如何使用X509_verify() [英] How to use X509_verify()

问题描述

我们如何使用X509_verify().我有两个证书.第一个证书是签署下一个证书(即我的证​​书)的根证书.因此，我想使用C ++中的x509_verify()检查我的证书是否由根证书签名.我的目标是使代码简单易懂，以便我也可以将其放在网上.

How can we use X509_verify(). I have two certificates. The first certificate is the Root Certificate which signed the next certificate (which is my Certificate). So I want to check if my certificate is signed by the root certificate using x509_verify() in C++. My goal is to keep the code simple and Understandable so I can also put it online.

推荐答案

X509_verify的签名是

Signature of X509_verify is

 int X509_verify(X509 * x509, EVP_PKEY * pkey);

假设您在root中拥有根证书，而在mycert中具有证书；

Suppose of you have root certificate in root and your certificate in mycert;

   X509 * root;
   X509 * mycert;

//Get root certificate into root
//Get mycert into mycert.

//Get the public key.
EVP_PKEY * pubkey = X509_get_pubkey(root);

//verify. result less than or 0 means not verified or some error.
int result = X509_verify(mycert, pubkey);

//free the public key.
EVP_PKEY_free(pubkey);

我认为这会对您有所帮助.

I think this would help you.

这篇关于如何使用X509_verify()的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！