diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2016-06-14 11:19:50 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2016-06-14 13:06:12 +0200 |
commit | 5270ee1ac73c64431eb0858b844150cf1b2c1fb3 (patch) | |
tree | ff72788fbc59058c582ed9f9149e0d068f02b473 | |
parent | 3d96c8bb76012611fe97e27a50933308cee69420 (diff) | |
download | gnutls-5270ee1ac73c64431eb0858b844150cf1b2c1fb3.tar.gz |
Added gnutls_x509_crt_set_crq_extension_by_oid()
This allows copying specific OIDs from a certificate
request to the certificate.
-rw-r--r-- | lib/includes/gnutls/x509.h | 5 | ||||
-rw-r--r-- | lib/libgnutls.map | 1 | ||||
-rw-r--r-- | lib/x509/x509_write.c | 40 |
3 files changed, 39 insertions, 7 deletions
diff --git a/lib/includes/gnutls/x509.h b/lib/includes/gnutls/x509.h index 5217942abd..d9f56163ff 100644 --- a/lib/includes/gnutls/x509.h +++ b/lib/includes/gnutls/x509.h @@ -1254,6 +1254,11 @@ int gnutls_x509_crt_set_crq(gnutls_x509_crt_t crt, gnutls_x509_crq_t crq); int gnutls_x509_crt_set_crq_extensions(gnutls_x509_crt_t crt, gnutls_x509_crq_t crq); +int +gnutls_x509_crt_set_crq_extension_by_oid(gnutls_x509_crt_t crt, + gnutls_x509_crq_t crq, const char *oid, + unsigned flags); + int gnutls_x509_crq_set_private_key_usage_period(gnutls_x509_crq_t crq, time_t activation, diff --git a/lib/libgnutls.map b/lib/libgnutls.map index 1416504936..c396169101 100644 --- a/lib/libgnutls.map +++ b/lib/libgnutls.map @@ -1097,6 +1097,7 @@ GNUTLS_3_4 gnutls_x509_crq_get_tlsfeatures; gnutls_x509_crq_set_tlsfeatures; gnutls_ext_get_name; + gnutls_x509_crt_set_crq_extension_by_oid; local: *; }; diff --git a/lib/x509/x509_write.c b/lib/x509/x509_write.c index 15815700f3..e9c6259094 100644 --- a/lib/x509/x509_write.c +++ b/lib/x509/x509_write.c @@ -303,7 +303,7 @@ int gnutls_x509_crt_set_crq(gnutls_x509_crt_t crt, gnutls_x509_crq_t crq) * @crt: a certificate of type #gnutls_x509_crt_t * @crq: holds a certificate request * - * This function will set extensions from the given request to the + * This function will set the extensions from the given request to the * certificate. * * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a @@ -315,6 +315,29 @@ int gnutls_x509_crt_set_crq_extensions(gnutls_x509_crt_t crt, gnutls_x509_crq_t crq) { + return gnutls_x509_crt_set_crq_extension_by_oid(crt, crq, NULL, 0); +} + +/** + * gnutls_x509_crt_set_crq_extension_by_oid: + * @crt: a certificate of type #gnutls_x509_crt_t + * @crq: holds a certificate request + * @oid: the object identifier of the OID to copy + * @flags: should be zero + * + * This function will set the extension specify by @oid from the given request to the + * certificate. + * + * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a + * negative error value. + * + * Since: 3.5.1 + **/ +int +gnutls_x509_crt_set_crq_extension_by_oid(gnutls_x509_crt_t crt, + gnutls_x509_crq_t crq, const char *oid, + unsigned flags) +{ size_t i; if (crt == NULL || crq == NULL) { @@ -326,16 +349,16 @@ gnutls_x509_crt_set_crq_extensions(gnutls_x509_crt_t crt, for (i = 0;; i++) { int result; - char oid[MAX_OID_SIZE]; - size_t oid_size; + char local_oid[MAX_OID_SIZE]; + size_t local_oid_size; uint8_t *extensions; size_t extensions_size; unsigned int critical; gnutls_datum_t ext; - oid_size = sizeof(oid); - result = gnutls_x509_crq_get_extension_info(crq, i, oid, - &oid_size, + local_oid_size = sizeof(local_oid); + result = gnutls_x509_crq_get_extension_info(crq, i, local_oid, + &local_oid_size, &critical); if (result < 0) { if (result == @@ -346,6 +369,9 @@ gnutls_x509_crt_set_crq_extensions(gnutls_x509_crt_t crt, return result; } + if (oid && strcmp(local_oid, oid) != 0) + continue; + extensions_size = 0; result = gnutls_x509_crq_get_extension_data(crq, i, NULL, &extensions_size); @@ -373,7 +399,7 @@ gnutls_x509_crt_set_crq_extensions(gnutls_x509_crt_t crt, ext.size = extensions_size; result = - _gnutls_x509_crt_set_extension(crt, oid, &ext, + _gnutls_x509_crt_set_extension(crt, local_oid, &ext, critical); gnutls_free(extensions); if (result < 0) { |