[gnutls-dev] non-ASCII ASN.1 string types
joe at manyfish.co.uk
Sun Oct 17 13:55:06 CEST 2004
On Sun, Oct 17, 2004 at 12:46:30PM +0200, Nikos Mavrogiannopoulos wrote:
> On Sunday 17 October 2004 12:08, Joe Orton wrote:
> > > Ok. The newest patch will print something like:
> > > Subject: C=GB,ST=Cambridgeshire,L=Cambridge,O=Neon Hackers
> > > Ltd,OU=#48e86c6c6f20576f726c64,CN=localhost,EMAIL=neon at webdav.org
> > I dunno, I'd rather the functions fail if the RDN can't be
> > auto-converted into UTF-8 per the docs
> I don't like this behaviour. And according to my intrerpretation of rfc2253,
> this is the proper thing to do when an unsupported character set is found in
> the asn.1 encoding.
Well I guess the interface is simply not flexible enough for this to be
decided by the app, where ultimately it should be. I have no need for
2253-style formatting in neon, I'd prefer to be able to skip RDNs which
I can't produce human-readable strings from than show random hex strings
to the user.
> > On this subject: is there a way to iterate over all the RDNs in the
> > subject or issuer DN using GNU TLS? neon needs to produce
> > human-readable DNs - this is easy using OpenSSL's X509_NAME interface,
> > but I can't find a way of doing it in GNU TLS. Can anyone help?
> Yes. You can use:
> after calling gnutls_x509_crt_get_dn_oid() to get all OIDs in the DN.
Ah, yes, I couldn't work out at all what _get_dn_oid was putting the
passed-in buffer. Can you explain how the OIDs are formatted in the
buffer, or give an example of how I'd do this?
Thanks for your responses!
More information about the Gnutls-devel