diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2016-07-11 11:41:14 +0200 |
---|---|---|
committer | GitLab <gitlab@gitlab.com> | 2016-07-13 12:28:11 +0000 |
commit | 2f88e2b5b4b27ad67d68d6d4ad872a2b2fb93f9e (patch) | |
tree | 0169f922c265ba6a2cafc3bb363163f89b3b53ac | |
parent | 3696fbc57b4814eed10b348401a2ec94b347cba5 (diff) | |
download | gnutls-2f88e2b5b4b27ad67d68d6d4ad872a2b2fb93f9e.tar.gz |
added gnutls_x509_crq_set_extension_by_oid()
This is a function to add an arbitrary extension into a
certificate request.
-rw-r--r-- | lib/includes/gnutls/x509.h | 6 | ||||
-rw-r--r-- | lib/libgnutls.map | 1 | ||||
-rw-r--r-- | lib/x509/crq.c | 43 | ||||
-rw-r--r-- | lib/x509/x509_write.c | 2 |
4 files changed, 51 insertions, 1 deletions
diff --git a/lib/includes/gnutls/x509.h b/lib/includes/gnutls/x509.h index 35db44b796..1b5bcbbf23 100644 --- a/lib/includes/gnutls/x509.h +++ b/lib/includes/gnutls/x509.h @@ -1238,6 +1238,12 @@ int gnutls_x509_crq_get_version(gnutls_x509_crq_t crq); int gnutls_x509_crq_set_key(gnutls_x509_crq_t crq, gnutls_x509_privkey_t key); +int +gnutls_x509_crq_set_extension_by_oid(gnutls_x509_crq_t crq, + const char *oid, const void *buf, + size_t sizeof_buf, + unsigned int critical); + int gnutls_x509_crq_set_challenge_password(gnutls_x509_crq_t crq, const char *pass); int gnutls_x509_crq_get_challenge_password(gnutls_x509_crq_t crq, diff --git a/lib/libgnutls.map b/lib/libgnutls.map index d77ff55f1b..03ec8f1ebe 100644 --- a/lib/libgnutls.map +++ b/lib/libgnutls.map @@ -1099,6 +1099,7 @@ GNUTLS_3_4 gnutls_ext_get_name; gnutls_x509_crt_set_crq_extension_by_oid; gnutls_x509_tlsfeatures_check_crt; + gnutls_x509_crq_set_extension_by_oid; local: *; }; diff --git a/lib/x509/crq.c b/lib/x509/crq.c index 32e2b5ab30..51c0e17969 100644 --- a/lib/x509/crq.c +++ b/lib/x509/crq.c @@ -3020,3 +3020,46 @@ int gnutls_x509_crq_set_tlsfeatures(gnutls_x509_crq_t crq, return ret; } + +/** + * gnutls_x509_crq_set_extension_by_oid: + * @crq: a certificate of type #gnutls_x509_crq_t + * @oid: holds an Object Identifier in null terminated string + * @buf: a pointer to a DER encoded data + * @sizeof_buf: holds the size of @buf + * @critical: should be non-zero if the extension is to be marked as critical + * + * This function will set an the extension, by the specified OID, in + * the certificate request. The extension data should be binary data DER + * encoded. + * + * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a + * negative error value. + **/ +int +gnutls_x509_crq_set_extension_by_oid(gnutls_x509_crq_t crq, + const char *oid, const void *buf, + size_t sizeof_buf, + unsigned int critical) +{ + int result; + gnutls_datum_t der_data; + + der_data.data = (void *) buf; + der_data.size = sizeof_buf; + + if (crq == NULL) { + gnutls_assert(); + return GNUTLS_E_INVALID_REQUEST; + } + + result = + _gnutls_x509_crq_set_extension(crq, oid, &der_data, critical); + if (result < 0) { + gnutls_assert(); + return result; + } + + return 0; + +} diff --git a/lib/x509/x509_write.c b/lib/x509/x509_write.c index 8f971071d8..86b9280950 100644 --- a/lib/x509/x509_write.c +++ b/lib/x509/x509_write.c @@ -414,7 +414,7 @@ gnutls_x509_crt_set_crq_extension_by_oid(gnutls_x509_crt_t crt, /** * gnutls_x509_crt_set_extension_by_oid: * @crt: a certificate of type #gnutls_x509_crt_t - * @oid: holds an Object Identified in null terminated string + * @oid: holds an Object Identifier in null terminated string * @buf: a pointer to a DER encoded data * @sizeof_buf: holds the size of @buf * @critical: should be non-zero if the extension is to be marked as critical |