2 files changed, 24 insertions, 0 deletions

diff --git a/src/lib/x509/x509cert.cpp b/src/lib/x509/x509cert.cpp
index b6e15a3e0..512e4aa63 100644
--- a/src/lib/x509/x509cert.cpp
+++ b/src/lib/x509/x509cert.cpp
@@ -439,6 +439,13 @@ std::vector<uint8_t> X509_Certificate::raw_issuer_dn() const
    return m_issuer.get1_memvec("X509.Certificate.dn_bits");
    }
 
+std::vector<uint8_t> X509_Certificate::raw_issuer_dn_sha256() const
+   {
+   std::unique_ptr<HashFunction> hash(HashFunction::create("SHA-256"));
+   hash->update(raw_issuer_dn());
+   return hash->final_stdvec();
+   }
+
 X509_DN X509_Certificate::subject_dn() const
    {
    return create_dn(m_subject);
@@ -449,6 +456,13 @@ std::vector<uint8_t> X509_Certificate::raw_subject_dn() const
    return m_subject.get1_memvec("X509.Certificate.dn_bits");
    }
 
+std::vector<uint8_t> X509_Certificate::raw_subject_dn_sha256() const
+   {
+   std::unique_ptr<HashFunction> hash(HashFunction::create("SHA-256"));
+   hash->update(raw_subject_dn());
+   return hash->final_stdvec();
+   }
+
 std::string X509_Certificate::fingerprint(const std::string& hash_name) const
    {
    std::unique_ptr<HashFunction> hash(HashFunction::create(hash_name));
diff --git a/src/lib/x509/x509cert.h b/src/lib/x509/x509cert.h
index 1e95b5140..52b22d618 100644
--- a/src/lib/x509/x509cert.h
+++ b/src/lib/x509/x509cert.h
@@ -101,11 +101,21 @@ class BOTAN_DLL X509_Certificate : public X509_Object
       std::vector<uint8_t> raw_issuer_dn() const;
 
       /**
+      * SHA-256 of Raw issuer DN
+      */
+      std::vector<uint8_t> raw_issuer_dn_sha256() const;
+
+      /**
       * Raw subject DN
       */
       std::vector<uint8_t> raw_subject_dn() const;
 
       /**
+      * SHA-256 of Raw subject DN
+      */
+      std::vector<uint8_t> raw_subject_dn_sha256() const;
+
+      /**
       * Get the notBefore of the certificate.
       * @return notBefore of the certificate
       */