1=pod
2
3=head1 NAME
4
5i2t_ASN1_OBJECT,
6OBJ_length, OBJ_get0_data, OBJ_nid2obj, OBJ_nid2ln,
7OBJ_nid2sn, OBJ_obj2nid, OBJ_txt2nid, OBJ_ln2nid, OBJ_sn2nid, OBJ_cmp,
8OBJ_dup, OBJ_txt2obj, OBJ_obj2txt, OBJ_create, OBJ_cleanup, OBJ_add_sigid
9- ASN1 object utility functions
10
11=head1 SYNOPSIS
12
13 #include <openssl/objects.h>
14
15 ASN1_OBJECT *OBJ_nid2obj(int n);
16 const char *OBJ_nid2ln(int n);
17 const char *OBJ_nid2sn(int n);
18
19 int OBJ_obj2nid(const ASN1_OBJECT *o);
20 int OBJ_ln2nid(const char *ln);
21 int OBJ_sn2nid(const char *sn);
22
23 int OBJ_txt2nid(const char *s);
24
25 ASN1_OBJECT *OBJ_txt2obj(const char *s, int no_name);
26 int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name);
27
28 int i2t_ASN1_OBJECT(char *buf, int buf_len, const ASN1_OBJECT *a);
29
30 int OBJ_cmp(const ASN1_OBJECT *a, const ASN1_OBJECT *b);
31 ASN1_OBJECT *OBJ_dup(const ASN1_OBJECT *o);
32
33 int OBJ_create(const char *oid, const char *sn, const char *ln);
34
35 size_t OBJ_length(const ASN1_OBJECT *obj);
36 const unsigned char *OBJ_get0_data(const ASN1_OBJECT *obj);
37
38 int OBJ_add_sigid(int signid, int dig_id, int pkey_id);
39
40Deprecated since OpenSSL 1.1.0, can be hidden entirely by defining
41B<OPENSSL_API_COMPAT> with a suitable version value, see
42L<openssl_user_macros(7)>:
43
44 void OBJ_cleanup(void);
45
46=head1 DESCRIPTION
47
48The ASN1 object utility functions process ASN1_OBJECT structures which are
49a representation of the ASN1 OBJECT IDENTIFIER (OID) type.
50For convenience, OIDs are usually represented in source code as numeric
51identifiers, or B<NID>s.  OpenSSL has an internal table of OIDs that
52are generated when the library is built, and their corresponding NIDs
53are available as defined constants.  For the functions below, application
54code should treat all returned values -- OIDs, NIDs, or names -- as
55constants.
56
57OBJ_nid2obj(), OBJ_nid2ln() and OBJ_nid2sn() convert the NID I<n> to
58an ASN1_OBJECT structure, its long name and its short name respectively,
59or B<NULL> if an error occurred.
60
61OBJ_obj2nid(), OBJ_ln2nid(), OBJ_sn2nid() return the corresponding NID
62for the object I<o>, the long name I<ln> or the short name I<sn> respectively
63or NID_undef if an error occurred.
64
65OBJ_txt2nid() returns NID corresponding to text string I<s>. I<s> can be
66a long name, a short name or the numerical representation of an object.
67
68OBJ_txt2obj() converts the text string I<s> into an ASN1_OBJECT structure.
69If I<no_name> is 0 then long names and short names will be interpreted
70as well as numerical forms. If I<no_name> is 1 only the numerical form
71is acceptable.
72
73OBJ_obj2txt() converts the B<ASN1_OBJECT> I<a> into a textual representation.
74The representation is written as a null terminated string to I<buf>
75at most I<buf_len> bytes are written, truncating the result if necessary.
76The total amount of space required is returned. If I<no_name> is 0 then
77if the object has a long or short name then that will be used, otherwise
78the numerical form will be used. If I<no_name> is 1 then the numerical
79form will always be used.
80
81i2t_ASN1_OBJECT() is the same as OBJ_obj2txt() with the I<no_name> set to zero.
82
83OBJ_cmp() compares I<a> to I<b>. If the two are identical 0 is returned.
84
85OBJ_dup() returns a copy of I<o>.
86
87OBJ_create() adds a new object to the internal table. I<oid> is the
88numerical form of the object, I<sn> the short name and I<ln> the
89long name. A new NID is returned for the created object in case of
90success and NID_undef in case of failure.
91
92OBJ_length() returns the size of the content octets of I<obj>.
93
94OBJ_get0_data() returns a pointer to the content octets of I<obj>.
95The returned pointer is an internal pointer which B<must not> be freed.
96
97OBJ_add_sigid() creates a new composite "Signature Algorithm" that associates a
98given NID with two other NIDs - one representing the underlying signature
99algorithm and the other representing a digest algorithm to be used in
100conjunction with it. I<signid> represents the NID for the composite "Signature
101Algorithm", I<dig_id> is the NID for the digest algorithm and I<pkey_id> is the
102NID for the underlying signature algorithm. As there are signature algorithms
103that do not require a digest, NID_undef is a valid I<dig_id>.
104
105OBJ_cleanup() releases any resources allocated by creating new objects.
106
107=head1 NOTES
108
109Objects in OpenSSL can have a short name, a long name and a numerical
110identifier (NID) associated with them. A standard set of objects is
111represented in an internal table. The appropriate values are defined
112in the header file B<objects.h>.
113
114For example the OID for commonName has the following definitions:
115
116 #define SN_commonName                   "CN"
117 #define LN_commonName                   "commonName"
118 #define NID_commonName                  13
119
120New objects can be added by calling OBJ_create().
121
122Table objects have certain advantages over other objects: for example
123their NIDs can be used in a C language switch statement. They are
124also static constant structures which are shared: that is there
125is only a single constant structure for each table object.
126
127Objects which are not in the table have the NID value NID_undef.
128
129Objects do not need to be in the internal tables to be processed,
130the functions OBJ_txt2obj() and OBJ_obj2txt() can process the numerical
131form of an OID.
132
133Some objects are used to represent algorithms which do not have a
134corresponding ASN.1 OBJECT IDENTIFIER encoding (for example no OID currently
135exists for a particular algorithm). As a result they B<cannot> be encoded or
136decoded as part of ASN.1 structures. Applications can determine if there
137is a corresponding OBJECT IDENTIFIER by checking OBJ_length() is not zero.
138
139These functions cannot return B<const> because an B<ASN1_OBJECT> can
140represent both an internal, constant, OID and a dynamically-created one.
141The latter cannot be constant because it needs to be freed after use.
142
143These functions were not thread safe in OpenSSL 3.0 and before.
144
145=head1 RETURN VALUES
146
147OBJ_nid2obj() returns an B<ASN1_OBJECT> structure or B<NULL> is an
148error occurred.
149
150OBJ_nid2ln() and OBJ_nid2sn() returns a valid string or B<NULL>
151on error.
152
153OBJ_obj2nid(), OBJ_ln2nid(), OBJ_sn2nid() and OBJ_txt2nid() return
154a NID or B<NID_undef> on error.
155
156OBJ_add_sigid() returns 1 on success or 0 on error.
157
158=head1 EXAMPLES
159
160Create an object for B<commonName>:
161
162 ASN1_OBJECT *o = OBJ_nid2obj(NID_commonName);
163
164Check if an object is B<commonName>
165
166 if (OBJ_obj2nid(obj) == NID_commonName)
167     /* Do something */
168
169Create a new NID and initialize an object from it:
170
171 int new_nid = OBJ_create("1.2.3.4", "NewOID", "New Object Identifier");
172 ASN1_OBJECT *obj = OBJ_nid2obj(new_nid);
173
174Create a new object directly:
175
176 obj = OBJ_txt2obj("1.2.3.4", 1);
177
178=head1 BUGS
179
180OBJ_obj2txt() is awkward and messy to use: it doesn't follow the
181convention of other OpenSSL functions where the buffer can be set
182to B<NULL> to determine the amount of data that should be written.
183Instead I<buf> must point to a valid buffer and I<buf_len> should
184be set to a positive value. A buffer length of 80 should be more
185than enough to handle any OID encountered in practice.
186
187=head1 SEE ALSO
188
189L<ERR_get_error(3)>
190
191=head1 HISTORY
192
193OBJ_cleanup() was deprecated in OpenSSL 1.1.0 by L<OPENSSL_init_crypto(3)>
194and should not be used.
195
196=head1 COPYRIGHT
197
198Copyright 2002-2021 The OpenSSL Project Authors. All Rights Reserved.
199
200Licensed under the Apache License 2.0 (the "License").  You may not use
201this file except in compliance with the License.  You can obtain a copy
202in the file LICENSE in the source distribution or at
203L<https://www.openssl.org/source/license.html>.
204
205=cut
206