Question

这是我的代码完全正常，我可以解析证书中的数据。但是，其中一个数组键似乎有一个二进制编码值，我该如何解析呢？

[1.3.6.1.4.1.11129.2.4.2] => �jhv�� ��X����gp
<5��߸�w��
�K;͋�G0E!���]���s�0�K/�����;#�Sdθ�� f�������E���L�,Gx�U�-=*��&,vV�/�������D�>�Fv���\�U։��K;͎=G0E -�����>�㶍���`V$���|)�u�ӡ!�J�\�i�D����'i��mN�t����K��vh���d��:���(L�qQ]g��D�
g��OO��K;͋�G0E!���  
Ct����8�/��?��Nbqŀ����� ��De�oaxLX����G`�:nY��=]����

此处输出的完整屏幕截图：http://prnt.sc/b87cj9

这是我用来解析证书的php脚本：

    $pemdata = "-----BEGIN CERTIFICATE-----
MIIG1jCCBb6gAwIBAgIQWM6l42NRuR9J5Hogzv8lDzANBgkqhkiG9w0BAQsFADBX
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhhd3RlLCBJbmMuMTEwLwYDVQQDEyh0
aGF3dGUgRXh0ZW5kZWQgVmFsaWRhdGlvbiBTSEEyNTYgU1NMIENBMB4XDTE1MDEz
MDAwMDAwMFoXDTE3MDEyOTIzNTk1OVowge8xEzARBgsrBgEEAYI3PAIBAxMCVVMx
GTAXBgsrBgEEAYI3PAIBAgwIRGVsYXdhcmUxFTATBgNVBAoMDFRoYXd0ZSwgSW5j
LjELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNVBAcMDU1v
dW50YWluIFZpZXcxHTAbBgNVBA8TFFByaXZhdGUgT3JnYW5pemF0aW9uMRAwDgYD
VQQFEwczODk4MjYxMSIwIAYDVQQLDBlJbmZyYXN0cnVjdHVyZSBPcGVyYXRpb25z
MRcwFQYDVQQDDA53d3cudGhhd3RlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAMhJu5q4nszR34zyO9rT4dOcX2eH/Y/h24AuHU/jKCwGzg+QlVsK
qIS2mz6R+rr6dY56RZWhN7V2JJiBBz/rH0RBcg1pQUqyyX9iAlpaFkDOnmuZEGqu
3GtJu/bj2FDmacCThWQVF5YKO8xUu8z/v9EhK+D+JucYPUlI6uLd96f58z/0cufy
4lIWOJnKZTzVBXDU/QdsVi1qWabQ9H2Juc7cDiew8xSffgwdb8b02TOjM1+iwyv4
+zvmr51VWjuJiryQqACEvmd/zCQV32lc8nzO6xtw2CzcWd4Lw7pDHHtjH7w+gL1S
wG3nNmFScXfpCxR+7YUehE3fH28xiZB863sCAwEAAaOCAwMwggL/MCUGA1UdEQQe
MByCCnRoYXd0ZS5jb22CDnd3dy50aGF3dGUuY29tMAkGA1UdEwQCMAAwDgYDVR0P
AQH/BAQDAgWgMCsGA1UdHwQkMCIwIKAeoByGGmh0dHA6Ly90Zi5zeW1jYi5jb20v
dGYuY3JsMHMGA1UdIARsMGowaAYLYIZIAYb4RQEHMAEwWTAmBggrBgEFBQcCARYa
aHR0cHM6Ly93d3cudGhhd3RlLmNvbS9jcHMwLwYIKwYBBQUHAgIwIwwhaHR0cHM6
Ly93d3cudGhhd3RlLmNvbS9yZXBvc2l0b3J5MB0GA1UdJQQWMBQGCCsGAQUFBwMB
BggrBgEFBQcDAjAfBgNVHSMEGDAWgBQ7JMgxoLda0Gq40soHdMweJNTE3DBXBggr
BgEFBQcBAQRLMEkwHwYIKwYBBQUHMAGGE2h0dHA6Ly90Zi5zeW1jZC5jb20wJgYI
KwYBBQUHMAKGGmh0dHA6Ly90Zi5zeW1jYi5jb20vdGYuY3J0MIIBfgYKKwYBBAHW
eQIEAgSCAW4EggFqAWgAdgCkuQmQtBhYFIe7E6LMZ3AKPDWYBPkb37jjd80OyA3c
EAAAAUs7zYvLAAAEAwBHMEUCIQDeB8C8XaiWk3PvMKJLL4+c0evdOwUjuQRTGhZk
zrjs2AIgZqoM5RP+memp2UWdwYhMtCxHeIdVlS09HRQdKuL5JiwAdgBWFAaaL9fC
7NP14b1Esj7HRna5vJkRXMDvlJhV1onQ3QAAAUs7zY49AAAEAwBHMEUCIC0MzccT
vR0c8fU+s+O2jY3P3mBWJBb/q4h8KeR129OhAiEAwgVKiFzIaRH7ROPG4X8Q/X8n
aYPNbU7idJfzt6tLhMkAdgBo9pj4H2SCvjqM7rkoHUz8cVFdZ5PURNEKZ6y7T0/7
xAAAAUs7zYvLAAAEAwBHMEUCIQDD7t8JDUN0/LOBFAHlOJ4eL5jSP9/rTmJxxYD2
jo2clQIgHev6DERlqG9heExYl4gZouBHYLg6E25Z//E9XfW2q/MwDQYJKoZIhvcN
AQELBQADggEBAJtygOENjOk5czbnQ1uBTFyXjoJ7iwFqDIsnwUhUMwi0Qd+woThz
mlZ8uAAHmS/XZplzxYZmnjPt0R8aAysBQReN06in/SEdW+Lsm5na/+lw8VSav0Cu
YYQgJskPcdeWSIL+J+sfpETzkl2yc0aOza5XAPa8ur+AUWSlZfMn07Xhe1du6RNt
lhm6rKQlNQyY8dWlr2bip8wRbql4arpyctXgww48Y7tbBoU/GAmVCdvlLDuX3Nme
1tGoRcfMam6xF9AEfmydv4zK2+TPajuZspYwy2UaB3MPZDuEuKf3WpmghCTBWsFm
MVP85MEJb8cI1Z6olHOYJ5MRO35riZcvLoM=
-----END CERTIFICATE-----";

    // Small function to print the data recursivly.
    function print_element($item, $key)
    {
        if( is_array( $item ) )
        {
            echo "$key is Array:\n";
            array_walk( $item, 'print_element' );
            echo "$key done\n";
        }
        else
            echo "$key = $item\n";
    }

    // Build the PEM string.

    // Get a certificate resource from the PEM string.
    $cert = openssl_x509_read( $pemdata );

    // Parse the resource and print out the contents.
    $cert_data = openssl_x509_parse( $cert );
    //array_walk( $cert_data, 'print_element' );
    echo "<pre>".print_r($cert_data,true)."</pre>";

    // Free the resource
    openssl_x509_free( $cert );

Answer 1

OpenSSL 1.0.1似乎无法将所有扩展名从ASN.1编码转换为可读文本。

升级到1.0.2以解决此问题，并在ct_precert_scts处获得1.3.6.1.4.1.11129.2.4.2。

如何从证书中解码二进制字符串

1 个答案: