/*- * gnutls_x509_extract_dn - This function parses an RDN sequence * @idn: should contain a DER encoded RDN sequence * @rdn: a pointer to a structure to hold the name * * This function will return the name of the given RDN sequence. * The name will be returned as a gnutls_x509_dn structure. * Returns a negative error code in case of an error. * -*/ int gnutls_x509_extract_dn (const gnutls_datum_t * idn, gnutls_x509_dn * rdn) { ASN1_TYPE dn = ASN1_TYPE_EMPTY; int result; size_t len; if ((result = asn1_create_element (_gnutls_get_pkix (), "PKIX1.Name", &dn)) != ASN1_SUCCESS) { return _gnutls_asn2err (result); } result = asn1_der_decoding (&dn, idn->data, idn->size, NULL); if (result != ASN1_SUCCESS) { /* couldn't decode DER */ asn1_delete_structure (&dn); return _gnutls_asn2err (result); } memset (rdn, 0, sizeof (gnutls_x509_dn)); len = sizeof (rdn->country); _gnutls_x509_parse_dn_oid (dn, "", GNUTLS_OID_X520_COUNTRY_NAME, 0, 0, rdn->country, &len); len = sizeof (rdn->organization); _gnutls_x509_parse_dn_oid (dn, "", GNUTLS_OID_X520_ORGANIZATION_NAME, 0, 0, rdn->organization, &len); len = sizeof (rdn->organizational_unit_name); _gnutls_x509_parse_dn_oid (dn, "", GNUTLS_OID_X520_ORGANIZATIONAL_UNIT_NAME, 0, 0, rdn->organizational_unit_name, &len); len = sizeof (rdn->common_name); _gnutls_x509_parse_dn_oid (dn, "", GNUTLS_OID_X520_COMMON_NAME, 0, 0, rdn->common_name, &len); len = sizeof (rdn->locality_name); _gnutls_x509_parse_dn_oid (dn, "", GNUTLS_OID_X520_LOCALITY_NAME, 0, 0, rdn->locality_name, &len); len = sizeof (rdn->state_or_province_name); _gnutls_x509_parse_dn_oid (dn, "", GNUTLS_OID_X520_STATE_OR_PROVINCE_NAME, 0, 0, rdn->state_or_province_name, &len); len = sizeof (rdn->email); _gnutls_x509_parse_dn_oid (dn, "", GNUTLS_OID_PKCS9_EMAIL, 0, 0, rdn->email, &len); asn1_delete_structure (&dn); return 0; }
/** * gnutls_x509_crq_get_dn_by_oid - This function returns the Certificate request subject's distinguished name * @crq: should contain a gnutls_x509_crq_t structure * @oid: holds an Object Identified in null terminated string * @indx: In case multiple same OIDs exist in the RDN, this specifies * which to send. Use zero to get the first one. * @raw_flag: If non zero returns the raw DER data of the DN part. * @buf: a pointer to a structure to hold the name (may be null) * @sizeof_buf: initially holds the size of @buf * * This function will extract the part of the name of the Certificate * request subject, specified by the given OID. The output will be * encoded as described in RFC2253. The output string will be ASCII * or UTF-8 encoded, depending on the certificate data. * * Some helper macros with popular OIDs can be found in gnutls/x509.h * If raw flag is zero, this function will only return known OIDs as * text. Other OIDs will be DER encoded, as described in RFC2253 -- * in hex format with a '\#' prefix. You can check about known OIDs * using gnutls_x509_dn_oid_known(). * * If @buf is null then only the size will be filled. * * Returns GNUTLS_E_SHORT_MEMORY_BUFFER if the provided buffer is not * long enough, and in that case the *sizeof_buf will be updated with * the required size. On success 0 is returned. * **/ int gnutls_x509_crq_get_dn_by_oid (gnutls_x509_crq_t crq, const char *oid, int indx, unsigned int raw_flag, void *buf, size_t * sizeof_buf) { if (crq == NULL) { gnutls_assert (); return GNUTLS_E_INVALID_REQUEST; } return _gnutls_x509_parse_dn_oid (crq->crq, "certificationRequestInfo.subject.rdnSequence", oid, indx, raw_flag, buf, sizeof_buf); }
/** * gnutls_x509_crl_get_issuer_dn_by_oid - return the CRL's issuer distinguished name * @crl: should contain a gnutls_x509_crl_t structure * @oid: holds an Object Identified in null terminated string * @indx: In case multiple same OIDs exist in the RDN, this specifies which to send. Use zero to get the first one. * @raw_flag: If non zero returns the raw DER data of the DN part. * @buf: a pointer to a structure to hold the peer's name (may be null) * @sizeof_buf: initially holds the size of @buf * * This function will extract the part of the name of the CRL issuer * specified by the given OID. The output will be encoded as described * in RFC2253. The output string will be ASCII or UTF-8 encoded, * depending on the certificate data. * * Some helper macros with popular OIDs can be found in gnutls/x509.h * If raw flag is zero, this function will only return known OIDs as * text. Other OIDs will be DER encoded, as described in RFC2253 -- in * hex format with a '\#' prefix. You can check about known OIDs * using gnutls_x509_dn_oid_known(). * * If buf is null then only the size will be filled. * * Returns: %GNUTLS_E_SHORT_MEMORY_BUFFER if the provided buffer is * not long enough, and in that case the sizeof_buf will be updated * with the required size, and 0 on success. **/ int gnutls_x509_crl_get_issuer_dn_by_oid (gnutls_x509_crl_t crl, const char *oid, int indx, unsigned int raw_flag, void *buf, size_t * sizeof_buf) { if (crl == NULL) { gnutls_assert (); return GNUTLS_E_INVALID_REQUEST; } return _gnutls_x509_parse_dn_oid (crl->crl, "tbsCertList.issuer.rdnSequence", oid, indx, raw_flag, buf, sizeof_buf); }
/** * gnutls_x509_crl_get_issuer_dn_by_oid: * @crl: should contain a gnutls_x509_crl_t structure * @oid: holds an Object Identified in null terminated string * @indx: In case multiple same OIDs exist in the RDN, this specifies which to send. Use (0) to get the first one. * @raw_flag: If non-zero returns the raw DER data of the DN part. * @buf: a pointer to a structure to hold the peer's name (may be null) * @sizeof_buf: initially holds the size of @buf * * This function will extract the part of the name of the CRL issuer * specified by the given OID. The output will be encoded as described * in RFC4514. The output string will be ASCII or UTF-8 encoded, * depending on the certificate data. * * Some helper macros with popular OIDs can be found in gnutls/x509.h * If raw flag is (0), this function will only return known OIDs as * text. Other OIDs will be DER encoded, as described in RFC4514 -- in * hex format with a '#' prefix. You can check about known OIDs * using gnutls_x509_dn_oid_known(). * * If buf is null then only the size will be filled. * * Returns: %GNUTLS_E_SHORT_MEMORY_BUFFER if the provided buffer is * not long enough, and in that case the sizeof_buf will be updated * with the required size, and 0 on success. **/ int gnutls_x509_crl_get_issuer_dn_by_oid(gnutls_x509_crl_t crl, const char *oid, int indx, unsigned int raw_flag, void *buf, size_t * sizeof_buf) { gnutls_datum_t td; int ret; if (crl == NULL) { gnutls_assert(); return GNUTLS_E_INVALID_REQUEST; } ret = _gnutls_x509_parse_dn_oid(crl->crl, "tbsCertList.issuer.rdnSequence", oid, indx, raw_flag, &td); if (ret < 0) return gnutls_assert_val(ret); return _gnutls_strdatum_to_buf(&td, buf, sizeof_buf); }
/** * gnutls_x509_rdn_get_by_oid: * @idn: should contain a DER encoded RDN sequence * @oid: an Object Identifier * @indx: In case multiple same OIDs exist in the RDN indicates which * to send. Use 0 for the first one. * @raw_flag: If non-zero then the raw DER data are returned. * @buf: a pointer to a structure to hold the peer's name * @buf_size: holds the size of @buf * * This function will return the name of the given Object identifier, * of the RDN sequence. The name will be encoded using the rules * from RFC4514. * * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, or * %GNUTLS_E_SHORT_MEMORY_BUFFER is returned and *@buf_size is * updated if the provided buffer is not long enough, otherwise a * negative error value. **/ int gnutls_x509_rdn_get_by_oid(const gnutls_datum_t * idn, const char *oid, int indx, unsigned int raw_flag, void *buf, size_t * buf_size) { int result; ASN1_TYPE dn = ASN1_TYPE_EMPTY; gnutls_datum_t td; if (buf_size == 0) { return GNUTLS_E_INVALID_REQUEST; } if ((result = asn1_create_element(_gnutls_get_pkix(), "PKIX1.Name", &dn)) != ASN1_SUCCESS) { gnutls_assert(); return _gnutls_asn2err(result); } result = _asn1_strict_der_decode(&dn, idn->data, idn->size, NULL); if (result != ASN1_SUCCESS) { /* couldn't decode DER */ gnutls_assert(); asn1_delete_structure(&dn); return _gnutls_asn2err(result); } result = _gnutls_x509_parse_dn_oid(dn, "rdnSequence", oid, indx, raw_flag, &td); asn1_delete_structure(&dn); if (result < 0) return gnutls_assert_val(result); return _gnutls_strdatum_to_buf(&td, buf, buf_size); }