Add function to return internal enoding of X509_NAME.

PR#4280 Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-01-30 02:51:01 +00:00 · 2016-01-30 02:51:01 +00:00 · 7ab507495b
commit 7ab507495b
parent 33254e1c6f
4 changed files with 38 additions and 7 deletions
--- a/crypto/x509/x_name.c
+++ b/crypto/x509/x_name.c
@ -567,3 +567,16 @@ int X509_NAME_print(BIO *bp, X509_NAME *name, int obase)
    OPENSSL_free(b);
    return 0;
 }
+
+int X509_NAME_get0_der(const unsigned char **pder, size_t *pderlen,
+                       X509_NAME *nm)
+{
+    /* Make sure encoding is valid */
+    if (i2d_X509_NAME(nm, NULL) <= 0)
+        return 0;
+    if (pder != NULL)
+        *pder = (unsigned char *)nm->bytes->data;
+    if (pderlen != NULL)
+        *pderlen = nm->bytes->length;
+    return 1;
+}
--- a/doc/crypto/d2i_X509_NAME.pod
+++ b/doc/crypto/d2i_X509_NAME.pod
@ -11,21 +11,35 @@ d2i_X509_NAME, i2d_X509_NAME - X509_NAME encoding functions
 X509_NAME *d2i_X509_NAME(X509_NAME **a, unsigned char **pp, long length);
 int i2d_X509_NAME(X509_NAME *a, unsigned char **pp);

+ int X509_NAME_get0_der(const unsigned char **pder, size_t *pderlen,
+                        X509_NAME *nm)
+
+
 =head1 DESCRIPTION

-These functions decode and encode an B<X509_NAME> structure which is the
-same as the B<Name> type defined in RFC2459 (and elsewhere) and used
-for example in certificate subject and issuer names.
+The functions d2i_X509_NAME() and i2d_X509_NAME() decode and encode an
+B<X509_NAME> structure which is the same as the B<Name> type defined in
+RFC3280 (and elsewhere) and used for example in certificate subject and
+issuer names.

 Otherwise the functions behave in a similar way to d2i_X509() and i2d_X509()
 described in the L<d2i_X509(3)> manual page.

+The function X509_NAME_get0_der() returns an internal pointer to the
+encoding of an B<X509_NAME> structure in B<*pder> and consisting of
+B<*pderlen> bytes. It is useful for applications that wish to examine
+the encoding of an B<X509_NAME> structure without copying it.
+
+=head1 RETURN VALUES
+
 =head1 SEE ALSO

+The meanings of the return values of d2i_X509_NAME() and i2d_X509_NAME()
+are similar to those for d2i_X509() and i2d_X509().
+
+The function X509_NAME_get0_der() returns 1 for success and 0 if an error
+occurred.
+
 L<d2i_X509(3)>

-=head1 HISTORY
-
-TBA
-
 =cut
--- a/include/openssl/x509.h
+++ b/include/openssl/x509.h
@ -873,6 +873,9 @@ ASN1_OBJECT *X509_NAME_ENTRY_get_object(X509_NAME_ENTRY *ne);
 ASN1_STRING *X509_NAME_ENTRY_get_data(X509_NAME_ENTRY *ne);
 int X509_NAME_ENTRY_set(const X509_NAME_ENTRY *ne);

+int X509_NAME_get0_der(const unsigned char **pder, size_t *pderlen,
+                       X509_NAME *nm);
+
 int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x);
 int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x,
                          int nid, int lastpos);
--- a/util/libeay.num
+++ b/util/libeay.num
@ -4765,3 +4765,4 @@ OCSP_resp_get0_produced_at              5159	1_1_0	EXIST::FUNCTION:
 TS_STATUS_INFO_get0_failure_info        5160	1_1_0	EXIST::FUNCTION:
 TS_STATUS_INFO_get0_text                5161	1_1_0	EXIST::FUNCTION:
 CRYPTO_secure_zalloc                    5162	1_1_0	EXIST::FUNCTION:
+X509_NAME_get0_der                      5163	1_1_0	EXIST::FUNCTION: