[gnutls-dev] non-ASCII ASN.1 string types

Nikos Mavrogiannopoulos nmav at gnutls.org
Sun Oct 17 12:46:30 CEST 2004

On Sunday 17 October 2004 12:08, Joe Orton wrote:

> > Ok. The newest patch will print something like:
> > Subject: C=GB,ST=Cambridgeshire,L=Cambridge,O=Neon Hackers
> > Ltd,OU=#48e86c6c6f20576f726c64,CN=localhost,EMAIL=neon at webdav.org
> I dunno, I'd rather the functions fail if the RDN can't be
> auto-converted into UTF-8 per the docs
I don't like this behaviour. And according to my intrerpretation of rfc2253, 
this is the proper thing to do when an unsupported character set is found in 
the asn.1 encoding.

> (but UCS-2->UTF-8 is a simple 
> conversion anyway).
But not simple enough. Maybe in a later version a callback is used so that the 
caller can do the string conversion himself.

> On this subject: is there a way to iterate over all the RDNs in the
> subject or issuer DN using GNU TLS?  neon needs to produce
> human-readable DNs - this is easy using OpenSSL's X509_NAME interface,
> but I can't find a way of doing it in GNU TLS.  Can anyone help?
Yes. You can use:
after calling gnutls_x509_crt_get_dn_oid() to get all OIDs in the DN.

> joe

Nikos Mavrogiannopoulos

More information about the Gnutls-devel mailing list