/
int
gnutls_x509_crt_set_dn_by_oid(gnutls_x509_crt_t crt, const char *oid,
unsigned int raw_flag, const void *name,
unsigned int sizeof_name)
{
if (sizeof_name == 0 || name == NULL || crt == NULL) {
return GNUTLS_E_INVALID_REQUEST;
}
return _gnutls_x509_set_dn_oid(crt->cert, "tbsCertificate.subject",
oid, raw_flag, name, sizeof_name);
}
/**
* gnutls_x509_crq_set_dn_by_oid - This function will set the Certificate request subject's distinguished name
* @crq: should contain a gnutls_x509_crq_t structure
* @oid: holds an Object Identifier in a null terminated string
* @raw_flag: must be 0, or 1 if the data are DER encoded
* @data: a pointer to the input data
* @sizeof_data: holds the size of @data
*
* This function will set the part of the name of the Certificate request subject, specified
* by the given OID. The input string should be ASCII or UTF-8 encoded.
*
* Some helper macros with popular OIDs can be found in gnutls/x509.h
* With this function you can only set the known OIDs. You can test
* for known OIDs using gnutls_x509_dn_oid_known(). For OIDs that are
* not known (by gnutls) you should properly DER encode your data, and
* call this function with raw_flag set.
*
* Returns 0 on success.
*
**/
int
gnutls_x509_crq_set_dn_by_oid (gnutls_x509_crq_t crq, const char *oid,
unsigned int raw_flag, const void *data,
unsigned int sizeof_data)
{
if (sizeof_data == 0 || data == NULL || crq == NULL)
{
return GNUTLS_E_INVALID_REQUEST;
}
return _gnutls_x509_set_dn_oid (crq->crq,
"certificationRequestInfo.subject", oid,
raw_flag, data, sizeof_data);
}
static
int set_dn_by_oid(gnutls_x509_dn_t dn, const char *oid, unsigned int raw_flag, const void *name, unsigned name_size)
{
return _gnutls_x509_set_dn_oid(dn->asn, "", oid, raw_flag, name, name_size);
}
