NAME

d2i_X509_NAME, i2d_X509_NAME, X509_NAME_get0_der, X509_NAME_dup, X509_NAME_set, d2i_X509_NAME_ENTRY, i2d_X509_NAME_ENTRY, X509_NAME_ENTRY_dup — decode and encode X.501 Name objects

SYNOPSIS

#include <openssl/x509.h> X509_NAME *
d2i_X509_NAME(X509_NAME **val_out, unsigned char **der_in, long length); int
i2d_X509_NAME(X509_NAME *val_in, unsigned char **der_out); int
X509_NAME_get0_der(X509_NAME *val_in, const unsigned char **der_out, size_t *out_len); X509_NAME *
X509_NAME_dup(X509_NAME *val_in); int
X509_NAME_set(X509_NAME **val_out, X509_NAME *val_in); X509_NAME_ENTRY *
d2i_X509_NAME_ENTRY(X509_NAME_ENTRY **val_out, unsigned char **der_in, long length); int
i2d_X509_NAME_ENTRY(X509_NAME_ENTRY *val_in, unsigned char **der_out); X509_NAME_ENTRY *
X509_NAME_ENTRY_dup(X509_NAME_ENTRY *val_in);

DESCRIPTION

These functions decode and encode X.501 Name objects using DER format. For details about the semantics, examples, caveats, and bugs, see ASN1_item_d2i(3). d2i_X509_NAME() and i2d_X509_NAME() decode and encode an ASN.1 Name structure defined in RFC 5280 section 4.1.2.4. X509_NAME_get0_der() is a variant of i2d_X509_NAME() that does not copy the encoded output but instead returns a pointer to the internally cached DER-encoded version of the name. Also, it does not return the length of the output in bytes, but instead stores it in out_len. If the cached encoded form happens to be out of date, both functions update it before copying it or returning a pointer to it. X509_NAME_dup() copies val_in by calling i2d_X509_NAME() and d2i_X509_NAME(). X509_NAME_set() makes sure that *val_out contains the same data as val_in after the call, except that it fails if val_in is NULL. If *val_out is the same pointer as val_in, the function succeeds without changing anything. Otherwise, it copies val_in using X509_NAME_dup(), and in case of success, it frees *val_out and sets it to a pointer to the the new object. When the function fails, it never changes anything. In any case, val_in remains valid and may or may not be the same pointer as *val_out after the call. d2i_X509_NAME_ENTRY() and i2d_X509_NAME_ENTRY() decode and encode an ASN.1 RelativeDistinguishedName structure defined in RFC 5280 section 4.1.2.4. X509_NAME_ENTRY_dup() copies val_in by calling i2d_X509_NAME_ENTRY() and d2i_X509_NAME_ENTRY().

RETURN VALUES

d2i_X509_NAME() and X509_NAME_dup() return the new X509_NAME object or NULL if an error occurs. X509_NAME_set() and X509_NAME_get0_der() return 1 on success or 0 if an error occurs. d2i_X509_NAME_ENTRY() and X509_NAME_ENTRY_dup() return the new X509_NAME_ENTRY object or NULL if an error occurs. i2d_X509_NAME() and i2d_X509_NAME_ENTRY() return the number of bytes successfully encoded or a negative value if an error occurs.

SEE ALSO

ASN1_item_d2i(3), X509_NAME_ENTRY_new(3), X509_NAME_new(3), X509_NAME_print_ex(3)

STANDARDS

RFC 5280: Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile ITU-T Recommendation X.690, also known as ISO/IEC 8825-1: Information technology - ASN.1 encoding rules: Specification of Basic Encoding Rules (BER), Canonical Encoding Rules (CER) and Distinguished Encoding Rules (DER).

HISTORY

X509_NAME_dup() first appeared in SSLeay 0.4.4. d2i_X509_NAME(), i2d_X509_NAME(), d2i_X509_NAME_ENTRY(), i2d_X509_NAME_ENTRY(), and X509_NAME_ENTRY_dup() first appeared in SSLeay 0.5.1. X509_NAME_set() first appeared in SSLeay 0.8.0. These functions have been available since OpenBSD 2.4. X509_NAME_get0_der() first appeared in OpenSSL 1.1.0 and has been available since OpenBSD 6.3.