=head1 NAME
-OBJ_nid2obj, OBJ_nid2ln, OBJ_nid2sn, OBJ_obj2nid, OBJ_txt2nid, OBJ_ln2nid, OBJ_sn2nid,
-OBJ_cmp, OBJ_dup, OBJ_txt2obj, OBJ_obj2txt, OBJ_create, OBJ_cleanup - ASN1 object utility
-functions
+i2t_ASN1_OBJECT,
+OBJ_length, OBJ_get0_data, OBJ_nid2obj, OBJ_nid2ln,
+OBJ_nid2sn, OBJ_obj2nid, OBJ_txt2nid, OBJ_ln2nid, OBJ_sn2nid, OBJ_cmp,
+OBJ_dup, OBJ_txt2obj, OBJ_obj2txt, OBJ_create, OBJ_cleanup
+- ASN1 object utility functions
=head1 SYNOPSIS
- ASN1_OBJECT * OBJ_nid2obj(int n);
- const char * OBJ_nid2ln(int n);
- const char * OBJ_nid2sn(int n);
+ #include <openssl/objects.h>
+
+ ASN1_OBJECT *OBJ_nid2obj(int n);
+ const char *OBJ_nid2ln(int n);
+ const char *OBJ_nid2sn(int n);
int OBJ_obj2nid(const ASN1_OBJECT *o);
int OBJ_ln2nid(const char *ln);
int OBJ_txt2nid(const char *s);
- ASN1_OBJECT * OBJ_txt2obj(const char *s, int no_name);
+ ASN1_OBJECT *OBJ_txt2obj(const char *s, int no_name);
int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name);
- int OBJ_cmp(const ASN1_OBJECT *a,const ASN1_OBJECT *b);
- ASN1_OBJECT * OBJ_dup(const ASN1_OBJECT *o);
+ int i2t_ASN1_OBJECT(char *buf, int buf_len, ASN1_OBJECT *a);
+
+ int OBJ_cmp(const ASN1_OBJECT *a, const ASN1_OBJECT *b);
+ ASN1_OBJECT *OBJ_dup(const ASN1_OBJECT *o);
+
+ int OBJ_create(const char *oid, const char *sn, const char *ln);
+
+ size_t OBJ_length(const ASN1_OBJECT *obj);
+ const unsigned char *OBJ_get0_data(const ASN1_OBJECT *obj);
- int OBJ_create(const char *oid,const char *sn,const char *ln);
- void OBJ_cleanup(void);
+Deprecated:
+
+ #if OPENSSL_API_COMPAT < 0x10100000L
+ void OBJ_cleanup(void)
+ #endif
=head1 DESCRIPTION
The ASN1 object utility functions process ASN1_OBJECT structures which are
a representation of the ASN1 OBJECT IDENTIFIER (OID) type.
-
-OBJ_nid2obj(), OBJ_nid2ln() and OBJ_nid2sn() convert the NID B<n> to
+For convenience, OID's are usually represented in source code as numeric
+identifiers, or B<NID>'s. OpenSSL has an internal table of OID's that
+are generated when the library is built, and their corresponding NID's
+are available as define'd constants. For the functions below, application
+code should treat all returned values -- OID's, NID's, or names -- as
+constants.
+
+OBJ_nid2obj(), OBJ_nid2ln() and OBJ_nid2sn() convert the NID B<n> to
an ASN1_OBJECT structure, its long name and its short name respectively,
or B<NULL> is an error occurred.
or NID_undef if an error occurred.
OBJ_txt2nid() returns NID corresponding to text string <s>. B<s> can be
-a long name, a short name or the numerical respresentation of an object.
+a long name, a short name or the numerical representation of an object.
OBJ_txt2obj() converts the text string B<s> into an ASN1_OBJECT structure.
If B<no_name> is 0 then long names and short names will be interpreted
the numerical form will be used. If B<no_name> is 1 then the numerical
form will always be used.
+i2t_ASN1_OBJECT() is the same as OBJ_obj2txt() with the B<no_name> set to zero.
+
OBJ_cmp() compares B<a> to B<b>. If the two are identical 0 is returned.
OBJ_dup() returns a copy of B<o>.
-OBJ_create() adds a new object to the internal table. B<oid> is the
+OBJ_create() adds a new object to the internal table. B<oid> is the
numerical form of the object, B<sn> the short name and B<ln> the
long name. A new NID is returned for the created object.
-OBJ_cleanup() cleans up OpenSSLs internal object table: this should
-be called before an application exits if any new objects were added
-using OBJ_create().
+OBJ_length() returns the size of the content octets of B<obj>.
+
+OBJ_get0_data() returns a pointer to the content octets of B<obj>.
+The returned pointer is an internal pointer which B<must not> be freed.
+
+In OpenSSL versions prior to 1.1.0 OBJ_cleanup() cleaned up OpenSSLs internal
+object table and was called before an application exits if any new objects were
+added using OBJ_create(). This function is deprecated in version 1.1.0 and now
+does nothing if called. No explicit de-initialisation is now required. See
+L<OPENSSL_init_crypto(3)> for further information.
=head1 NOTES
the functions OBJ_txt2obj() and OBJ_obj2txt() can process the numerical
form of an OID.
+Some objects are used to represent algorithms which do not have a
+corresponding ASN.1 OBJECT IDENTIFIER encoding (for example no OID currently
+exists for a particular algorithm). As a result they B<cannot> be encoded or
+decoded as part of ASN.1 structures. Applications can determine if there
+is a corresponding OBJECT IDENTIFIER by checking OBJ_length() is not zero.
+
=head1 EXAMPLES
Create an object for B<commonName>:
ASN1_OBJECT *o;
o = OBJ_nid2obj(NID_commonName);
-Check is an object is B<commonName>
+Check if an object is B<commonName>
if (OBJ_obj2nid(obj) == NID_commonName)
- /* Do something */
+ /* Do something */
Create a new NID and initialize an object from it:
int new_nid;
ASN1_OBJECT *obj;
+
new_nid = OBJ_create("1.2.3.4", "NewOID", "New Object Identifier");
obj = OBJ_nid2obj(new_nid);
-
+
Create a new object directly:
obj = OBJ_txt2obj("1.2.3.4", 1);
=head1 BUGS
-OBJ_obj2txt() is awkward and messy to use: it doesn't follow the
+OBJ_obj2txt() is awkward and messy to use: it doesn't follow the
convention of other OpenSSL functions where the buffer can be set
to B<NULL> to determine the amount of data that should be written.
Instead B<buf> must point to a valid buffer and B<buf_len> should
be set to a positive value. A buffer length of 80 should be more
than enough to handle any OID encountered in practice.
+Many of the functions here should probably be changed to return B<const>
+pointers. But the lack of consistency makes that too awkward to do.
+
=head1 RETURN VALUES
-OBJ_nid2obj() returns an ASN1_OBJECT structure or B<NULL> is an
+OBJ_nid2obj() returns an B<ASN1_OBJECT> structure or B<NULL> is an
error occurred.
OBJ_nid2ln() and OBJ_nid2sn() returns a valid string or B<NULL>
on error.
OBJ_obj2nid(), OBJ_ln2nid(), OBJ_sn2nid() and OBJ_txt2nid() return
-a NID or NID_undef on error.
+a NID or B<NID_undef> on error.
=head1 SEE ALSO
-L<ERR_get_error(3)|ERR_get_error(3)>
+L<ERR_get_error(3)>
=head1 HISTORY
-TBA
+OBJ_cleanup() was deprecated in OpenSSL 1.1.0.
+
+=head1 COPYRIGHT
+
+Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the OpenSSL license (the "License"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
=cut