/** * gnutls_x509_crt_set_proxy_dn: * @crt: a gnutls_x509_crt_t structure with the new proxy cert * @eecrt: the end entity certificate that will be issuing the proxy * @raw_flag: must be 0, or 1 if the CN is DER encoded * @name: a pointer to the CN name, may be NULL (but MUST then be added later) * @sizeof_name: holds the size of @name * * This function will set the subject in @crt to the end entity's * @eecrt subject name, and add a single Common Name component @name * of size @sizeof_name. This corresponds to the required proxy * certificate naming style. Note that if @name is %NULL, you MUST * set it later by using gnutls_x509_crt_set_dn_by_oid() or similar. * * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a * negative error value. **/ int gnutls_x509_crt_set_proxy_dn(gnutls_x509_crt_t crt, gnutls_x509_crt_t eecrt, unsigned int raw_flag, const void *name, unsigned int sizeof_name) { int result; if (crt == NULL || eecrt == NULL) { return GNUTLS_E_INVALID_REQUEST; } result = asn1_copy_node(crt->cert, "tbsCertificate.subject", eecrt->cert, "tbsCertificate.subject"); if (result != ASN1_SUCCESS) { gnutls_assert(); return _gnutls_asn2err(result); } if (name && sizeof_name) { return _gnutls_x509_set_dn_oid(crt->cert, "tbsCertificate.subject", GNUTLS_OID_X520_COMMON_NAME, raw_flag, name, sizeof_name); } return 0; }
/** * gnutls_x509_crt_set_dn_by_oid: * @crt: a certificate of type #gnutls_x509_crt_t * @oid: holds an Object Identifier in a null terminated string * @raw_flag: must be 0, or 1 if the data are DER encoded * @name: a pointer to the name * @sizeof_name: holds the size of @name * * This function will set the part of the name of the Certificate * subject, specified by the given OID. The input string should be * ASCII or UTF-8 encoded. * * Some helper macros with popular OIDs can be found in gnutls/x509.h * With this function you can only set the known OIDs. You can test * for known OIDs using gnutls_x509_dn_oid_known(). For OIDs that are * not known (by gnutls) you should properly DER encode your data, * and call this function with @raw_flag set. * * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a * negative error value. **/ int gnutls_x509_crt_set_dn_by_oid(gnutls_x509_crt_t crt, const char *oid, unsigned int raw_flag, const void *name, unsigned int sizeof_name) { if (sizeof_name == 0 || name == NULL || crt == NULL) { return GNUTLS_E_INVALID_REQUEST; } return _gnutls_x509_set_dn_oid(crt->cert, "tbsCertificate.subject", oid, raw_flag, name, sizeof_name); }
/** * gnutls_x509_crq_set_dn_by_oid - This function will set the Certificate request subject's distinguished name * @crq: should contain a gnutls_x509_crq_t structure * @oid: holds an Object Identifier in a null terminated string * @raw_flag: must be 0, or 1 if the data are DER encoded * @data: a pointer to the input data * @sizeof_data: holds the size of @data * * This function will set the part of the name of the Certificate request subject, specified * by the given OID. The input string should be ASCII or UTF-8 encoded. * * Some helper macros with popular OIDs can be found in gnutls/x509.h * With this function you can only set the known OIDs. You can test * for known OIDs using gnutls_x509_dn_oid_known(). For OIDs that are * not known (by gnutls) you should properly DER encode your data, and * call this function with raw_flag set. * * Returns 0 on success. * **/ int gnutls_x509_crq_set_dn_by_oid (gnutls_x509_crq_t crq, const char *oid, unsigned int raw_flag, const void *data, unsigned int sizeof_data) { if (sizeof_data == 0 || data == NULL || crq == NULL) { return GNUTLS_E_INVALID_REQUEST; } return _gnutls_x509_set_dn_oid (crq->crq, "certificationRequestInfo.subject", oid, raw_flag, data, sizeof_data); }
static int set_dn_by_oid(gnutls_x509_dn_t dn, const char *oid, unsigned int raw_flag, const void *name, unsigned name_size) { return _gnutls_x509_set_dn_oid(dn->asn, "", oid, raw_flag, name, name_size); }