> From: owner-openssl-us...@openssl.org On Behalf Of praveenpvs > Sent: Sunday, 19 February, 2012 23:15
> I am new to OPENSSL. I have a certificate, i need to extract > public key and > serial number from it. I know the command to do that, but i > wanted to use > api in my application. <snip> > Could you please help me with the corresponding apis for > these two commands? > OpenSSL's X509_* module is mostly older code and does not have a full opaque API as some more recent modules do. You first get the cert into a variable of type X509 which is actually struct x509_st declared in x509.h. Actually your code uses a pointer to such a struct which is allocated and deallocated by OpenSSL calls. For a cert in a PEM-format file, which is what your commandlines used, PEM_read_X509 declared in pem.h reads it in and creates the X509. For other input formats there are other options. Then just use fields from the struct as needed. myx509->cert_info->serialNumber is the serial and myx509->cert_info->key is the subjectPublicKeyInfo. Note these are in internal formats: serialNumber is an ASN1_INTEGER which can be converted with ASN1_* routines to (or from) other numeric or text forms; key is another struct containing an AlgorithmIdentifier (containing an OID and possibly but rarely parameters) and a BIT STRING which in turn contains the encoding of the actual key in a format dependent on the type of key. What you do with these depends on what you want to do. When you're done, x509_free() the pointer. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
