Ger Hobbelt wrote:
Depends on what you consider 'parse': check out the sample source in
apps/x509.c and apps/asn1parse.c, among others.
Also check out the X509_get_....() functions documentation (and for
actually parsing a cert, there's PEM_read_bio_X509_AUX(), for
example).
For a completely different approach, you might examine certificateValidate()
in the OpenLDAP source code.
http://www.openldap.org/devel/cvsweb.cgi/~checkout~/servers/slapd/schema_init.c
It uses the OpenLDAP liblber to parse an X.509 certificate. Since we now
support GnuTLS and MozillaNSS in addition to OpenSSL, I decided it was better
to use our own ASN.1 library instead of the OpenSSL-specific functions we used
to use. Our code does pretty minimal actual validation checks, but it shows
you how to get at the individual fields if you want to inspect them yourself.
As Ger implied, "parse" can mean a lot of different things.
On Wed, Mar 18, 2009 at 4:22 PM, Vinod Chaudhary
<[email protected]> wrote:
Hi,
I want to parse the x509 certficate in my application using the openssl API
not the command line tool.
Can anybody help me ?
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [email protected]
Automated List Manager [email protected]
