我正在尝试解析x509v3证书。我已经拼凑了如何获得我需要的所有部分,除了主题替代名称中的URI字段。我有以下代码。当我在配置文件中更改我的主题alt名称字段时,我用来创建我的测试证书,我看到对count,SA和Type输出的适当更改,因此它似乎在SA URI的右侧区域中读取。但是,我的SA输出总是显示为“1”,所以它似乎不是正确的结构成员,因为我的URI字段中有一个名称。
从证书文本输出(通过openssl命令):
X509v3 Subject Alternative Name:
URI:ThisIsTheUri, email:foo@bar.com
守则:
GENERAL_NAMES* subjectAltNames =
(GENERAL_NAMES*)X509_get_ext_d2i(&certificate, NID_subject_alt_name, NULL, NULL);
boost::int32_t altNameCount = sk_GENERAL_NAME_num(subjectAltNames);
std::cout << "Alt Name Count: " << altNameCount << "." << std::endl;
for (boost::int32_t i = 0; i < altNameCount; ++i)
{
GENERAL_NAME* generalName = sk_GENERAL_NAME_value(subjectAltNames, i);
if (generalName->type == GEN_URI)
{
subjectAltName = std::string(reinterpret_cast<char*>(generalName->d.ia5->data));
// subjectAltName should be "ThisIsTheUri", but is "1".
std::cout << "SA: '" << subjectAltName << "'." << std::endl;
}
else
{
std::cout << "Type: '" << generalName->type << "'." << std::endl;
}
}
答案 0 :(得分:2)
诀窍是使用ASN1_STRING_data()和ASN1_STRING_length()来提取ia5字符串:
std::string(reinterpret_cast<char*>(ASN1_STRING_data(generalName->d.uniformResourceIdentifier)),
ASN1_STRING_length(generalName->d.uniformResourceIdentifier));