added gnutls_x509_oid_known() to report known OIDs.

4 files changed, 39 insertions, 7 deletions

diff --git a/includes/gnutls/x509.h b/includes/gnutls/x509.h
index 3c89aef986..59db880077 100644
--- a/includes/gnutls/x509.h
+++ b/includes/gnutls/x509.h
@@ -82,6 +82,8 @@ int gnutls_x509_crt_get_ca_status(gnutls_x509_crt cert, unsigned int* critical);
 int gnutls_x509_crt_get_key_usage( gnutls_x509_crt cert, unsigned int* key_usage,
 	unsigned int* critical);
 
+int gnutls_x509_oid_known(const char* oid);
+
 /* key_usage will be an OR of the following values:
  */
 #define GNUTLS_KEY_DIGITAL_SIGNATURE 		256
diff --git a/lib/x509/common.c b/lib/x509/common.c
index 557ab03c1e..30f8754ae1 100644
--- a/lib/x509/common.c
+++ b/lib/x509/common.c
@@ -77,6 +77,33 @@ int i = 0;
 	return 0;
 }
 
+/**
+  * gnutls_x509_oid_known - This function will return true if the given OID is known
+  * @oid: holds an Object Identifier in a null terminated string
+  *
+  * This function will inform about known OIDs. This is useful since functions
+  * like gnutls_x509_crt_set_dn_by_oid() use the information on known
+  * OIDs to properly encode their input. Object Identifiers that are not
+  * known are not encoded by these functions, and their input is stored directly
+  * into the ASN.1 structure. In that case of unknown OIDs, you have
+  * the responsibility of DER encoding your data.
+  *
+  * Returns 1 on known OIDs and 0 otherwise.
+  *
+  **/
+int gnutls_x509_oid_known( const char* oid) 
+{
+int i = 0;
+
+	do {
+		if ( strcmp(_oid2str[i].oid, oid)==0)
+			return 1;
+		i++;
+	} while( _oid2str[i].oid != NULL);
+
+	return 0;
+}
+
 /* Returns 1 if the data defined by the OID are of a choice
  * type.
  */
diff --git a/lib/x509/crq.c b/lib/x509/crq.c
index a0710863c1..93f3760976 100644
--- a/lib/x509/crq.c
+++ b/lib/x509/crq.c
@@ -383,21 +383,24 @@ int gnutls_x509_crq_get_challenge_password(gnutls_x509_crq crq,
 /**
   * gnutls_x509_crq_set_dn_by_oid - This function will set the Certificate request subject's distinguished name
   * @crq: should contain a gnutls_x509_crq structure
-  * @oid: holds an Object Identified in null terminated string
-  * @name: a pointer to the name
-  * @sizeof_name: holds the size of 'name'
+  * @oid: holds an Object Identifier in a null terminated string
+  * @data: a pointer to the input data
+  * @sizeof_data: holds the size of 'data'
   *
   * This function will set the part of the name of the Certificate request subject, specified
   * by the given OID. 
   *
   * Some helper macros with popular OIDs can be found in gnutls/x509.h
-  * With this function you can only set the known OIDs.
+  * With this function you can only set the known OIDs. You can test
+  * for known OIDs using gnutls_x509_oid_known(). For OIDs that are
+  * not known (by gnutls) you should properly DER encode your data before
+  * calling this function.
   *
   * Returns 0 on success.
   *
   **/
 int gnutls_x509_crq_set_dn_by_oid(gnutls_x509_crq crq, const char* oid, 
-	const char *name, unsigned int sizeof_name)
+	const void *data, unsigned int sizeof_data)
 {
 	if (sizeof_name == 0 || name == NULL || crq == NULL) {
 		return GNUTLS_E_INVALID_REQUEST;
diff --git a/lib/x509/x509_write.c b/lib/x509/x509_write.c
index ab75a0a66b..83911aac89 100644
--- a/lib/x509/x509_write.c
+++ b/lib/x509/x509_write.c
@@ -62,7 +62,7 @@ static void disable_optional_stuff( gnutls_x509_crt cert);
   *
   **/
 int gnutls_x509_crt_set_dn_by_oid(gnutls_x509_crt crt, const char* oid, 
-	const char *name, unsigned int sizeof_name)
+	const void *name, unsigned int sizeof_name)
 {
 	if (sizeof_name == 0 || name == NULL || crt == NULL) {
 		return GNUTLS_E_INVALID_REQUEST;
@@ -92,7 +92,7 @@ int gnutls_x509_crt_set_dn_by_oid(gnutls_x509_crt crt, const char* oid,
   *
   **/
 int gnutls_x509_crt_set_issuer_dn_by_oid(gnutls_x509_crt crt, const char* oid, 
-	const char *name, unsigned int sizeof_name)
+	const void *name, unsigned int sizeof_name)
 {
 	if (sizeof_name == 0 || name == NULL || crt == NULL) {
 		return GNUTLS_E_INVALID_REQUEST;