Re: Parsing subject/issuer strings in X.509

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Yeah, agreed, although I'd like the parser to work with the output of "openssl x509 ... -subject", i.e. RFC-4514 format, which is "CN=name, O=Acme Corporation, C=US" ... etc.



On Jul 23, 2021, at 12:57 AM, David von Oheimb <dev@xxxxxxxx> wrote:

What I use is

        X509_NAME *nname = parse_name(string, MBSTRING_ASC, 1, desc);

which is not an official API function but defined in apps/lib/apps.c:

/*
 * name is expected to be in the format /type0=value0/type1=value1/type2=...
 * where + can be used instead of / to form multi-valued RDNs if canmulti
 * and characters may be escaped by \
 */
X509_NAME *parse_name(const char *cp, int chtype, int canmulti, const char *desc)

Would be good to have such a function as part of the X.509 API.

    David

On 23.07.21 07:49, Viktor Dukhovni wrote:
On 22 Jul 2021, at 9:29 pm, Philip Prindeville <philipp_subx@xxxxxxxxxxxxxxxxxxxxx> wrote:

I'm wondering what the function is that takes a string and returns X509_NAME with the attribute/value pairs of the parsed DN.
There is no such function in general, since the are many potential
string forms of X.509 names, not all of which are unambiguously
machine readable.

There are various functions for augmenting a partially built name
with an attribute-value pair, but the parsing of a string a list
of such attribute-value pairs is up to you. :-(



[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux