如何使用Openssl從x509證書讀取證書詳細信息(序列號,頒發者,主題詳細信息)。使用openssl從x509 certiticate讀取序列號(ASN1_INTEGER)失敗
我使用PKCS12_parse()解析P12文件,然後從objtained x509證書中以ASN1_INTEGER格式檢索序列號。但是,我如何解析它才能讀取它。
如何使用Openssl從x509證書讀取證書詳細信息(序列號,頒發者,主題詳細信息)。使用openssl從x509 certiticate讀取序列號(ASN1_INTEGER)失敗
我使用PKCS12_parse()解析P12文件,然後從objtained x509證書中以ASN1_INTEGER格式檢索序列號。但是,我如何解析它才能讀取它。
我試過這種方式..並且可以讀取證書的值。
bio_out=BIO_new_fp(stdout,BIO_NOCLOSE); //here instead of stdout, a file pointer can also be given
x509 = sk_X509_value(certs,0);
X509_NAME_print_ex(bio_out,X509_get_issuer_name(x509), XN_FLAG_COMPAT, X509_FLAG_COMPAT);
//Issuer Name
BIO_printf(bio_out,"\n");
unsigned long nmflag = 0;
CryptoUtility *cryptoU = [[CryptoUtility alloc] init];
[cryptoU print_name:bio_out title:"Verify : issuer= " x509name:X509_get_issuer_name(x509) flag:nmflag];
BIO_printf(bio_out,"\n");
//Subject Name
BIO_printf(bio_out,"\n");
[cryptoU print_name:bio_out title:"Verify : subject= " x509name:X509_get_subject_name(x509) flag:nmflag];
BIO_printf(bio_out,"\n");
//Serial NO
BIO_printf(bio_out,"\n");
BIO_printf(bio_out,"Verify : serial=");
i2a_ASN1_INTEGER(bio_out, X509_get_serialNumber(x509));
BIO_printf(bio_out,"\n");
BIO_printf(bio_out,"\n");
//NSLog(@"Issuer name %@",X509_get_issuer_name(x509));
//Common Name
char peer_CN[256];
X509_NAME_get_text_by_NID(X509_get_subject_name(x509),NID_commonName, peer_CN, 256);
NSLog(@"Verify : comman name %s",peer_CN);
我希望這會有所幫助。
而不是文件指針如何從BIO結構獲取值?我想使用Memory Bio結構。而不是文件BIO結構。 – Balamurugan 2012-04-05 06:04:44
創建一個內存BIO:
BIO *mem = BIO_new(BIO_s_mem());
//pass this mem BIO to hold the data
Extract the BUF_MEM structure from a memory BIO and then free up the BIO:
BUF_MEM *bptr;
BIO_get_mem_ptr(mem, &bptr);
BIO_set_close(mem, BIO_NOCLOSE); /* So BIO_free() leaves BUF_MEM alone */
char *buff = (char *)malloc(bptr->length); //converting BUF_MEM to Char *
memcpy(buff, bptr->data, bptr->length-1); //to be used later as you needed
buff[bptr->length-1] = 0;
NSLog(@"--------------------------->%s",buff);
BIO_free(mem);
愛好者可以在邏輯還可以用於....希望這有助於:)
嗨@Balamurugan,這是我的第一個答案,爲什麼你不接受他們,如果他們真的幫助你 – chetan 2012-04-09 13:22:51
你設法解決這個問題? – Maggie 2012-03-10 13:36:20
是的,我可以檢索證書的一些細節以及序列號,發行人和主題的詳細信息。 – chetan 2012-03-12 05:44:08
你是如何獲得序列號的? – Maggie 2012-03-12 09:42:24