Add X509_get0_uids from OpenSSL 1.1.0.
Change-Id: I89938c652abe6b0a04808070a6d1f131dc3484b7
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/42564
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/crypto/x509/x509_set.c b/crypto/x509/x509_set.c
index 0fcdc5a..8e85a7e 100644
--- a/crypto/x509/x509_set.c
+++ b/crypto/x509/x509_set.c
@@ -193,6 +193,17 @@
return x509->cert_info->validity->notAfter;
}
+void X509_get0_uids(const X509 *x509, const ASN1_BIT_STRING **out_issuer_uid,
+ const ASN1_BIT_STRING **out_subject_uid)
+{
+ if (out_issuer_uid != NULL) {
+ *out_issuer_uid = x509->cert_info->issuerUID;
+ }
+ if (out_subject_uid != NULL) {
+ *out_subject_uid = x509->cert_info->subjectUID;
+ }
+}
+
int X509_set_pubkey(X509 *x, EVP_PKEY *pkey)
{
if ((x == NULL) || (x->cert_info == NULL))
diff --git a/include/openssl/x509.h b/include/openssl/x509.h
index 4127377..6919c90 100644
--- a/include/openssl/x509.h
+++ b/include/openssl/x509.h
@@ -516,6 +516,13 @@
#define X509_set_notBefore X509_set1_notBefore
#define X509_set_notAfter X509_set1_notAfter
+// X509_get0_uids sets |*out_issuer_uid| and |*out_subject_uid| to non-owning
+// pointers to the issuerUID and subjectUID fields, respectively, of |x509|.
+// Either output pointer may be NULL to skip the field.
+OPENSSL_EXPORT void X509_get0_uids(const X509 *x509,
+ const ASN1_BIT_STRING **out_issuer_uid,
+ const ASN1_BIT_STRING **out_subject_uid);
+
// X509_get_cert_info returns |x509|'s TBSCertificate structure. Note this
// function is not const-correct for legacy reasons.
//
