[gnutls-devel] gnutls_x509_dn_get_rdn_ava and sequences
Nikos Mavrogiannopoulos
nmav at gnutls.org
Fri Jan 24 20:03:04 CET 2014
On 01/24/2014 06:31 PM, Kurt Roeckx wrote:
>>>> It models the sequence of sequences in the DN itself, not any possible
>>>> sequence within the individual fields. The postalAddress field as you
>>>> notice is a sequence as well. That's why you see that difference and
>>>> that's the reason it is not being decoded by default.
>>> So are there some functions I can use that to go over that
>>> sequence, or do I need to write my own parser?
>>
>> You can decode it using libtasn1 or even a custom parser. If you do a
>> patch for gnutls to decode it would also be appreciated.
>
> What did you have in mind for patching in gnutls? That certtool
> can handle it? That there is an API other than using libtasn1 to
> do it?
For more complex encoding than octet strings libtasn1 is the easiest to
use (although the complexity of PostalString is really borderline and
making a custom parser may be actually faster).
I was thinking about gnutls_x509_crt_get_dn() (under the hood is
gnutls_x509_crt_get_dn()) that decodes DNs to plain LDAP strings.
regards,
Nikos
More information about the Gnutls-devel
mailing list