]> git.ipfire.org Git - thirdparty/gnutls.git/commitdiff
Added new functions to get the LDAP DN in an allocated buffer.
authorNikos Mavrogiannopoulos <nmav@gnutls.org>
Tue, 5 Mar 2013 14:55:09 +0000 (15:55 +0100)
committerNikos Mavrogiannopoulos <nmav@gnutls.org>
Tue, 5 Mar 2013 14:58:48 +0000 (15:58 +0100)
NEWS
lib/includes/gnutls/x509.h
lib/libgnutls.map
lib/x509/crl.c
lib/x509/crq.c
lib/x509/dn.c
lib/x509/x509.c
lib/x509/x509_int.h

diff --git a/NEWS b/NEWS
index dc87601a64e963ad084c5b816c62ff7f1fff4e31..bae782c7a8e636bb34609dd04d6ff9282c9de0f8 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -15,7 +15,10 @@ support AES with PKCS #12.
 ** libgnutls-dane: Updated DANE verification options.
 
 ** API and ABI modifications:
-No changes since last version.
+gnutls_x509_crt_get_issuer_dn2: Added
+gnutls_x509_crt_get_dn2: Added
+gnutls_x509_crl_get_issuer_dn2: Added
+gnutls_x509_crq_get_dn2: Added
 
 
 * Version 3.1.9 (released 2013-02-27)
index 20bb918d3d650e5314537df73c4f25fd8fac52d1..46bd2247b706207f23de61e5e4627a7c675258e8 100644 (file)
@@ -131,6 +131,7 @@ extern "C"
 
   int gnutls_x509_crt_get_issuer_dn (gnutls_x509_crt_t cert, char *buf,
                                      size_t * buf_size);
+  int gnutls_x509_crt_get_issuer_dn2 (gnutls_x509_crt_t cert, gnutls_datum_t* dn);
   int gnutls_x509_crt_get_issuer_dn_oid (gnutls_x509_crt_t cert, int indx,
                                          void *oid, size_t * oid_size);
   int gnutls_x509_crt_get_issuer_dn_by_oid (gnutls_x509_crt_t cert,
@@ -139,6 +140,7 @@ extern "C"
                                             void *buf, size_t * buf_size);
   int gnutls_x509_crt_get_dn (gnutls_x509_crt_t cert, char *buf,
                               size_t * buf_size);
+  int gnutls_x509_crt_get_dn2 (gnutls_x509_crt_t cert, gnutls_datum_t* dn);
   int gnutls_x509_crt_get_dn_oid (gnutls_x509_crt_t cert, int indx,
                                   void *oid, size_t * oid_size);
   int gnutls_x509_crt_get_dn_by_oid (gnutls_x509_crt_t cert,
@@ -530,8 +532,9 @@ extern "C"
   gnutls_x509_crl_get_raw_issuer_dn (gnutls_x509_crl_t crl,
                                       gnutls_datum_t * dn);
 
-  int gnutls_x509_crl_get_issuer_dn (const gnutls_x509_crl_t crl,
+  int gnutls_x509_crl_get_issuer_dn (gnutls_x509_crl_t crl,
                                      char *buf, size_t * sizeof_buf);
+  int gnutls_x509_crl_get_issuer_dn2 (gnutls_x509_crl_t crl, gnutls_datum_t* dn);
   int gnutls_x509_crl_get_issuer_dn_by_oid (gnutls_x509_crl_t crl,
                                             const char *oid, int indx,
                                             unsigned int raw_flag,
@@ -916,6 +919,7 @@ extern "C"
 
   int gnutls_x509_crq_get_dn (gnutls_x509_crq_t crq, char *buf,
                               size_t * sizeof_buf);
+  int gnutls_x509_crq_get_dn2 (gnutls_x509_crq_t crq, gnutls_datum_t* dn);
   int gnutls_x509_crq_get_dn_oid (gnutls_x509_crq_t crq, int indx,
                                   void *oid, size_t * sizeof_oid);
   int gnutls_x509_crq_get_dn_by_oid (gnutls_x509_crq_t crq,
index f2fa3758046b6f8caad3082b292073615e43203d..2fd42760f2a79a89aea929a0ff67eefd571be49d 100644 (file)
@@ -893,6 +893,10 @@ GNUTLS_3_1_0 {
        gnutls_transport_get_int2;
        gnutls_transport_get_int;
        gnutls_pkcs11_privkey_status;
+       gnutls_x509_crt_get_issuer_dn2;
+       gnutls_x509_crt_get_dn2;
+       gnutls_x509_crl_get_issuer_dn2;
+       gnutls_x509_crq_get_dn2;
 } GNUTLS_3_0_0;
 
 GNUTLS_PRIVATE {
index 0528ee2886720178738c1af92ac25d63075ea9f8..392ef3140c8fba70bff9b086d0e4965d025f7bca 100644 (file)
@@ -265,6 +265,33 @@ gnutls_x509_crl_get_dn_oid (gnutls_x509_crl_t crl,
                                   oid, sizeof_oid);
 }
 
+/**
+ * gnutls_x509_crl_get_issuer_dn2:
+ * @cert: should contain a #gnutls_x509_crt_t structure
+ * @dn: a pointer to a structure to hold the name
+ *
+ * This function will allocate buffer and copy the name of the CRL issuer.
+ * The name will be in the form "C=xxxx,O=yyyy,CN=zzzz" as
+ * described in RFC4514. The output string will be ASCII or UTF-8
+ * encoded, depending on the certificate data.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value. and a negative error code on error.
+ *
+ * Since: 3.1.10
+ **/
+int
+gnutls_x509_crl_get_issuer_dn2 (gnutls_x509_crl_t crl, gnutls_datum_t * dn)
+{
+  if (crl == NULL)
+    {
+      gnutls_assert ();
+      return GNUTLS_E_INVALID_REQUEST;
+    }
+
+  return _gnutls_x509_get_dn (crl->crl,
+                                "tbsCertList.issuer.rdnSequence", dn);
+}
 
 /**
  * gnutls_x509_crl_get_signature_algorithm:
index 52448725e79aebe7526f57dba64399c3177971ce..917b319b448053e4ed1e8e52a73f452fa03240a8 100644 (file)
@@ -256,6 +256,34 @@ gnutls_x509_crq_get_dn (gnutls_x509_crq_t crq, char *buf, size_t * buf_size)
                                 buf, buf_size);
 }
 
+/**
+ * gnutls_x509_crq_get_dn2:
+ * @crq: should contain a #gnutls_x509_crq_t structure
+ * @dn: a pointer to a structure to hold the name
+ *
+ * This function will allocate buffer and copy the name of the Certificate 
+ * request. The name will be in the form "C=xxxx,O=yyyy,CN=zzzz" as
+ * described in RFC4514. The output string will be ASCII or UTF-8
+ * encoded, depending on the certificate data.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value. and a negative error code on error.
+ *
+ * Since: 3.1.10
+ **/
+int
+gnutls_x509_crq_get_dn2 (gnutls_x509_crq_t crq, gnutls_datum_t * dn)
+{
+  if (crq == NULL)
+    {
+      gnutls_assert ();
+      return GNUTLS_E_INVALID_REQUEST;
+    }
+
+  return _gnutls_x509_get_dn (crq->crq,
+                                "certificationRequestInfo.subject.rdnSequence", dn);
+}
+
 /**
  * gnutls_x509_crq_get_dn_by_oid:
  * @crq: should contain a gnutls_x509_crq_t structure
index 3ecdc72ad7422249b3cb2a815e569c37baa2cd96..99d41ffcc5bc654978b39f807046cc29944fff0b 100644 (file)
@@ -84,6 +84,44 @@ cleanup:
   return ret;
 }
 
+int
+_gnutls_x509_get_dn (ASN1_TYPE asn1_struct,
+                       const char *asn1_rdn_name, gnutls_datum_t * dn)
+{
+char * buf;
+size_t buf_size;
+int ret;
+
+  buf_size = 384;
+  buf = gnutls_malloc(buf_size);
+  if (buf == NULL)
+    return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+       
+  ret = _gnutls_x509_parse_dn (asn1_struct,
+                                asn1_rdn_name, buf, &buf_size);
+  if (ret == GNUTLS_E_SHORT_MEMORY_BUFFER)
+    {
+      buf = gnutls_realloc_fast(buf, buf_size);
+      if (buf == NULL)
+        return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+      
+      ret = _gnutls_x509_parse_dn (asn1_struct,
+                                   asn1_rdn_name, buf, &buf_size);
+    }
+    
+  if (ret < 0)
+    {
+      gnutls_free(buf);
+      return gnutls_assert_val(ret);
+    }
+  
+  dn->data = (void*)buf;
+  dn->size = buf_size;
+
+  return ret;
+}
+
+
 /* Parses an X509 DN in the asn1_struct, and puts the output into
  * the string buf. The output is an LDAP encoded DN.
  *
index 57f540ae8b4467fbeb6279995149f42f5ec0bc7e..957328a8513128acea18b3bb78f1691253e12f3c 100644 (file)
@@ -273,6 +273,34 @@ gnutls_x509_crt_get_issuer_dn (gnutls_x509_crt_t cert, char *buf,
                                 buf_size);
 }
 
+/**
+ * gnutls_x509_crt_get_issuer_dn2:
+ * @cert: should contain a #gnutls_x509_crt_t structure
+ * @dn: a pointer to a structure to hold the name
+ *
+ * This function will allocate buffer and copy the name of issuer of the Certificate.
+ * The name will be in the form "C=xxxx,O=yyyy,CN=zzzz" as
+ * described in RFC4514. The output string will be ASCII or UTF-8
+ * encoded, depending on the certificate data.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value. and a negative error code on error.
+ *
+ * Since: 3.1.10
+ **/
+int
+gnutls_x509_crt_get_issuer_dn2 (gnutls_x509_crt_t cert, gnutls_datum_t * dn)
+{
+  if (cert == NULL)
+    {
+      gnutls_assert ();
+      return GNUTLS_E_INVALID_REQUEST;
+    }
+
+  return _gnutls_x509_get_dn (cert->cert,
+                                "tbsCertificate.issuer.rdnSequence", dn);
+}
+
 /**
  * gnutls_x509_crt_get_issuer_dn_by_oid:
  * @cert: should contain a #gnutls_x509_crt_t structure
@@ -392,6 +420,34 @@ gnutls_x509_crt_get_dn (gnutls_x509_crt_t cert, char *buf,
                                 buf_size);
 }
 
+/**
+ * gnutls_x509_crt_get_dn2:
+ * @cert: should contain a #gnutls_x509_crt_t structure
+ * @dn: a pointer to a structure to hold the name
+ *
+ * This function will allocate buffer and copy the name of the Certificate.
+ * The name will be in the form "C=xxxx,O=yyyy,CN=zzzz" as
+ * described in RFC4514. The output string will be ASCII or UTF-8
+ * encoded, depending on the certificate data.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value. and a negative error code on error.
+ *
+ * Since: 3.1.10
+ **/
+int
+gnutls_x509_crt_get_dn2 (gnutls_x509_crt_t cert, gnutls_datum_t * dn)
+{
+  if (cert == NULL)
+    {
+      gnutls_assert ();
+      return GNUTLS_E_INVALID_REQUEST;
+    }
+
+  return _gnutls_x509_get_dn (cert->cert,
+                                "tbsCertificate.subject.rdnSequence", dn);
+}
+
 /**
  * gnutls_x509_crt_get_dn_by_oid:
  * @cert: should contain a #gnutls_x509_crt_t structure
index 2503166a8557e57f94ec0b269e51604ccf2970d7..26ad9c45dcc306183b5193cb54c7f8300cded452 100644 (file)
@@ -111,6 +111,10 @@ int _gnutls_x509_parse_dn (ASN1_TYPE asn1_struct,
                            const char *asn1_rdn_name, char *buf,
                            size_t * sizeof_buf);
 
+int
+_gnutls_x509_get_dn (ASN1_TYPE asn1_struct,
+                       const char *asn1_rdn_name, gnutls_datum_t * dn);
+
 int
 _gnutls_x509_parse_dn_oid (ASN1_TYPE asn1_struct,
                            const char *asn1_rdn_name,