current nightly

Sortix nightly manual

This manual documents Sortix nightly, a development build that has not been officially released. You can instead view this document in the latest official manual.

NAME

X509_NAME_add_entry_by_txt, X509_NAME_add_entry_by_OBJ, X509_NAME_add_entry_by_NID, X509_NAME_add_entry, X509_NAME_delete_entry — X509_NAME modification functions

SYNOPSIS

#include <openssl/x509.h>

int
X509_NAME_add_entry_by_txt(X509_NAME *name, const char *field, int type, const unsigned char *bytes, int len, int loc, int set);

int
X509_NAME_add_entry_by_OBJ(X509_NAME *name, const ASN1_OBJECT *obj, int type, const unsigned char *bytes, int len, int loc, int set);

int
X509_NAME_add_entry_by_NID(X509_NAME *name, int nid, int type, const unsigned char *bytes, int len, int loc, int set);

int
X509_NAME_add_entry(X509_NAME *name, const X509_NAME_ENTRY *ne, int loc, int set);

X509_NAME_ENTRY *
X509_NAME_delete_entry(X509_NAME *name, int loc);

DESCRIPTION

X509_NAME_add_entry_by_txt(), X509_NAME_add_entry_by_OBJ(), and X509_NAME_add_entry_by_NID() add a field whose name is defined by a string field, an object obj or a NID nid, respectively. The field value to be added is in bytes of length len. If len is -1 then the field length is calculated internally using strlen(bytes).

The type of field is determined by type which can either be a definition of the type of bytes (such as MBSTRING_ASC) or a standard ASN.1 type (such as V_ASN1_IA5STRING). The new entry is added to a position determined by loc and set.

X509_NAME_add_entry() adds a copy of an X509_NAME_ENTRY structure ne to name. The new entry is added to a position determined by loc and set. Since a copy of ne is added, ne must be freed up after the call.

X509_NAME_delete_entry() deletes an entry from name at position loc. The deleted entry is returned and must be freed up.

The use of string types such as MBSTRING_ASC or MBSTRING_UTF8 is strongly recommended for the type parameter. This allows the internal code to correctly determine the type of the field and to apply length checks according to the relevant standards.

If instead an ASN.1 type is used, no checks are performed and the supplied data in bytes is used directly.

In X509_NAME_add_entry_by_txt() the field string represents the field name using OBJ_txt2obj(field, 0).

The loc and set parameters determine where a new entry should be added. For almost all applications, loc can be set to -1 and set to 0. This adds a new entry to the end of name as a single valued RelativeDistinguishedName (RDN).

loc actually determines the index where the new entry is inserted: if it is -1 it is appended.

set determines how the new type is added. If it is zero, a new RDN is created.

If set is -1 or 1, it is added to the previous or next RDN structure respectively. This will then be a multivalued RDN: since multivalue RDNs are very seldom used, set is almost always set to zero.

RETURN VALUES

X509_NAME_add_entry_by_txt(), X509_NAME_add_entry_by_OBJ(), X509_NAME_add_entry_by_NID(), and X509_NAME_add_entry() return 1 for success or 0 if an error occurred.

X509_NAME_delete_entry() returns either the deleted X509_NAME_ENTRY structure or NULL if an error occurred.

In some cases of failure, the reason can be determined with ERR_get_error(3).

EXAMPLES

Create an X509_NAME structure:

C=UK, O=Disorganized Organization, CN=Joe Bloggs 
 
X509_NAME *nm; 
nm = X509_NAME_new(); 
if (nm == NULL) 
	/* Some error */ 
if (!X509_NAME_add_entry_by_txt(nm, "C", MBSTRING_ASC, 
		"UK", -1, -1, 0)) 
	/* Error */ 
if (!X509_NAME_add_entry_by_txt(nm, "O", MBSTRING_ASC, 
		"Disorganized Organization", -1, -1, 0)) 
	/* Error */ 
if (!X509_NAME_add_entry_by_txt(nm, "CN", MBSTRING_ASC, 
		"Joe Bloggs", -1, -1, 0)) 
	/* Error */

HISTORY

X509_NAME_add_entry() and X509_NAME_delete_entry() first appeared in SSLeay 0.8.0 and have been available since OpenBSD 2.4.

X509_NAME_add_entry_by_txt(), X509_NAME_add_entry_by_OBJ(), and X509_NAME_add_entry_by_NID() first appeared in OpenSSL 0.9.5 and have been available since OpenBSD 2.7.

BUGS

type can still be set to V_ASN1_APP_CHOOSE to use ASN1_PRINTABLE_type(3) to determine field types. Since this form does not understand multicharacter types, performs no length checks, and can result in invalid field types, its use is strongly discouraged.