1 files changed, 23 insertions, 10 deletions

diff --git a/src/certificate.c b/src/certificate.c
index acb7b37..36e6b5b 100644
--- a/src/certificate.c
+++ b/src/certificate.c
@@ -17,7 +17,7 @@ test_x509_name(CK_SESSION_HANDLE session, CK_OBJECT_HANDLE object,
 {
 	CK_BYTE_PTR ptr, encoded;
 	CK_ATTRIBUTE attr;
-	X509_NAME* name;
+	const char *msg;
 	CK_RV rv;
 	int len;
 
@@ -40,13 +40,9 @@ test_x509_name(CK_SESSION_HANDLE session, CK_OBJECT_HANDLE object,
 	if(rv != CKR_OK)
 		return p11t_msg_rv(rv);
 
-	/* Let openssl parse it */
-	ptr = attr.pValue;
-	name = d2i_X509_NAME(NULL, (const unsigned char**)&ptr, attr.ulValueLen);
-	if(name == NULL)
-		return p11t_msg_openssl();
-	if(ptr - (CK_BYTE_PTR)attr.pValue != attr.ulValueLen)
-		return "Extra trailing bytes";
+	msg = p11t_certificate_validate_dn(attr.pValue, attr.ulValueLen);
+	if(msg != NULL)
+		return msg;
 
 	/* Serialize the compare one */
 	len = i2d_X509_NAME(compare, NULL);
@@ -63,8 +59,6 @@ test_x509_name(CK_SESSION_HANDLE session, CK_OBJECT_HANDLE object,
 	free(attr.pValue);
 	free(encoded);
 
-	X509_NAME_free(name);
-
 	return NULL;
 }
 
@@ -355,3 +349,22 @@ p11t_certificate_tests(void)
 		p11t_session_close(session);
 	}
 }
+
+const char*
+p11t_certificate_validate_dn(CK_BYTE_PTR der, CK_ULONG n_der)
+{
+	CK_BYTE_PTR ptr;
+	X509_NAME* name;
+
+	/* Let openssl parse it */
+	ptr = der;
+	name = d2i_X509_NAME(NULL, (const unsigned char**)&ptr, n_der);
+	if(name == NULL)
+		return p11t_msg_openssl();
+	if(ptr - der != n_der)
+		return "Extra trailing bytes";
+
+	X509_NAME_free(name);
+
+	return NULL;
+}