/**
* gnutls_x509_rdn_get2:
* @idn: should contain a DER encoded RDN sequence
* @buf: a pointer to a structure to hold the peer's name
* @buf_size: holds the size of @buf
* @flags:
*
* This function will return the name of the given RDN sequence. The
* name will be in the form "C=xxxx,O=yyyy,CN=zzzz" as described in
* RFC4514.
*
* When the flag %GNUTLS_X509_DN_FLAG_COMPAT is specified, the output
* format will match the format output by previous to 3.5.6 versions of GnuTLS
* which was not not fully RFC4514-compliant.
*
* Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, or
* %GNUTLS_E_SHORT_MEMORY_BUFFER is returned and *@buf_size is
* updated if the provided buffer is not long enough, otherwise a
* negative error value.
**/
int
gnutls_x509_rdn_get2(const gnutls_datum_t * idn,
gnutls_datum_t *str, unsigned flags)
{
int result;
ASN1_TYPE dn = ASN1_TYPE_EMPTY;
if ((result =
asn1_create_element(_gnutls_get_pkix(),
"PKIX1.Name", &dn)) != ASN1_SUCCESS) {
gnutls_assert();
return _gnutls_asn2err(result);
}
result = _asn1_strict_der_decode(&dn, idn->data, idn->size, NULL);
if (result != ASN1_SUCCESS) {
/* couldn't decode DER */
gnutls_assert();
asn1_delete_structure(&dn);
return _gnutls_asn2err(result);
}
result = _gnutls_x509_get_dn(dn, "rdnSequence", str, flags);
asn1_delete_structure(&dn);
return result;
}
/**
* gnutls_x509_dn_get_str:
* @dn: a pointer to DN
* @str: a datum that will hold the name
* @flags: zero or %GNUTLS_X509_DN_FLAG_COMPAT
*
* This function will allocate buffer and copy the name in the provided DN.
* The name will be in the form "C=xxxx,O=yyyy,CN=zzzz" as
* described in RFC4514. The output string will be ASCII or UTF-8
* encoded, depending on the certificate data.
*
* When the flag %GNUTLS_X509_DN_FLAG_COMPAT is specified, the output
* format will match the format output by previous to 3.5.6 versions of GnuTLS
* which was not not fully RFC4514-compliant.
*
* Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
* negative error value.
*
* Since: 3.5.7
**/
int
gnutls_x509_dn_get_str2(gnutls_x509_dn_t dn, gnutls_datum_t *str, unsigned flags)
{
if (dn == NULL) {
gnutls_assert();
return GNUTLS_E_INVALID_REQUEST;
}
return _gnutls_x509_get_dn(dn->asn, "rdnSequence", str, flags);
}
/**
* gnutls_x509_dn_get_str:
* @dn: a pointer to DN
* @str: a datum that will hold the name
*
* This function will allocate buffer and copy the name in the provided DN.
* The name will be in the form "C=xxxx,O=yyyy,CN=zzzz" as
* described in RFC4514. The output string will be ASCII or UTF-8
* encoded, depending on the certificate data.
*
* Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
* negative error value.
*
* Since: 3.4.2
**/
int
gnutls_x509_dn_get_str(gnutls_x509_dn_t dn, gnutls_datum_t *str)
{
if (dn == NULL) {
gnutls_assert();
return GNUTLS_E_INVALID_REQUEST;
}
return _gnutls_x509_get_dn(dn->asn, "rdnSequence", str, GNUTLS_X509_DN_FLAG_COMPAT);
}
/**
* gnutls_x509_crl_get_issuer_dn2:
* @cert: should contain a #gnutls_x509_crt_t structure
* @dn: a pointer to a structure to hold the name
*
* This function will allocate buffer and copy the name of the CRL issuer.
* The name will be in the form "C=xxxx,O=yyyy,CN=zzzz" as
* described in RFC4514. The output string will be ASCII or UTF-8
* encoded, depending on the certificate data.
*
* Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
* negative error value. and a negative error code on error.
*
* Since: 3.1.10
**/
int
gnutls_x509_crl_get_issuer_dn2(gnutls_x509_crl_t crl, gnutls_datum_t * dn)
{
if (crl == NULL) {
gnutls_assert();
return GNUTLS_E_INVALID_REQUEST;
}
return _gnutls_x509_get_dn(crl->crl,
"tbsCertList.issuer.rdnSequence", dn);
}
/* Parses an X509 DN in the asn1_struct, and puts the output into
* the string buf. The output is an LDAP encoded DN.
*
* asn1_rdn_name must be a string in the form "tbsCertificate.issuer.rdnSequence".
* That is to point in the rndSequence.
*/
int
_gnutls_x509_parse_dn(ASN1_TYPE asn1_struct,
const char *asn1_rdn_name, char *buf,
size_t * buf_size)
{
int ret;
gnutls_datum_t dn = {NULL, 0};
if (buf_size == NULL) {
gnutls_assert();
return GNUTLS_E_INVALID_REQUEST;
}
if (*buf_size > 0 && buf)
buf[0] = 0;
else
*buf_size = 0;
ret = _gnutls_x509_get_dn(asn1_struct, asn1_rdn_name, &dn);
if (ret < 0)
return gnutls_assert_val(ret);
if (dn.size >= (unsigned int) *buf_size) {
gnutls_assert();
*buf_size = dn.size + 1;
ret = GNUTLS_E_SHORT_MEMORY_BUFFER;
goto cleanup;
}
if (buf) {
memcpy(buf, dn.data, dn.size);
buf[dn.size] = 0;
*buf_size = dn.size;
} else
*buf_size = dn.size + 1;
ret = 0;
cleanup:
_gnutls_free_datum(&dn);
return ret;
}
