"Stefan Pedersen (QIN)" wrote:
>
> Here is how I do it... Maybe there is a more aproperiate API for this
> but I haven't found it.
>
> ---------8<-----------
> X509_NAME* x509name;
> X509_NAME_ENTRY* x509entry;
> int nid;
> int i;
>
> for(i = 0; i < x509name->entries->num; i++)
> {
> entry = (X509_NAME_ENTRY*)x509name->entries->data[i];
> nid = OBJ_obj2nid(entry->object);
> switch(nid)
> {
> case NID_commonName:
> ...
> ...
> }
> }
>
> ------8<-----------
>
Ouch! Please don't do that. It breaks a number of unwritten rules (which
I suppose should be in the FAQ). One of them is never access structure
members directly unless you have to. The reason is that structures may
change but the functions that process them (if any) will still work.
This is important for reasons of binary compatibility among others.
Anyway in this case there are all manner of API functions that can
handle this. Most of the useful ones are in crypto/x509/x509name.c but
are currently not well documented. There's stuff there to lookup stuff
in X509_NAME structures, read the text, print them out, add, delete etc
etc.
Steve.
--
Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/
Personal Email: [EMAIL PROTECTED]
Senior crypto engineer, Celo Communications: http://www.celocom.com/
Core developer of the OpenSSL project: http://www.openssl.org/
Business Email: [EMAIL PROTECTED] PGP key: via homepage.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
