Add function to return internal enoding of X509_NAME.

PR#4280

Reviewed-by: Tim Hudson <tjh@openssl.org>

4 files changed, 37 insertions, 6 deletions

diff --git a/crypto/x509/x_name.c b/crypto/x509/x_name.c
index 9cc855a547..9133e3cb82 100644
--- a/crypto/x509/x_name.c
+++ b/crypto/x509/x_name.c
@@ -567,3 +567,16 @@ int X509_NAME_print(BIO *bp, X509_NAME *name, int obase)
     OPENSSL_free(b);
     return 0;
 }
+
+int X509_NAME_get0_der(const unsigned char **pder, size_t *pderlen,
+                       X509_NAME *nm)
+{
+    /* Make sure encoding is valid */
+    if (i2d_X509_NAME(nm, NULL) <= 0)
+        return 0;
+    if (pder != NULL)
+        *pder = (unsigned char *)nm->bytes->data;
+    if (pderlen != NULL)
+        *pderlen = nm->bytes->length;
+    return 1;
+}
diff --git a/doc/crypto/d2i_X509_NAME.pod b/doc/crypto/d2i_X509_NAME.pod
index ca52f53f16..d1d32dfcd8 100644
--- a/doc/crypto/d2i_X509_NAME.pod
+++ b/doc/crypto/d2i_X509_NAME.pod
@@ -11,21 +11,35 @@ d2i_X509_NAME, i2d_X509_NAME - X509_NAME encoding functions
  X509_NAME *d2i_X509_NAME(X509_NAME **a, unsigned char **pp, long length);
  int i2d_X509_NAME(X509_NAME *a, unsigned char **pp);
 
+ int X509_NAME_get0_der(const unsigned char **pder, size_t *pderlen,
+                        X509_NAME *nm)
+
+
 =head1 DESCRIPTION
 
-These functions decode and encode an B<X509_NAME> structure which is the
-same as the B<Name> type defined in RFC2459 (and elsewhere) and used
-for example in certificate subject and issuer names.
+The functions d2i_X509_NAME() and i2d_X509_NAME() decode and encode an
+B<X509_NAME> structure which is the same as the B<Name> type defined in
+RFC3280 (and elsewhere) and used for example in certificate subject and
+issuer names.
 
 Otherwise the functions behave in a similar way to d2i_X509() and i2d_X509()
 described in the L<d2i_X509(3)> manual page.
 
+The function X509_NAME_get0_der() returns an internal pointer to the
+encoding of an B<X509_NAME> structure in B<*pder> and consisting of
+B<*pderlen> bytes. It is useful for applications that wish to examine
+the encoding of an B<X509_NAME> structure without copying it.
+
+=head1 RETURN VALUES
+
 =head1 SEE ALSO
 
-L<d2i_X509(3)>
+The meanings of the return values of d2i_X509_NAME() and i2d_X509_NAME()
+are similar to those for d2i_X509() and i2d_X509().
 
-=head1 HISTORY
+The function X509_NAME_get0_der() returns 1 for success and 0 if an error
+occurred.
 
-TBA
+L<d2i_X509(3)>
 
 =cut
diff --git a/include/openssl/x509.h b/include/openssl/x509.h
index 7581bb4be8..31f784dccc 100644
--- a/include/openssl/x509.h
+++ b/include/openssl/x509.h
@@ -873,6 +873,9 @@ ASN1_OBJECT *X509_NAME_ENTRY_get_object(X509_NAME_ENTRY *ne);
 ASN1_STRING *X509_NAME_ENTRY_get_data(X509_NAME_ENTRY *ne);
 int X509_NAME_ENTRY_set(const X509_NAME_ENTRY *ne);
 
+int X509_NAME_get0_der(const unsigned char **pder, size_t *pderlen,
+                       X509_NAME *nm);
+
 int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x);
 int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x,
                           int nid, int lastpos);
diff --git a/util/libeay.num b/util/libeay.num
index 31f6a063c7..951add79ee 100755
--- a/util/libeay.num
+++ b/util/libeay.num
@@ -4765,3 +4765,4 @@ OCSP_resp_get0_produced_at              5159	1_1_0	EXIST::FUNCTION:
 TS_STATUS_INFO_get0_failure_info        5160	1_1_0	EXIST::FUNCTION:
 TS_STATUS_INFO_get0_text                5161	1_1_0	EXIST::FUNCTION:
 CRYPTO_secure_zalloc                    5162	1_1_0	EXIST::FUNCTION:
+X509_NAME_get0_der                      5163	1_1_0	EXIST::FUNCTION: