1=pod 2 3=head1 NAME 4 5i2t_ASN1_OBJECT, 6OBJ_length, OBJ_get0_data, OBJ_nid2obj, OBJ_nid2ln, 7OBJ_nid2sn, OBJ_obj2nid, OBJ_txt2nid, OBJ_ln2nid, OBJ_sn2nid, OBJ_cmp, 8OBJ_dup, OBJ_txt2obj, OBJ_obj2txt, OBJ_create, OBJ_cleanup, OBJ_add_sigid 9- ASN1 object utility functions 10 11=head1 SYNOPSIS 12 13 #include <openssl/objects.h> 14 15 ASN1_OBJECT *OBJ_nid2obj(int n); 16 const char *OBJ_nid2ln(int n); 17 const char *OBJ_nid2sn(int n); 18 19 int OBJ_obj2nid(const ASN1_OBJECT *o); 20 int OBJ_ln2nid(const char *ln); 21 int OBJ_sn2nid(const char *sn); 22 23 int OBJ_txt2nid(const char *s); 24 25 ASN1_OBJECT *OBJ_txt2obj(const char *s, int no_name); 26 int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name); 27 28 int i2t_ASN1_OBJECT(char *buf, int buf_len, const ASN1_OBJECT *a); 29 30 int OBJ_cmp(const ASN1_OBJECT *a, const ASN1_OBJECT *b); 31 ASN1_OBJECT *OBJ_dup(const ASN1_OBJECT *o); 32 33 int OBJ_create(const char *oid, const char *sn, const char *ln); 34 35 size_t OBJ_length(const ASN1_OBJECT *obj); 36 const unsigned char *OBJ_get0_data(const ASN1_OBJECT *obj); 37 38 int OBJ_add_sigid(int signid, int dig_id, int pkey_id); 39 40Deprecated since OpenSSL 1.1.0, can be hidden entirely by defining 41B<OPENSSL_API_COMPAT> with a suitable version value, see 42L<openssl_user_macros(7)>: 43 44 void OBJ_cleanup(void); 45 46=head1 DESCRIPTION 47 48The ASN1 object utility functions process ASN1_OBJECT structures which are 49a representation of the ASN1 OBJECT IDENTIFIER (OID) type. 50For convenience, OIDs are usually represented in source code as numeric 51identifiers, or B<NID>s. OpenSSL has an internal table of OIDs that 52are generated when the library is built, and their corresponding NIDs 53are available as defined constants. For the functions below, application 54code should treat all returned values -- OIDs, NIDs, or names -- as 55constants. 56 57OBJ_nid2obj(), OBJ_nid2ln() and OBJ_nid2sn() convert the NID I<n> to 58an ASN1_OBJECT structure, its long name and its short name respectively, 59or B<NULL> if an error occurred. 60 61OBJ_obj2nid(), OBJ_ln2nid(), OBJ_sn2nid() return the corresponding NID 62for the object I<o>, the long name I<ln> or the short name I<sn> respectively 63or NID_undef if an error occurred. 64 65OBJ_txt2nid() returns NID corresponding to text string I<s>. I<s> can be 66a long name, a short name or the numerical representation of an object. 67 68OBJ_txt2obj() converts the text string I<s> into an ASN1_OBJECT structure. 69If I<no_name> is 0 then long names and short names will be interpreted 70as well as numerical forms. If I<no_name> is 1 only the numerical form 71is acceptable. 72 73OBJ_obj2txt() converts the B<ASN1_OBJECT> I<a> into a textual representation. 74The representation is written as a null terminated string to I<buf> 75at most I<buf_len> bytes are written, truncating the result if necessary. 76The total amount of space required is returned. If I<no_name> is 0 then 77if the object has a long or short name then that will be used, otherwise 78the numerical form will be used. If I<no_name> is 1 then the numerical 79form will always be used. 80 81i2t_ASN1_OBJECT() is the same as OBJ_obj2txt() with the I<no_name> set to zero. 82 83OBJ_cmp() compares I<a> to I<b>. If the two are identical 0 is returned. 84 85OBJ_dup() returns a copy of I<o>. 86 87OBJ_create() adds a new object to the internal table. I<oid> is the 88numerical form of the object, I<sn> the short name and I<ln> the 89long name. A new NID is returned for the created object in case of 90success and NID_undef in case of failure. 91 92OBJ_length() returns the size of the content octets of I<obj>. 93 94OBJ_get0_data() returns a pointer to the content octets of I<obj>. 95The returned pointer is an internal pointer which B<must not> be freed. 96 97OBJ_add_sigid() creates a new composite "Signature Algorithm" that associates a 98given NID with two other NIDs - one representing the underlying signature 99algorithm and the other representing a digest algorithm to be used in 100conjunction with it. I<signid> represents the NID for the composite "Signature 101Algorithm", I<dig_id> is the NID for the digest algorithm and I<pkey_id> is the 102NID for the underlying signature algorithm. As there are signature algorithms 103that do not require a digest, NID_undef is a valid I<dig_id>. 104 105OBJ_cleanup() releases any resources allocated by creating new objects. 106 107=head1 NOTES 108 109Objects in OpenSSL can have a short name, a long name and a numerical 110identifier (NID) associated with them. A standard set of objects is 111represented in an internal table. The appropriate values are defined 112in the header file B<objects.h>. 113 114For example the OID for commonName has the following definitions: 115 116 #define SN_commonName "CN" 117 #define LN_commonName "commonName" 118 #define NID_commonName 13 119 120New objects can be added by calling OBJ_create(). 121 122Table objects have certain advantages over other objects: for example 123their NIDs can be used in a C language switch statement. They are 124also static constant structures which are shared: that is there 125is only a single constant structure for each table object. 126 127Objects which are not in the table have the NID value NID_undef. 128 129Objects do not need to be in the internal tables to be processed, 130the functions OBJ_txt2obj() and OBJ_obj2txt() can process the numerical 131form of an OID. 132 133Some objects are used to represent algorithms which do not have a 134corresponding ASN.1 OBJECT IDENTIFIER encoding (for example no OID currently 135exists for a particular algorithm). As a result they B<cannot> be encoded or 136decoded as part of ASN.1 structures. Applications can determine if there 137is a corresponding OBJECT IDENTIFIER by checking OBJ_length() is not zero. 138 139These functions cannot return B<const> because an B<ASN1_OBJECT> can 140represent both an internal, constant, OID and a dynamically-created one. 141The latter cannot be constant because it needs to be freed after use. 142 143These functions were not thread safe in OpenSSL 3.0 and before. 144 145=head1 RETURN VALUES 146 147OBJ_nid2obj() returns an B<ASN1_OBJECT> structure or B<NULL> is an 148error occurred. 149 150OBJ_nid2ln() and OBJ_nid2sn() returns a valid string or B<NULL> 151on error. 152 153OBJ_obj2nid(), OBJ_ln2nid(), OBJ_sn2nid() and OBJ_txt2nid() return 154a NID or B<NID_undef> on error. 155 156OBJ_add_sigid() returns 1 on success or 0 on error. 157 158=head1 EXAMPLES 159 160Create an object for B<commonName>: 161 162 ASN1_OBJECT *o = OBJ_nid2obj(NID_commonName); 163 164Check if an object is B<commonName> 165 166 if (OBJ_obj2nid(obj) == NID_commonName) 167 /* Do something */ 168 169Create a new NID and initialize an object from it: 170 171 int new_nid = OBJ_create("1.2.3.4", "NewOID", "New Object Identifier"); 172 ASN1_OBJECT *obj = OBJ_nid2obj(new_nid); 173 174Create a new object directly: 175 176 obj = OBJ_txt2obj("1.2.3.4", 1); 177 178=head1 BUGS 179 180OBJ_obj2txt() is awkward and messy to use: it doesn't follow the 181convention of other OpenSSL functions where the buffer can be set 182to B<NULL> to determine the amount of data that should be written. 183Instead I<buf> must point to a valid buffer and I<buf_len> should 184be set to a positive value. A buffer length of 80 should be more 185than enough to handle any OID encountered in practice. 186 187=head1 SEE ALSO 188 189L<ERR_get_error(3)> 190 191=head1 HISTORY 192 193OBJ_cleanup() was deprecated in OpenSSL 1.1.0 by L<OPENSSL_init_crypto(3)> 194and should not be used. 195 196=head1 COPYRIGHT 197 198Copyright 2002-2021 The OpenSSL Project Authors. All Rights Reserved. 199 200Licensed under the Apache License 2.0 (the "License"). You may not use 201this file except in compliance with the License. You can obtain a copy 202in the file LICENSE in the source distribution or at 203L<https://www.openssl.org/source/license.html>. 204 205=cut 206