*** UNIX MANUAL PAGE BROWSER ***

D2I_ASN1_OBJECT(3) FreeBSD Library Functions Manual D2I_ASN1_OBJECT(3) NAME d2i_ASN1_OBJECT, i2d_ASN1_OBJECT, OBJ_get0_data, OBJ_length - decode and encode ASN.1 object identifiers SYNOPSIS #include <openssl/asn1.h> ASN1_OBJECT * d2i_ASN1_OBJECT(ASN1_OBJECT **val_out, const unsigned char **der_in, long length); int i2d_ASN1_OBJECT(const ASN1_OBJECT *val_in, unsigned char **der_out); #include <openssl/objects.h> const unsigned char * OBJ_get0_data(const ASN1_OBJECT *val_in); size_t OBJ_length(const ASN1_OBJECT *val_in); DESCRIPTION These functions decode and encode ASN.1 object identifiers. For details about the semantics, examples, caveats, and bugs, see ASN1_item_d2i(3). The LibreSSL implementation of d2i_ASN1_OBJECT() always calls ASN1_OBJECT_free(3) if an existing object is passed in via val_out and it always creates a new object from scratch. Other implementations may attempt to reuse an existing object, which is fragile and prone to bugs. Consequently, always passing NULL for the val_out argument is recommended. The objects returned from d2i_ASN1_OBJECT() and the data contained in them are always marked as dynamically allocated, so when they are no longer needed, ASN1_OBJECT_free(3) can be called on them. i2d_ASN1_OBJECT() encodes the object identifier pointed to by val_in into DER format. OBJ_get0_data() and OBJ_length() only deal with the content octets of that DER encoding, without taking the identifier and length octets into account. RETURN VALUES d2i_ASN1_OBJECT() returns a pointer to the new ASN1_OBJECT object or NULL if an error occurs. With other implementations, it might return a pointer to the reused ASN1_OBJECT. i2d_ASN1_OBJECT() returns the number of octets successfully encoded or a value <= 0 if an error occurs. OBJ_get0_data() returns an internal pointer to the first content octet of the DER encoding of val_in. The other content octets follow the returned pointer contiguously. OBJ_length() returns the number of content octets contained in the DER encoding of val_in. This number is always smaller than the total length of the encoding returned by ASN1_object_size(3). If val_in is a NULL pointer or points to an empty object, for example one freshly created with ASN1_OBJECT_new(3), OBJ_get0_data() returns NULL and OBJ_length() returns zero. SEE ALSO a2d_ASN1_OBJECT(3), ASN1_item_d2i(3), ASN1_OBJECT_new(3), ASN1_put_object(3), OBJ_nid2obj(3) STANDARDS ITU-T Recommendation X.690, also known as ISO/IEC 8825-1: Information technology - ASN.1 encoding rules: Specification of Basic Encoding Rules (BER), Canonical Encoding Rules (CER) and Distinguished Encoding Rules (DER), section 8.19: Encoding of an object identifier value HISTORY d2i_ASN1_OBJECT() and i2d_ASN1_OBJECT() first appeared in SSLeay 0.5.1 and have been available since OpenBSD 2.4. OBJ_get0_data() and OBJ_length() first appeared in OpenSSL 1.1.0 and have been available since OpenBSD 7.1. CAVEATS d2i_ASN1_OBJECT() never sets the long and short names of the object, not even if the object identifier matches one that is built into the library. To find the names of an object identifier parsed from DER or BER input, call OBJ_obj2nid(3) on the returned object, and then OBJ_nid2sn(3) and OBJ_nid2ln(3) on the result. Calling OBJ_get0_data() and then accessing memory in front of the returned pointer results in undefined behaviour. In particular, it is not possible to find the identifier or length octets in that way; use ASN1_put_object(3) or i2d_ASN1_OBJECT() instead. FreeBSD 14.1-RELEASE-p8 March 14, 2025 FreeBSD 14.1-RELEASE-p8