如何以编程方式从证书提取信息? [英] How to programmatically extract information from certificate?
问题描述
我有一个生成的证书,但我想能够从证书中提取信息,例如国家,有效性,公共密钥等。我必须将从证书中检索的信息与我在C程序中存储的其他信息进行比较。
I have a generated a certificate, but I would like to be able to extract the information from the certificate, as for example the country, the validity, the public key and so on. I have to compare this information retrived from the certificate with some other that I have stored in my C programe.
我知道如果我使用这样的函数,它会打印我的证书信息:
I know that if I use a function like this it will print me the certificate information:
void print_certificate(const char* cert)
{
X509 *x509 = NULL;
BIO *i = BIO_new(BIO_s_file());
BIO *o = BIO_new_fp(stdout,BIO_NOCLOSE);
if((BIO_read_filename(i, cert) <= 0) ||
((x509 = PEM_read_bio_X509_AUX(i, NULL, NULL, NULL)) == NULL)) {
printf("Bad certificate, unable to read\n");
}
X509_print_ex(o, x509, XN_FLAG_COMPAT, X509_FLAG_COMPAT);
if(x509)
X509_free(x509);
}
但我想要的只是那些信息的一些部分。如何做?
But what I want is only some parts of that information. how can it be done?
感谢
推荐答案
c $ c> grep _get_ /usr/include/openssl/x509.h
try grep _get_ /usr/include/openssl/x509.h
这里有一些您可能会觉得有用的东西:
here are some things you may find useful:
EVP_PKEY * X509_get_pubkey(X509 *x);
#define X509_CRL_get_issuer(x) ((x)->crl->issuer)
#define X509_get_notBefore(x) ((x)->cert_info->validity->notBefore)
#define X509_get_notAfter(x) ((x)->cert_info->validity->notAfter)
b $ b
也请检查源代码 t_x509.c ,其中包含 X509_print_ex
。这可能是最有用的。
Also check the source code for t_x509.c which contains X509_print_ex
. This will probably be most useful.
这篇关于如何以编程方式从证书提取信息?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!