使用openSSL从X509_Extension获取电子邮件地址(主题备用名称的一部分) [英] Get email address (part of Subject Alternative Name) from a X509_Extension with openSSL
本文介绍了使用openSSL从X509_Extension获取电子邮件地址(主题备用名称的一部分)的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我有一个iOS应用程序试图从具有OpenSSL的证书中检索SAN.我被困在可以正确获得X509_Extension的部分(我可以检查X509_Extension中的数据,它包含电子邮件地址,并混合有许多其他数据).我不知道如何从X509_Extension中提取电子邮件地址.
I got a iOS application trying to retrieve SAN from a certificate with openSSL. I am stuck at the part that I can get the X509_Extension correctly(I can check the data in the X509_Extension and it contains the email address, mixed in a bunch of other data). I have no idea how to generally extract the email address from the X509_Extension.
任何人都可以帮忙吗?谢谢.以下是我的代码:
Can anyone help? Thanks. Following are my code:
int loc = X509_get_ext_by_NID(cert, NID_subject_alt_name, -1);
if (loc >= 0) {
X509_EXTENSION * ext = X509_get_ext(cert, loc);
//How to extract the email address from the ext?
}
推荐答案
Inspired by this thread I finally got it solved. FIY:
int loc = X509_get_ext_by_NID(cert, NID_subject_alt_name, -1);
if (loc >= 0) {
X509_EXTENSION * ext = X509_get_ext(cert, loc);
BUF_MEM *bptr = NULL;
char *buf = NULL;
BIO *bio = BIO_new(BIO_s_mem());
if(!X509V3_EXT_print(bio, ext, 0, 0)){
// error handling...
}
BIO_flush(bio);
BIO_get_mem_ptr(bio, &bptr);
// now bptr contains the strings of the key_usage, take
// care that bptr->data is NOT NULL terminated, so
// to print it well, let's do something..
buf = (char *)malloc( (bptr->length + 1)*sizeof(char) );
memcpy(buf, bptr->data, bptr->length);
buf[bptr->length] = '\0';
NSString *email = [NSString stringWithUTF8String:buf];
NSRange r1 = [email rangeOfString:@"email:"];
NSRange r2 = [email rangeOfString:@","];
NSRange rSub = NSMakeRange(r1.location + r1.length, r2.location - r1.location - r1.length);
NSString *email = [email substringWithRange:rSub];
}
这篇关于使用openSSL从X509_Extension获取电子邮件地址(主题备用名称的一部分)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文