Revert "doc update"
[gnutls:gnutls.git] / extra / openssl_compat.c
1 /*
2  * Copyright (C) 2002-2012 Free Software Foundation, Inc.
3  *
4  * Author: Nikos Mavrogiannopoulos
5  *
6  * This file is part of GnuTLS-EXTRA.
7  *
8  * GnuTLS-extra is free software: you can redistribute it and/or modify
9  * it under the terms of the GNU General Public License as published by
10  * the Free Software Foundation, either version 3 of the License, or
11  * (at your option) any later version.
12  *               
13  * GnuTLS-extra is distributed in the hope that it will be useful,
14  * but WITHOUT ANY WARRANTY; without even the implied warranty of
15  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
16  * GNU General Public License for more details.
17  *                               
18  * You should have received a copy of the GNU General Public License
19  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
20  */
21
22 /* This file includes all functions that were in the 0.5.x and 0.8.x
23  * gnutls API. They are now implemented over the new certificate parsing
24  * API.
25  */
26
27 #include "gnutls_int.h"
28
29 #include <gnutls_global.h>
30 #include <gnutls_errors.h>
31 #include <string.h>             /* memset */
32 #include <x509/x509_int.h>
33 #include <libtasn1.h>
34 #include <gnutls/x509.h>
35 #include <openssl_compat.h>
36
37 /*-
38  * gnutls_x509_extract_certificate_dn:
39  * @cert: should contain an X.509 DER encoded certificate
40  * @ret: a pointer to a structure to hold the peer's name
41  *
42  * This function will return the name of the certificate holder. The name is gnutls_x509_dn structure and
43  * is a obtained by the peer's certificate. If the certificate send by the
44  * peer is invalid, or in any other failure this function returns error.
45  * Returns a negative error code in case of an error.
46  -*/
47 int
48 gnutls_x509_extract_certificate_dn(const gnutls_datum_t * cert,
49                                    gnutls_x509_dn * ret)
50 {
51         gnutls_x509_crt_t xcert;
52         int result;
53         size_t len;
54
55         result = gnutls_x509_crt_init(&xcert);
56         if (result < 0)
57                 return result;
58
59         result = gnutls_x509_crt_import(xcert, cert, GNUTLS_X509_FMT_DER);
60         if (result < 0) {
61                 gnutls_x509_crt_deinit(xcert);
62                 return result;
63         }
64
65         len = sizeof(ret->country);
66         gnutls_x509_crt_get_dn_by_oid(xcert, GNUTLS_OID_X520_COUNTRY_NAME,
67                                       0, 0, ret->country, &len);
68
69         len = sizeof(ret->organization);
70         gnutls_x509_crt_get_dn_by_oid(xcert,
71                                       GNUTLS_OID_X520_ORGANIZATION_NAME, 0,
72                                       0, ret->organization, &len);
73
74         len = sizeof(ret->organizational_unit_name);
75         gnutls_x509_crt_get_dn_by_oid(xcert,
76                                       GNUTLS_OID_X520_ORGANIZATIONAL_UNIT_NAME,
77                                       0, 0, ret->organizational_unit_name,
78                                       &len);
79
80         len = sizeof(ret->common_name);
81         gnutls_x509_crt_get_dn_by_oid(xcert, GNUTLS_OID_X520_COMMON_NAME,
82                                       0, 0, ret->common_name, &len);
83
84         len = sizeof(ret->locality_name);
85         gnutls_x509_crt_get_dn_by_oid(xcert, GNUTLS_OID_X520_LOCALITY_NAME,
86                                       0, 0, ret->locality_name, &len);
87
88         len = sizeof(ret->state_or_province_name);
89         gnutls_x509_crt_get_dn_by_oid(xcert,
90                                       GNUTLS_OID_X520_STATE_OR_PROVINCE_NAME,
91                                       0, 0, ret->state_or_province_name,
92                                       &len);
93
94         len = sizeof(ret->email);
95         gnutls_x509_crt_get_dn_by_oid(xcert, GNUTLS_OID_PKCS9_EMAIL, 0, 0,
96                                       ret->email, &len);
97
98         gnutls_x509_crt_deinit(xcert);
99
100         return 0;
101 }
102
103 /*-
104  * gnutls_x509_extract_certificate_issuer_dn:
105  * @cert: should contain an X.509 DER encoded certificate
106  * @ret: a pointer to a structure to hold the issuer's name
107  *
108  * This function will return the name of the issuer stated in the certificate. The name is a gnutls_x509_dn structure and
109  * is a obtained by the peer's certificate. If the certificate send by the
110  * peer is invalid, or in any other failure this function returns error.
111  * Returns a negative error code in case of an error.
112  -*/
113 int
114 gnutls_x509_extract_certificate_issuer_dn(const gnutls_datum_t * cert,
115                                           gnutls_x509_dn * ret)
116 {
117         gnutls_x509_crt_t xcert;
118         int result;
119         size_t len;
120
121         result = gnutls_x509_crt_init(&xcert);
122         if (result < 0)
123                 return result;
124
125         result = gnutls_x509_crt_import(xcert, cert, GNUTLS_X509_FMT_DER);
126         if (result < 0) {
127                 gnutls_x509_crt_deinit(xcert);
128                 return result;
129         }
130
131         len = sizeof(ret->country);
132         gnutls_x509_crt_get_issuer_dn_by_oid(xcert,
133                                              GNUTLS_OID_X520_COUNTRY_NAME,
134                                              0, 0, ret->country, &len);
135
136         len = sizeof(ret->organization);
137         gnutls_x509_crt_get_issuer_dn_by_oid(xcert,
138                                              GNUTLS_OID_X520_ORGANIZATION_NAME,
139                                              0, 0, ret->organization,
140                                              &len);
141
142         len = sizeof(ret->organizational_unit_name);
143         gnutls_x509_crt_get_issuer_dn_by_oid(xcert,
144                                              GNUTLS_OID_X520_ORGANIZATIONAL_UNIT_NAME,
145                                              0, 0,
146                                              ret->organizational_unit_name,
147                                              &len);
148
149         len = sizeof(ret->common_name);
150         gnutls_x509_crt_get_issuer_dn_by_oid(xcert,
151                                              GNUTLS_OID_X520_COMMON_NAME,
152                                              0, 0, ret->common_name, &len);
153
154         len = sizeof(ret->locality_name);
155         gnutls_x509_crt_get_issuer_dn_by_oid(xcert,
156                                              GNUTLS_OID_X520_LOCALITY_NAME,
157                                              0, 0, ret->locality_name,
158                                              &len);
159
160         len = sizeof(ret->state_or_province_name);
161         gnutls_x509_crt_get_issuer_dn_by_oid(xcert,
162                                              GNUTLS_OID_X520_STATE_OR_PROVINCE_NAME,
163                                              0, 0,
164                                              ret->state_or_province_name,
165                                              &len);
166
167         len = sizeof(ret->email);
168         gnutls_x509_crt_get_issuer_dn_by_oid(xcert, GNUTLS_OID_PKCS9_EMAIL,
169                                              0, 0, ret->email, &len);
170
171         gnutls_x509_crt_deinit(xcert);
172
173         return 0;
174 }