danetool doc fix
[gnutls.git] / extra / openssl_compat.c
blobff68cd00e935e4b4e541ee64173e92968e896889
1 /*
2 * Copyright (C) 2002-2012 Free Software Foundation, Inc.
4 * Author: Nikos Mavrogiannopoulos
6 * This file is part of GnuTLS-EXTRA.
8 * GnuTLS-extra is free software: you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation, either version 3 of the License, or
11 * (at your option) any later version.
13 * GnuTLS-extra is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with this program. If not, see <http://www.gnu.org/licenses/>.
22 /* This file includes all functions that were in the 0.5.x and 0.8.x
23 * gnutls API. They are now implemented over the new certificate parsing
24 * API.
27 #include "gnutls_int.h"
29 #include <gnutls_global.h>
30 #include <gnutls_errors.h>
31 #include <string.h> /* memset */
32 #include <x509/x509_int.h>
33 #include <libtasn1.h>
34 #include <gnutls/x509.h>
35 #include <openssl_compat.h>
37 /*-
38 * gnutls_x509_extract_certificate_dn:
39 * @cert: should contain an X.509 DER encoded certificate
40 * @ret: a pointer to a structure to hold the peer's name
42 * This function will return the name of the certificate holder. The name is gnutls_x509_dn structure and
43 * is a obtained by the peer's certificate. If the certificate send by the
44 * peer is invalid, or in any other failure this function returns error.
45 * Returns a negative error code in case of an error.
46 -*/
47 int
48 gnutls_x509_extract_certificate_dn (const gnutls_datum_t * cert,
49 gnutls_x509_dn * ret)
51 gnutls_x509_crt_t xcert;
52 int result;
53 size_t len;
55 result = gnutls_x509_crt_init (&xcert);
56 if (result < 0)
57 return result;
59 result = gnutls_x509_crt_import (xcert, cert, GNUTLS_X509_FMT_DER);
60 if (result < 0)
62 gnutls_x509_crt_deinit (xcert);
63 return result;
66 len = sizeof (ret->country);
67 gnutls_x509_crt_get_dn_by_oid (xcert, GNUTLS_OID_X520_COUNTRY_NAME, 0,
68 0, ret->country, &len);
70 len = sizeof (ret->organization);
71 gnutls_x509_crt_get_dn_by_oid (xcert, GNUTLS_OID_X520_ORGANIZATION_NAME,
72 0, 0, ret->organization, &len);
74 len = sizeof (ret->organizational_unit_name);
75 gnutls_x509_crt_get_dn_by_oid (xcert,
76 GNUTLS_OID_X520_ORGANIZATIONAL_UNIT_NAME,
77 0, 0, ret->organizational_unit_name, &len);
79 len = sizeof (ret->common_name);
80 gnutls_x509_crt_get_dn_by_oid (xcert, GNUTLS_OID_X520_COMMON_NAME, 0, 0,
81 ret->common_name, &len);
83 len = sizeof (ret->locality_name);
84 gnutls_x509_crt_get_dn_by_oid (xcert, GNUTLS_OID_X520_LOCALITY_NAME, 0,
85 0, ret->locality_name, &len);
87 len = sizeof (ret->state_or_province_name);
88 gnutls_x509_crt_get_dn_by_oid (xcert,
89 GNUTLS_OID_X520_STATE_OR_PROVINCE_NAME,
90 0, 0, ret->state_or_province_name, &len);
92 len = sizeof (ret->email);
93 gnutls_x509_crt_get_dn_by_oid (xcert, GNUTLS_OID_PKCS9_EMAIL, 0, 0,
94 ret->email, &len);
96 gnutls_x509_crt_deinit (xcert);
98 return 0;
102 * gnutls_x509_extract_certificate_issuer_dn:
103 * @cert: should contain an X.509 DER encoded certificate
104 * @ret: a pointer to a structure to hold the issuer's name
106 * This function will return the name of the issuer stated in the certificate. The name is a gnutls_x509_dn structure and
107 * is a obtained by the peer's certificate. If the certificate send by the
108 * peer is invalid, or in any other failure this function returns error.
109 * Returns a negative error code in case of an error.
112 gnutls_x509_extract_certificate_issuer_dn (const gnutls_datum_t * cert,
113 gnutls_x509_dn * ret)
115 gnutls_x509_crt_t xcert;
116 int result;
117 size_t len;
119 result = gnutls_x509_crt_init (&xcert);
120 if (result < 0)
121 return result;
123 result = gnutls_x509_crt_import (xcert, cert, GNUTLS_X509_FMT_DER);
124 if (result < 0)
126 gnutls_x509_crt_deinit (xcert);
127 return result;
130 len = sizeof (ret->country);
131 gnutls_x509_crt_get_issuer_dn_by_oid (xcert,
132 GNUTLS_OID_X520_COUNTRY_NAME, 0,
133 0, ret->country, &len);
135 len = sizeof (ret->organization);
136 gnutls_x509_crt_get_issuer_dn_by_oid (xcert,
137 GNUTLS_OID_X520_ORGANIZATION_NAME,
138 0, 0, ret->organization, &len);
140 len = sizeof (ret->organizational_unit_name);
141 gnutls_x509_crt_get_issuer_dn_by_oid (xcert,
142 GNUTLS_OID_X520_ORGANIZATIONAL_UNIT_NAME,
143 0, 0,
144 ret->organizational_unit_name, &len);
146 len = sizeof (ret->common_name);
147 gnutls_x509_crt_get_issuer_dn_by_oid (xcert,
148 GNUTLS_OID_X520_COMMON_NAME, 0, 0,
149 ret->common_name, &len);
151 len = sizeof (ret->locality_name);
152 gnutls_x509_crt_get_issuer_dn_by_oid (xcert,
153 GNUTLS_OID_X520_LOCALITY_NAME, 0,
154 0, ret->locality_name, &len);
156 len = sizeof (ret->state_or_province_name);
157 gnutls_x509_crt_get_issuer_dn_by_oid (xcert,
158 GNUTLS_OID_X520_STATE_OR_PROVINCE_NAME,
159 0, 0, ret->state_or_province_name,
160 &len);
162 len = sizeof (ret->email);
163 gnutls_x509_crt_get_issuer_dn_by_oid (xcert, GNUTLS_OID_PKCS9_EMAIL, 0,
164 0, ret->email, &len);
166 gnutls_x509_crt_deinit (xcert);
168 return 0;