summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--lib/gnutls_ui.h2
-rw-r--r--lib/gnutls_x509.c89
2 files changed, 78 insertions, 13 deletions
diff --git a/lib/gnutls_ui.h b/lib/gnutls_ui.h
index 9181b20ece..2d7339ce61 100644
--- a/lib/gnutls_ui.h
+++ b/lib/gnutls_ui.h
@@ -65,6 +65,8 @@ void gnutls_certificate_server_set_request( gnutls_session, gnutls_certificate_r
int gnutls_x509_certificate_to_xml(const gnutls_datum * cert, gnutls_datum* res, int detail);
int gnutls_x509_extract_dn( const gnutls_datum*, gnutls_x509_dn*);
+int gnutls_x509_extract_dn_string(const gnutls_datum * idn,
+ char *buf, unsigned int sizeof_buf);
int gnutls_x509_extract_certificate_dn( const gnutls_datum*, gnutls_x509_dn*);
int gnutls_x509_extract_certificate_dn_string(char *buf, unsigned int sizeof_buf,
const gnutls_datum * cert, int issuer);
diff --git a/lib/gnutls_x509.c b/lib/gnutls_x509.c
index 91912a7a05..477eb6e65a 100644
--- a/lib/gnutls_x509.c
+++ b/lib/gnutls_x509.c
@@ -2861,6 +2861,82 @@ int str_length, j, i;
return buffer;
}
+/* defines needed in *dn_string functions
+ */
+#define STR_APPEND(y) if (_gnutls_string_append_str( &str, y) < 0) { \
+ _gnutls_string_clear( &str); \
+ gnutls_assert(); \
+ return GNUTLS_E_MEMORY_ERROR; \
+ }
+#define PRINTX( x, y) \
+ if (y[0]!=0) { \
+ if (i==0) i=1; else { STR_APPEND( ","); } \
+ STR_APPEND( x); \
+ STR_APPEND( "="); \
+ STR_APPEND( str_escape(y, str_buffer, sizeof(str_buffer))); \
+ }
+
+
+
+/**
+ * gnutls_x509_extract_dn_string - This function parses an RDN sequence and returns a string
+ * @idn: should contain a DER encoded RDN sequence
+ * @buf: a pointer to a structure to hold the peer's name
+ * @sizeof_buf: holds the size of 'buf'
+ *
+ * This function will return the name of the given RDN sequence.
+ * The name will be in the form "C=xxxx,O=yyyy,CN=zzzz" as described
+ * in RFC2253.
+ *
+ * Returns GNUTLS_E_SHORT_MEMORY_BUFFER if the provided buffer is not long enough,
+ * and 0 on success.
+ *
+ **/
+int gnutls_x509_extract_dn_string(const gnutls_datum * idn,
+ char *buf, unsigned int sizeof_buf)
+{
+gnutls_x509_dn dn;
+int ret, i;
+gnutls_string str;
+char str_buffer[256];
+
+ if (buf == NULL || sizeof_buf == 0) {
+ return GNUTLS_E_INVALID_REQUEST;
+ }
+
+ buf[0] = 0;
+
+ ret = gnutls_x509_extract_certificate_dn(idn, &dn);
+ if (ret < 0) {
+ gnutls_assert();
+ return ret;
+ }
+
+ _gnutls_string_init( &str, gnutls_malloc, gnutls_realloc, gnutls_free);
+
+ i = 0;
+ PRINTX( "CN", dn.common_name);
+ PRINTX( "E", dn.email);
+ PRINTX( "OU", dn.organizational_unit_name);
+ PRINTX( "O", dn.organization);
+ PRINTX( "L", dn.locality_name);
+ PRINTX( "ST", dn.state_or_province_name);
+ PRINTX( "C", dn.country);
+
+ if (str.length >= sizeof_buf) {
+ _gnutls_string_clear( &str);
+ return GNUTLS_E_SHORT_MEMORY_BUFFER;
+ }
+
+ memcpy( buf, str.data, str.length);
+ buf[str.length] = 0;
+
+ _gnutls_string_clear( &str);
+
+ return 0;
+
+}
+
/**
* gnutls_x509_extract_certificate_dn_string - This function returns the certificate's distinguished name
* @cert: should contain an X.509 DER encoded certificate
@@ -2891,19 +2967,6 @@ int gnutls_x509_extract_certificate_dn_string(char *buf, unsigned int sizeof_buf
_gnutls_string_init( &str, gnutls_malloc, gnutls_realloc, gnutls_free);
-#define STR_APPEND(y) if (_gnutls_string_append_str( &str, y) < 0) { \
- _gnutls_string_clear( &str); \
- gnutls_assert(); \
- return GNUTLS_E_MEMORY_ERROR; \
- }
-#define PRINTX( x, y) \
- if (y[0]!=0) { \
- if (i==0) i=1; else { STR_APPEND( ","); } \
- STR_APPEND( x); \
- STR_APPEND( "="); \
- STR_APPEND( str_escape(y, str_buffer, sizeof(str_buffer))); \
- }
-
if (!issuer)
ret = gnutls_x509_extract_certificate_dn(cert, &dn);
else