我有一个iOS应用程序试图从openSSL证书中检索SAN。我被困在可以正确获取X509_Extension的部分(我可以检查X509_Extension中的数据,它包含电子邮件地址,混合在一堆其他数据中)。我不知道如何从X509_Extension中提取电子邮件地址。
有人可以帮忙吗?谢谢。以下是我的代码:
int loc = X509_get_ext_by_NID(cert, NID_subject_alt_name, -1);
if (loc >= 0) {
X509_EXTENSION * ext = X509_get_ext(cert, loc);
//How to extract the email address from the ext?
}
答案 0 :(得分:0)
受到this thread的启发,我终于解决了问题。 FIY:
int loc = X509_get_ext_by_NID(cert, NID_subject_alt_name, -1);
if (loc >= 0) {
X509_EXTENSION * ext = X509_get_ext(cert, loc);
BUF_MEM *bptr = NULL;
char *buf = NULL;
BIO *bio = BIO_new(BIO_s_mem());
if(!X509V3_EXT_print(bio, ext, 0, 0)){
// error handling...
}
BIO_flush(bio);
BIO_get_mem_ptr(bio, &bptr);
// now bptr contains the strings of the key_usage, take
// care that bptr->data is NOT NULL terminated, so
// to print it well, let's do something..
buf = (char *)malloc( (bptr->length + 1)*sizeof(char) );
memcpy(buf, bptr->data, bptr->length);
buf[bptr->length] = '\0';
NSString *email = [NSString stringWithUTF8String:buf];
NSRange r1 = [email rangeOfString:@"email:"];
NSRange r2 = [email rangeOfString:@","];
NSRange rSub = NSMakeRange(r1.location + r1.length, r2.location - r1.location - r1.length);
NSString *email = [email substringWithRange:rSub];
}