diff options
| -rw-r--r-- | NEWS | 2 | ||||
| -rw-r--r-- | lib/gnutls_ui.h | 2 | ||||
| -rw-r--r-- | lib/gnutls_x509.c | 47 |
3 files changed, 51 insertions, 0 deletions
@@ -5,6 +5,8 @@ Version 0.5.9 other compiler. - Updated 'gnutls-cli' with the starttls parameter, to allow testing starttls implementations. +- Added gnutls_x509_extract_certificate_dn_string() which returns the peer's + Distinguished name in a single string. Version 0.5.8 (25/09/2002) - Updated documentation. diff --git a/lib/gnutls_ui.h b/lib/gnutls_ui.h index 2a9cb4a4c2..cec4b5b7a1 100644 --- a/lib/gnutls_ui.h +++ b/lib/gnutls_ui.h @@ -84,6 +84,8 @@ int gnutls_x509_certificate_to_xml(const gnutls_datum * cert, gnutls_datum* res, int gnutls_x509_extract_dn( const gnutls_datum*, gnutls_x509_dn*); int gnutls_x509_extract_certificate_dn( const gnutls_datum*, gnutls_x509_dn*); +int gnutls_x509_extract_certificate_dn_string(char *buf, int sizeof_buf, + const gnutls_datum * cert, int issuer); int gnutls_x509_extract_certificate_issuer_dn( const gnutls_datum*, gnutls_x509_dn *); int gnutls_x509_extract_certificate_version( const gnutls_datum*); int gnutls_x509_extract_certificate_serial(const gnutls_datum * cert, char* result, int* result_size); diff --git a/lib/gnutls_x509.c b/lib/gnutls_x509.c index 504c072886..079effda3b 100644 --- a/lib/gnutls_x509.c +++ b/lib/gnutls_x509.c @@ -2827,3 +2827,50 @@ time_t _gnutls_x509_generalTime2gtime(char *ttime) return _gnutls_x509_time2gtime( ttime, year); } + +/** + * gnutls_x509_extract_certificate_dn_string - This function returns the certificate's distinguished name + * @cert: should contain an X.509 DER encoded certificate + * @buf: a pointer to a structure to hold the peer's name + * @sizeof_buf: holds the size of 'buf' + * @issuer: if non zero, then extract the name of the issuer, instead of the holder + * + * This function will copy the name of the certificate holder in the provided buffer. The name + * will be in the form "/C=xxxx/O=yyyy/CN=zzzz". + * + * Returns GNUTLS_E_INVALID_REQUEST if the provided buffer is not long enough. + * + **/ +int gnutls_x509_extract_certificate_dn_string(char *buf, int sizeof_buf, + const gnutls_datum * cert, int issuer) +{ + gnutls_x509_dn dn; + int len = 0; + + buf[0] = 0; + +#define PRINTX(buf, bufsize, x, y) { \ + if (y[0]!=0 && (strlen(x)+strlen(y)+4 < bufsize)) \ + sprintf(buf, "/%s=%s", x, y); \ +} + if (!issuer) + gnutls_x509_extract_certificate_dn(cert, &dn); + else + gnutls_x509_extract_certificate_issuer_dn( cert, &dn); + + PRINTX(buf, sizeof_buf, "C", dn.country); + len = strlen(buf); + PRINTX(buf + len, sizeof_buf - len - 1, "ST", + dn.state_or_province_name); + len = strlen(buf); + PRINTX(buf + len, sizeof_buf - len - 1, "L", dn.locality_name); + len = strlen(buf); + PRINTX(buf + len, sizeof_buf - len - 1, "O", dn.organization); + len = strlen(buf); + PRINTX(buf + len, sizeof_buf - len - 1, "OU", + dn.organizational_unit_name); + len = strlen(buf); + PRINTX(buf + len, sizeof_buf - len - 1, "E", dn.email); + + return; +} |