rbrahmaa wrote: > > Hi All, > > I am entirely new to OpenSSL, 0% knowledge of this. > > My Requirement is to Parse the *.crt extension certificate and extract all > the details like issuer, public key,validity details,serial > no,OU,O,C,Signature Algorithm,subject and display same on the screen for > user through C++ programming. > > I tried searching in forum with old posts,i got some information like to > get "CN ,OU..." , you can use "X509_NAME * X509_get_issuer_name(X509 > *a);" or "X509_NAME * X509_get_subject_name(X509 *a);" > To get a serial number , you can use "ASN1_INTEGER * > X509_get_serialNumber(X509 *x);" > > But i did not get the information how to load my .crt extension > certificate and where to start. > > It will be helpful for me if you provide me some skeleton code,so that i > can move forward with your help and guidance. > > Thanks in advance to all. > > Awaiting your replies. > > Thank You. >
I have found my self the solution i have updated the code because for any guys who doesn't no anything about openssl usage and apis available will be helpful. NOte: Implementation details for function asn1time_to_timet() is available at http://www.opensource.apple.com/source/neon/neon-11/neon/src/ne_openssl.c // Maximum Cert Display length #define CERT_TEMP_BUFFER 1024 #define CERT_ISSU_SUBJ_SIZE 256 // pointer to x509 X509 *x509CertData = NULL; // file pointer FILE *pFile = NULL; QString dataCertificate; // buffer to holds the data extracted from certificate. char buf[ CERT_ISSU_SUBJ_SIZE ] = {0}; // Buffer holds the certificate details load from file. const unsigned char *crtDataTempPtr = NULL; // Holds the raw data extracted in buf QString issurer_subject_str; // Data used for display & initialized const char certDetails[] = "path to your certifacte/*.crt"; const char carrRet[] = "\n"; // length of the file size_t len = 0; // Open the certificate file to load the same. pFile = fopen( certDetails, "rb" ); if ( !pFile ) { dataCertificate.append( QDialog::tr( "No CertFile To Display" ) ); return ; } // obtain file size fseek (pFile , 0 , SEEK_END); len = ftell (pFile); rewind (pFile); if (len == 0) { fclose(pFile); dataCertificate.append( QDialog::tr( "Improper File Length: Zero" ) ); return ; } // Allocate the memory based on length of the cert std::auto_ptr< unsigned char > crtDataPtr( new unsigned char[ len ] ); crtDataTempPtr = crtDataPtr.get(); // copy the file into the buffer: len = fread ( (void *) crtDataTempPtr, 1, len, pFile); fclose(pFile); // Lods the certificate details into X509 object. if ( d2i_X509( &x509CertData, &crtDataTempPtr, len ) == NULL ) { dataCertificate.append( QDialog::tr( "Invalid X.509 Certificate" ) ); X509_free( x509CertData ); return; } // Get the certificate name details dataCertificate.append( QDialog::tr( "Certificate: " ) ); dataCertificate.append( QDialog::tr( "your certificate name") ); dataCertificate.append( carrRet ); // Get the version details // extracts the data from certificate unsigned int version = (unsigned int )X509_get_version( x509CertData ); // Appends the name of the component extracted dataCertificate.append( QDialog::tr( "Version: V" ) ); dataCertificate.append( QVariant( version ).toString() ); dataCertificate.append( carrRet ); // Get the serial number details // extracts the data from certificate ASN1_INTEGER * val = X509_get_serialNumber( x509CertData ); // Get the length of the data int length = ASN1_STRING_length(val); // Buffer holds the formatted serial number details unsigned char tempBuffer[ CERT_ISSU_SUBJ_SIZE ] = {0}; // Appends the name of the component extracted dataCertificate.append( QDialog::tr( "Serial No.: " ) ); dataCertificate.append( carrRet ); // Append the details formated in tempBuffer dataCertificate.append( ASN1_STRING_data( val ) ); dataCertificate.append( carrRet ); // Issuer details memset( buf, 0x00, sizeof( buf ) ); // extracts the data from certificate and updated in buf X509_NAME_oneline( X509_get_issuer_name( x509CertData ), buf, sizeof( buf ) ); // Appends the name of the component extracted dataCertificate.append( QDialog::tr( "Issuer: " ) ); dataCertificate.append( buf ); // Get the signature algo const char *sigalg = OBJ_nid2ln( OBJ_obj2nid( x509CertData->sig_alg->algorithm ) ); // Appends the name of the component extracted dataCertificate.append( QDialog::tr( "Signature Algorithm: " ) ); dataCertificate.append( carrRet ); // Appends the formated signature algo dataCertificate.append( sigalg ); dataCertificate.append( carrRet ); // Get Activation Date details // Appends the name of the component extracted dataCertificate.append( QDialog::tr( "Valid From: " ) ); dataCertificate.append( carrRet ); // Retrevie the Activation data details time_t cert_activation = asn1time_to_timet( X509_get_notBefore( x509CertData ) ); // Update time_t to struct tm struct tm* tmActivation = gmtime ( &cert_activation ); memset( buf, 0x00, sizeof( buf ) ); // Format the data ti buffer strftime( buf, sizeof( buf ), "%Y:%m:%d:%H:%M:%S", tmActivation ); // Appends the formated data. dataCertificate.append( buf ); dataCertificate.append( carrRet ); // Get Expiry Date details // Appends the name of the component extracted dataCertificate.append( QDialog::tr( "Valid To: " ) ); dataCertificate.append( carrRet ); // Retrevie the expiry data details time_t cert_expiry = asn1time_to_timet( X509_get_notAfter( x509CertData ) ); // Update time_t to struct tm struct tm* tmExpiry = gmtime ( &cert_expiry ); memset( buf, 0x00, sizeof( buf ) ); // Format the data ti buffer strftime( buf, sizeof( buf ), "%Y:%m:%d:%H:%M:%S", tmExpiry ); // Appends the formated data. dataCertificate.append( buf ); dataCertificate.append( carrRet ); // Get the subject details memset( buf, 0x00, sizeof( buf ) ); // extracts the data from certificate and updated in buf X509_NAME_oneline( X509_get_subject_name( x509CertData ), buf, sizeof( buf ) ); // Appends the name of the component extracted dataCertificate.append( QDialog::tr( "Subject: " ) ); dataCertificate.append( buf ); // Get Public Key EVP_PKEY *pubKey = X509_get_pubkey( x509CertData ); // fill the buffer with the formated data extracted unsigned char tempBufferGetKey[ CERT_TEMP_BUFFER + 1 ] = {0}; // fill the buffer with the formated data for display unsigned char tempBufferPrintKey[ CERT_TEMP_BUFFER + 1 ] = {0}; // Get the length of public key and convert pkey to bigindian int issuer_pubkey_len = BN_bn2bin( pubKey->pkey.rsa->n, tempBufferGetKey ); // Appends the name of the component extracted dataCertificate.append( QDialog::tr( "Public Key: " ) ); dataCertificate.append( carrRet ); // Append the public key details to output buffer. dataCertificate.append( (char *) tempBufferPrintKey ); dataCertificate.append( carrRet ); // Frees the X509 object X509_free( x509CertData ); // Frees the EVP_PKEY object EVP_PKEY_free( pubKey ); Thanks Reddy -- View this message in context: http://old.nabble.com/Parsing-the-.crt-extension-certificate-file-to-extract-the-details-tp32483646p32503793.html Sent from the OpenSSL - User mailing list archive at Nabble.com. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
