如何将X509 *证书转换为STACK_OF(X509_NAME) [英] How to Convert `X509 *`Certificate to `STACK_OF(X509_NAME)`
问题描述
如何将X509 *
证书转换为STACK_OF(X509_NAME)
需要将此STACK_OF(X509_NAME)
传递给openssl api ENGINE_load_ssl_client_cert
Need to pass this STACK_OF(X509_NAME)
to openssl api ENGINE_load_ssl_client_cert
推荐答案
我需要将
STACK_OF(X509_NAME)
传递给ENGINE_load_ssl_client_cert
...
I need to pass
STACK_OF(X509_NAME)
toENGINE_load_ssl_client_cert
...
您没有给我们太多帮助.尚不清楚您的问题是什么,因此很难说出您应该做些什么.
You have not given us much to work with. Its not clear what your problem is, so its hard to say what you should be doing differently.
开始在<openssl src dir>/ssl/s3_clnt.c
中跟踪OpenSSL的代码:
Start tracing OpenSSL's code in <openssl src dir>/ssl/s3_clnt.c
:
int ssl_do_client_cert_cb(SSL *s, X509 **px509, EVP_PKEY **ppkey)
{
int i = 0;
#ifndef OPENSSL_NO_ENGINE
if (s->ctx->client_cert_engine) {
i = ENGINE_load_ssl_client_cert(s->ctx->client_cert_engine, s,
SSL_get_client_CA_list(s),
px509, ppkey, NULL, NULL, NULL);
if (i != 0)
return i;
}
#endif
if (s->ctx->client_cert_cb)
i = s->ctx->client_cert_cb(s, px509, ppkey);
return i;
}
如您所见,它需要一堆X509
,而不是X509_NAME
.我从来没有花费大量的时间来处理ENGINE代码,所以我不确定接下来会发生什么.
As you can see, it takes a stack of X509
, not X509_NAME
. I've never spent any significant time working with the ENGINE code, so I'm not sure what happens next.
您可能还对OpenSSL Wiki上的 STACK API 感兴趣.
You might also be interested in STACK API on the OpenSSL wiki.
最后,您可能会对其他热门歌曲感兴趣.我惊讶地发现其中一个应用没有 热门歌曲.
Finally, there are some other hits you may b interested in. I was kind of surprised to see there were no hits in one of the apps.
$ grep -IR ENGINE_load_ssl_client_cert *
crypto/engine/eng_err.c: "ENGINE_load_ssl_client_cert"},
crypto/engine/eng_pkey.c:int ENGINE_load_ssl_client_cert(ENGINE *e, SSL *s,
crypto/engine/engine.h:int ENGINE_load_ssl_client_cert(ENGINE *e, SSL *s,
ssl/s3_clnt.c: i = ENGINE_load_ssl_client_cert(s->ctx->client_cert_engine, s,
util/libeay.num:ENGINE_load_ssl_client_cert 4046 EXIST::FUNCTION:ENGINE
这篇关于如何将X509 *证书转换为STACK_OF(X509_NAME)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!