OBJ_nid2obj, OBJ_nid2ln, OBJ_nid2sn, OBJ_obj2nid, OBJ_txt2nid, OBJ_ln2nid, OBJ_sn2nid, OBJ_cmp, OBJ_dup, OBJ_txt2obj, OBJ_obj2txt, OBJ_create, OBJ_cleanup - ASN1 object utility functions
#include <openssl/objects.h>
ASN1_OBJECT * OBJ_nid2obj(int n); const char * OBJ_nid2ln(int n); const char * OBJ_nid2sn(int n);
int OBJ_obj2nid(const ASN1_OBJECT *o); int OBJ_ln2nid(const char *ln); int OBJ_sn2nid(const char *sn);
int OBJ_txt2nid(const char *s);
ASN1_OBJECT * OBJ_txt2obj(const char *s, int no_name); int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name);
int OBJ_cmp(const ASN1_OBJECT *a,const ASN1_OBJECT *b); ASN1_OBJECT * OBJ_dup(const ASN1_OBJECT *o);
int OBJ_create(const char *oid,const char *sn,const char *ln); void OBJ_cleanup(void);
The ASN1 object utility functions process ASN1_OBJECT structures which are a representation of the ASN1 OBJECT IDENTIFIER (OID) type. For convenience, OIDs are usually represented in source code as numeric identifiers, or NIDs. OpenSSL has an internal table of OIDs that are generated when the library is built, and their corresponding NIDs are available as defined constants. For the functions below, application code should treat all returned values -- OIDs, NIDs, or names -- as constants.
OBJ_nid2obj(), OBJ_nid2ln()
and OBJ_nid2sn()
convert the NID n to
an ASN1_OBJECT structure, its long name and its short name respectively,
or NULL if an error occurred.
OBJ_obj2nid(), OBJ_ln2nid(), OBJ_sn2nid()
return the corresponding NID
for the object o, the long name <ln> or the short name <sn> respectively
or NID_undef if an error occurred.
OBJ_txt2nid()
returns NID corresponding to text string <s>. s can be
a long name, a short name or the numerical respresentation of an object.
OBJ_txt2obj()
converts the text string s into an ASN1_OBJECT structure.
If no_name is 0 then long names and short names will be interpreted
as well as numerical forms. If no_name is 1 only the numerical form
is acceptable.
OBJ_obj2txt()
converts the ASN1_OBJECT a into a textual representation.
The representation is written as a null terminated string to buf
at most buf_len bytes are written, truncating the result if necessary.
The total amount of space required is returned. If no_name is 0 then
if the object has a long or short name then that will be used, otherwise
the numerical form will be used. If no_name is 1 then the numerical
form will always be used.
OBJ_cmp()
compares a to b. If the two are identical 0 is returned.
OBJ_dup()
returns a copy of o.
OBJ_create()
adds a new object to the internal table. oid is the
numerical form of the object, sn the short name and ln the
long name. A new NID is returned for the created object.
OBJ_cleanup()
cleans up OpenSSLs internal object table: this should
be called before an application exits if any new objects were added
using OBJ_create().
Objects in OpenSSL can have a short name, a long name and a numerical identifier (NID) associated with them. A standard set of objects is represented in an internal table. The appropriate values are defined in the header file objects.h.
For example the OID for commonName has the following definitions:
#define SN_commonName "CN" #define LN_commonName "commonName" #define NID_commonName 13
New objects can be added by calling OBJ_create().
Table objects have certain advantages over other objects: for example their NIDs can be used in a C language switch statement. They are also static constant structures which are shared: that is there is only a single constant structure for each table object.
Objects which are not in the table have the NID value NID_undef.
Objects do not need to be in the internal tables to be processed,
the functions OBJ_txt2obj()
and OBJ_obj2txt()
can process the numerical
form of an OID.
Some objects are used to represent algorithms which do not have a
corresponding ASN.1 OBJECT IDENTIFIER encoding (for example no OID currently
exists for a particular algorithm). As a result they cannot be encoded or
decoded as part of ASN.1 structures. Applications can determine if there
is a corresponding OBJECT IDENTIFIER by checking OBJ_length()
is not zero.
These functions cannot return const because an ASN1_OBJECT can represent both an internal, constant, OID and a dynamically-created one. The latter cannot be constant because it needs to be freed after use.
Create an object for commonName:
ASN1_OBJECT *o; o = OBJ_nid2obj(NID_commonName);
Check if an object is commonName
if (OBJ_obj2nid(obj) == NID_commonName) /* Do something */
Create a new NID and initialize an object from it:
int new_nid; ASN1_OBJECT *obj;
new_nid = OBJ_create("1.2.3.4", "NewOID", "New Object Identifier");
obj = OBJ_nid2obj(new_nid); Create a new object directly:
obj = OBJ_txt2obj("1.2.3.4", 1);
OBJ_obj2txt()
is awkward and messy to use: it doesn't follow the
convention of other OpenSSL functions where the buffer can be set
to NULL to determine the amount of data that should be written.
Instead buf must point to a valid buffer and buf_len should
be set to a positive value. A buffer length of 80 should be more
than enough to handle any OID encountered in practice.
OBJ_nid2obj()
returns an ASN1_OBJECT structure or NULL is an
error occurred.
It returns a pointer to an internal table and does not
allocate memory; ASN1_OBJECT_free()
will have no effect.
OBJ_nid2ln()
and OBJ_nid2sn()
returns a valid string or NULL
on error.
OBJ_obj2nid(), OBJ_ln2nid(), OBJ_sn2nid()
and OBJ_txt2nid()
return
a NID or NID_undef on error.
TBA