added gnutls_x509_crq_set_extension_by_oid()

This is a function to add an arbitrary extension into a
certificate request.

diff --git a/lib/includes/gnutls/x509.h b/lib/includes/gnutls/x509.h
index 35db44b79658a38444f98074de692491104f0d49..1b5bcbbf231fa6fe7616c94aae4e0f77b6d6e495 100644 (file)
--- a/lib/includes/gnutls/x509.h
+++ b/lib/includes/gnutls/x509.h
@@ -1238,6 +1238,12 @@ int gnutls_x509_crq_get_version(gnutls_x509_crq_t crq);
 int gnutls_x509_crq_set_key(gnutls_x509_crq_t crq,
                            gnutls_x509_privkey_t key);
 
+int
+gnutls_x509_crq_set_extension_by_oid(gnutls_x509_crq_t crq,
+                                    const char *oid, const void *buf,
+                                    size_t sizeof_buf,
+                                    unsigned int critical);
+
 int gnutls_x509_crq_set_challenge_password(gnutls_x509_crq_t crq,
                                           const char *pass);
 int gnutls_x509_crq_get_challenge_password(gnutls_x509_crq_t crq,

diff --git a/lib/libgnutls.map b/lib/libgnutls.map
index d77ff55f1bae00dac1853b3adb2a581fc8e6f64a..03ec8f1ebe9b5b6bc8d2b19c1267a2fe9fa6e4a0 100644 (file)
--- a/lib/libgnutls.map
+++ b/lib/libgnutls.map
@@ -1099,6 +1099,7 @@ GNUTLS_3_4
        gnutls_ext_get_name;
        gnutls_x509_crt_set_crq_extension_by_oid;
        gnutls_x509_tlsfeatures_check_crt;
+       gnutls_x509_crq_set_extension_by_oid;
  local:
        *;
 };

diff --git a/lib/x509/crq.c b/lib/x509/crq.c
index 32e2b5ab3093547f65bb20fa7b8a1bab4a7265f1..51c0e17969d802ad830775eee447ee48ab9b6f14 100644 (file)
--- a/lib/x509/crq.c
+++ b/lib/x509/crq.c
@@ -3020,3 +3020,46 @@ int gnutls_x509_crq_set_tlsfeatures(gnutls_x509_crq_t crq,
 
        return ret;
 }
+
+/**
+ * gnutls_x509_crq_set_extension_by_oid:
+ * @crq: a certificate of type #gnutls_x509_crq_t
+ * @oid: holds an Object Identifier in null terminated string
+ * @buf: a pointer to a DER encoded data
+ * @sizeof_buf: holds the size of @buf
+ * @critical: should be non-zero if the extension is to be marked as critical
+ *
+ * This function will set an the extension, by the specified OID, in
+ * the certificate request.  The extension data should be binary data DER
+ * encoded.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_x509_crq_set_extension_by_oid(gnutls_x509_crq_t crq,
+                                    const char *oid, const void *buf,
+                                    size_t sizeof_buf,
+                                    unsigned int critical)
+{
+       int result;
+       gnutls_datum_t der_data;
+
+       der_data.data = (void *) buf;
+       der_data.size = sizeof_buf;
+
+       if (crq == NULL) {
+               gnutls_assert();
+               return GNUTLS_E_INVALID_REQUEST;
+       }
+
+       result =
+           _gnutls_x509_crq_set_extension(crq, oid, &der_data, critical);
+       if (result < 0) {
+               gnutls_assert();
+               return result;
+       }
+
+       return 0;
+
+}

diff --git a/lib/x509/x509_write.c b/lib/x509/x509_write.c
index 8f971071d8816a3ffdf73fa1d400e95426f71f58..86b9280950f7afd8771d722cccb0f8b0d1222539 100644 (file)
--- a/lib/x509/x509_write.c
+++ b/lib/x509/x509_write.c
@@ -414,7 +414,7 @@ gnutls_x509_crt_set_crq_extension_by_oid(gnutls_x509_crt_t crt,
 /**
  * gnutls_x509_crt_set_extension_by_oid:
  * @crt: a certificate of type #gnutls_x509_crt_t
- * @oid: holds an Object Identified in null terminated string
+ * @oid: holds an Object Identifier in null terminated string
  * @buf: a pointer to a DER encoded data
  * @sizeof_buf: holds the size of @buf
  * @critical: should be non-zero if the extension is to be marked as critical