如何使用Openssl从x509证书中读取证书详细信息(序列号,颁发者,主题详细信息)。
我使用PKCS12_parse()解析P12文件,然后从objtained x509证书中检索ASN1_INTEGER格式的序列号。但是我如何解析它以便可以阅读。
答案 0 :(得分:1)
我试过这种方式..并且可以读取证书的值。
bio_out=BIO_new_fp(stdout,BIO_NOCLOSE); //here instead of stdout, a file pointer can also be given
x509 = sk_X509_value(certs,0);
X509_NAME_print_ex(bio_out,X509_get_issuer_name(x509), XN_FLAG_COMPAT, X509_FLAG_COMPAT);
//Issuer Name
BIO_printf(bio_out,"\n");
unsigned long nmflag = 0;
CryptoUtility *cryptoU = [[CryptoUtility alloc] init];
[cryptoU print_name:bio_out title:"Verify : issuer= " x509name:X509_get_issuer_name(x509) flag:nmflag];
BIO_printf(bio_out,"\n");
//Subject Name
BIO_printf(bio_out,"\n");
[cryptoU print_name:bio_out title:"Verify : subject= " x509name:X509_get_subject_name(x509) flag:nmflag];
BIO_printf(bio_out,"\n");
//Serial NO
BIO_printf(bio_out,"\n");
BIO_printf(bio_out,"Verify : serial=");
i2a_ASN1_INTEGER(bio_out, X509_get_serialNumber(x509));
BIO_printf(bio_out,"\n");
BIO_printf(bio_out,"\n");
//NSLog(@"Issuer name %@",X509_get_issuer_name(x509));
//Common Name
char peer_CN[256];
X509_NAME_get_text_by_NID(X509_get_subject_name(x509),NID_commonName, peer_CN, 256);
NSLog(@"Verify : comman name %s",peer_CN);
我希望这会有所帮助。
答案 1 :(得分:0)
创建一个内存BIO:
BIO *mem = BIO_new(BIO_s_mem());
//pass this mem BIO to hold the data
Extract the BUF_MEM structure from a memory BIO and then free up the BIO:
BUF_MEM *bptr;
BIO_get_mem_ptr(mem, &bptr);
BIO_set_close(mem, BIO_NOCLOSE); /* So BIO_free() leaves BUF_MEM alone */
char *buff = (char *)malloc(bptr->length); //converting BUF_MEM to Char *
memcpy(buff, bptr->data, bptr->length-1); //to be used later as you needed
buff[bptr->length-1] = 0;
NSLog(@"--------------------------->%s",buff);
BIO_free(mem);
buff可以在逻辑中进一步使用....希望这有助于:)