hx509: Add hx509_ca_tbs_get_name()

This is so we can check if a TBS gets an empty subject name, then refuse to issue the certificate if it doesn't also have at least one SAN.
2019-11-06 11:08:00 -06:00
parent 12826c9586
commit fce3f16859
3 changed files with 19 additions and 0 deletions
--- a/lib/hx509/ca.c
+++ b/lib/hx509/ca.c
@@ -997,6 +997,23 @@ hx509_ca_tbs_subject_expand(hx509_context context,
    return hx509_name_expand(context, tbs->subject, env);
 }

+/**
+ * Get the name of a to-be-signed certificate object.
+ *
+ * @param context A hx509 context.
+ * @param tbs object to be signed.
+ *
+ * @return An hx509 name.
+ *
+ * @ingroup hx509_ca
+ */
+
+HX509_LIB_FUNCTION hx509_name HX509_LIB_CALL
+hx509_ca_tbs_get_name(hx509_ca_tbs tbs)
+{
+    return tbs->subject;
+}
+
 /**
 * Set signature algorithm on the to be signed certificate
 *