Parsing subject/issuer strings in X.509
David von Oheimb
dev at ddvo.net
Fri Jul 23 06:57:40 UTC 2021
What I use is
X509_NAME *nname = parse_name(string, MBSTRING_ASC, 1, desc);
which is not an official API function but defined in apps/lib/apps.c:
* name is expected to be in the format /type0=value0/type1=value1/type2=...
* where + can be used instead of / to form multi-valued RDNs if canmulti
* and characters may be escaped by \
X509_NAME *parse_name(const char *cp, int chtype, int canmulti, const
Would be good to have such a function as part of the X.509 API.
On 23.07.21 07:49, Viktor Dukhovni wrote:
>> On 22 Jul 2021, at 9:29 pm, Philip Prindeville <philipp_subx at redfish-solutions.com> wrote:
>> I'm wondering what the function is that takes a string and returns X509_NAME with the attribute/value pairs of the parsed DN.
> There is no such function in general, since the are many potential
> string forms of X.509 names, not all of which are unambiguously
> machine readable.
> There are various functions for augmenting a partially built name
> with an attribute-value pair, but the parsing of a string a list
> of such attribute-value pairs is up to you. :-(
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the openssl-users