OpenBSD manual page server

Manual Page Search Parameters

ASN1_STRING_LENGTH(3) Library Functions Manual ASN1_STRING_LENGTH(3)

ASN1_STRING_cmp, ASN1_OCTET_STRING_cmp, ASN1_STRING_data, ASN1_STRING_dup, ASN1_OCTET_STRING_dup, ASN1_STRING_get0_data, ASN1_STRING_length, ASN1_STRING_length_set, ASN1_STRING_set0, ASN1_STRING_set, ASN1_OCTET_STRING_set, ASN1_STRING_copy, ASN1_STRING_to_UTF8, ASN1_STRING_typeASN1_STRING utility functions

#include <openssl/asn1.h>

int
ASN1_STRING_cmp(const ASN1_STRING *a, const ASN1_STRING *b);

int
ASN1_OCTET_STRING_cmp(const ASN1_OCTET_STRING *a, const ASN1_OCTET_STRING *b);

unsigned char *
ASN1_STRING_data(ASN1_STRING *x);

ASN1_STRING *
ASN1_STRING_dup(const ASN1_STRING *a);

ASN1_OCTET_STRING *
ASN1_OCTET_STRING_dup(const ASN1_OCTET_STRING *a);

const unsigned char *
ASN1_STRING_get0_data(const ASN1_STRING *x);

int
ASN1_STRING_length(const ASN1_STRING *x);

void
ASN1_STRING_length_set(ASN1_STRING *x, int len);

void
ASN1_STRING_set0(ASN1_STRING *str, void *data, int len);

int
ASN1_STRING_set(ASN1_STRING *str, const void *data, int len);

int
ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *str, const unsigned char *data, int len);

int
ASN1_STRING_copy(ASN1_STRING *dst, const ASN1_STRING *src);

int
ASN1_STRING_to_UTF8(unsigned char **out, const ASN1_STRING *in);

int
ASN1_STRING_type(const ASN1_STRING *x);

These functions manipulate ASN1_STRING structures.

() compares the type, the length, and the content of a and b.

() does exactly the same as ASN1_STRING_cmp() without providing any type safety.

() is similar to ASN1_STRING_get0_data() except that the returned value is not constant. This function is deprecated. Applications should use ASN1_STRING_get0_data() instead.

() allocates a new ASN1_STRING object and copies the type, length, data, and flags from a into it.

() does exactly the same as ASN1_STRING_dup() without providing any type safety.

() returns an internal pointer to the data of x. It should not be freed or modified in any way.

() returns the length attribute of x, measured in bytes.

() sets the length attribute of x to len. It may put x into an inconsistent internal state.

() frees any data stored in str, sets the length attribute to len bytes, and sets the data attribute to data, transferring ownership, without doing any validation.

() sets the length attribute of str to len and copies that number of bytes from data into str, overwriting any previous data. If len is -1, then (data) is used instead of len. If data is NULL, the content of str remains uninitialized; that is not considered an error unless len is negative.

() does exactly the same as ASN1_STRING_set() without providing any type safety.

() copies the length and data of src into dst using ASN1_STRING_set() and changes the type and flags of dst to match the type and flags of src.

() converts the string in to UTF-8 format. The converted data is copied into a newly allocated buffer *out. The buffer *out should be freed using free(3).

() returns the type of x. If the bit V_ASN1_NEG is set in the return value, x is an ASN.1 INTEGER or ENUMERATED object with a negative value.

Almost all ASN.1 types are represented as ASN1_STRING structures. Other types such as ASN1_OCTET_STRING are simply typedefed to ASN1_STRING and the functions call the ASN1_STRING equivalents. ASN1_STRING is also used for some CHOICE types which consist entirely of primitive string types such as DirectoryString and Time.

These functions should be used to examine or modify ASN1_INTEGER or ASN1_ENUMERATED types: the relevant INTEGER or ENUMERATED utility functions should be used instead.

In general it cannot be assumed that the data returned by () and ASN1_STRING_data() is NUL terminated, and it may contain embedded NUL characters. The format of the data depends on the string type: for example for an IA5String the data contains ASCII characters, for a BMPString two bytes per character in big endian format, and for a UTF8String UTF-8 characters.

Similar care should be taken to ensure the data is in the correct format when calling () or ASN1_STRING_set0().

ASN1_STRING_cmp() and ASN1_OCTET_STRING_cmp() return 0 if the type, the length, and the content of a and b agree, or a non-zero value otherwise. In contrast to strcmp(3), the sign of the return value does not indicate lexicographical ordering.

ASN1_STRING_data() and ASN1_STRING_get0_data() return an internal pointer to the data of x.

ASN1_STRING_dup() and ASN1_OCTET_STRING_dup() return a pointer to a newly allocated ASN1_STRING structure or NULL if an error occurred.

ASN1_STRING_length() returns a number of bytes.

ASN1_STRING_set(), ASN1_OCTET_STRING_set(), and ASN1_STRING_copy() return 1 on success or 0 on failure. They fail if memory allocation fails. ASN1_STRING_set() and ASN1_OCTET_STRING_set() also fail if data is NULL and len is -1 in the same call. ASN1_STRING_copy() also fails if src is NULL.

ASN1_STRING_to_UTF8() returns the number of bytes in the output buffer *out, or a negative number if an error occurred.

ASN1_STRING_type() returns an integer constant, for example V_ASN1_OCTET_STRING or V_ASN1_NEG_INTEGER.

In some cases of failure of ASN1_STRING_dup(), ASN1_STRING_set(), and ASN1_STRING_to_UTF8(), the reason can be determined with ERR_get_error(3).

ASN1_BIT_STRING_set(3), ASN1_mbstring_copy(3), ASN1_PRINTABLE_type(3), ASN1_STRING_new(3), ASN1_UNIVERSALSTRING_to_string(3)

ASN1_STRING_cmp(), ASN1_STRING_dup(), ASN1_STRING_set(), and ASN1_OCTET_STRING_set() first appeared in SSLeay 0.6.5. ASN1_OCTET_STRING_cmp(), ASN1_STRING_data(), ASN1_OCTET_STRING_dup(), and ASN1_STRING_type() first appeared in SSLeay 0.8.0. ASN1_STRING_length() first appeared in SSLeay 0.9.0. All these functions have been available since OpenBSD 2.4.

ASN1_STRING_length_set() first appeared in OpenSSL 0.9.5 and has been available since OpenBSD 2.7.

ASN1_STRING_to_UTF8() first appeared in OpenSSL 0.9.6 and has been available since OpenBSD 2.9.

ASN1_STRING_set0() first appeared in OpenSSL 0.9.8h and has been available since OpenBSD 4.5.

ASN1_STRING_copy() first appeared in OpenSSL 1.0.0 and has been available since OpenBSD 4.9.

ASN1_STRING_get0_data() first appeared in OpenSSL 1.1.0 and has been available since OpenBSD 6.3.

ASN1_OCTET_STRING_cmp(), ASN1_OCTET_STRING_dup(), and ASN1_OCTET_STRING_set() do not check whether their arguments are really of the type V_ASN1_OCTET_STRING. They may report success even if their arguments are of a wrong type. Consequently, even in case of success, the return value of ASN1_OCTET_STRING_dup() is not guaranteed to be of the type V_ASN1_OCTET_STRING either.

December 14, 2021 OpenBSD-current