个人中心
gpt4 book ai didi

openssl - 请告诉我如何在 x.509 中打印扩展名的值

转载 作者:行者123 更新时间:2023-12-01 12:59:13 25 4
gpt4 key购买 nike 

HTML语言: Codee#23000

我的 x.509 的用户扩展定义如下: 
    X509v3 extensions:
        X509v3 Basic Constraints: 
            CA:FALSE
        Netscape Comment: 
            OpenSSL Generated Certificate
        X509v3 Subject Key Identifier: 
            D8:F0:12:EA:0D:67:55:96:C9:8E:A4:36:9E:62:84:7F:6F:41:0C:DB
        X509v3 Authority Key Identifier: 
            keyid:C4:33:98:59:50:6B:CC:48:5A:4A:D7:5B:C0:A7:7C:37:DE:15:24:33

        SEwVersion: 
            ..0.2
        SEww: 
            ..0X5699

请告诉我如何提取extensions的值并以ascii字符串方式打印在屏幕上,即我们可以正常识别它们,就像:

*打印格式* 
        X509v3 Basic Constraints: 
            CA:FALSE
        Netscape Comment: 
            OpenSSL Generated Certificate
        X509v3 Subject Key Identifier: 
            D8:F0:12:EA:0D:67:55:96:C9:8E:A4:36:9E:62:84:7F:6F:41:0C:DB
        X509v3 Authority Key Identifier: 
            keyid:C4:33:98:59:50:6B:CC:48:5A:4A:D7:5B:C0:A7:7C:37:DE:15:24:33
        SEVersion: 
            0.2  // no prefix like ".."
        SE: 
            0X5699  // no prefix like ".."

另一个问题是: 
        SEwVersion: 
            ..0.2
        SEww: 
            0...version..0X5699

那么我如何获取并打印到这样的屏幕: 
        SEwVersion: 
            0.2 //no prefix ".."
        SEww: 
            version 0X5699// no "..."and ".."

和我的代码如下: 
int Ext_count = X509_get_ext_count(cert);
for (int k=0; k <Ext_count; k++ ){
    X509_EXTENSION* ex = X509_get_ext(cert, k);
    if( ex == NULL )
        continue;
    OBJ_obj2txt((char *)buf, 100, ex->object, 0);
    printf("name = %s\n", buf);        
    if (k>=Ext_count-2)
          //I distinguish basic extensions and my added extensions like this , so it is not good methode, please tell me how to ...
    {
        ASN1_OCTET_STRING* octet_str = X509_EXTENSION_get_data(ex);
        const unsigned char* octet_str_data = octet_str->data;
        long xlen;
        int tag, xclass;
        int ret = ASN1_get_object(&octet_str_data, &xlen, &tag, &xclass, octet_str->length);
        printf("value: %s\n", octet_str_data);
    }
    else
    {
        BIO *bio = BIO_new(BIO_s_mem());
        if(!X509V3_EXT_print(bio, ex, 0, 0)) // read the text of this    extention
            M_ASN1_OCTET_STRING_print(bio,ex->value);
        len = BIO_read(bio, buf, 200);// here buffer contain    the text, len the lenght of it.
        buf[len] = '\0'; // add the EOT sign, buffer    contain a readable text.
        BIO_free(bio);
        printf("value = %s\n", buf);
    }

非常感谢您提前提供的帮助。

最佳答案

这是从某个证书读取和打印授权 key ID 的示例:

FILE *arq = fopen("<path to your certificate in PEM format>","rw");
int next;
X509 *cert; 
cert = PEM_read_X509(arq,NULL,NULL, NULL);
X509_EXTENSION *ext;
next = X509_get_ext_count(cert);
for (int i=0;i<next;i++)
{
    ext = X509_get_ext(cert, i);
    int nid = OBJ_obj2nid(ext->object);
    if(nid == NID_authority_key_identifier)
    {
        AUTHORITY_KEYID *authKeyId = (AUTHORITY_KEYID *)X509V3_EXT_d2i(ext);
        //converting to hex
        std::string data;
        char *hex_data = new char[authKeyId->keyid->length*2 +1];

        int j = 0;
        for(int i = 0; i < authKeyId->keyid->length; i++)
        {
            sprintf(&hex_data[j], "%02X", authKeyId->keyid->data[i]);
            j+=2;
        }
        hex_data[j] = '\0';
        data = hex_data;
        delete[] hex_data;
        cout << "Authority Key Id: " << data << endl;

    }
}

关于openssl - 请告诉我如何在 x.509 中打印扩展名的值,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/7675455/

25 4 0
文章推荐: RichTextBox 中的 Silverlight 滚动
文章推荐: java - JLabel:重音字母问题
文章推荐: dependency-injection - 模拟问题和依赖注入(inject)
文章推荐: asp.net - ApplicationClass Documents.Open 为 64 位系统上的 ASP.NET 站点返回 null
行者123
个人简介

我是一名优秀的程序员,十分优秀!

滴滴打车优惠券免费领取
滴滴打车优惠券
全站热门文章
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com