On Monday May 23rd 2005 Angel Martinez Gonzalez wrote:
> I want to get the serial number from a certificate.
>
> ...
>
> FILE *fp;
> X509 *cert;
> int serialNumber;
> ASN1_INTEGER *bs;
>
> if (!(fp = fopen(CERTIFICADO_TTP, "r")))
> printf ("Error\n");
>
> if (!(cert = PEM_read_X509(fp, NULL, NULL, NULL)))
> printf ("Error\n");
> fclose(fp);
>
> bs = X509_get_serialNumber(cert);
>
> printf ("Serial number: %s \n", bs->data);
>
> What is wrong?. Thanks.
Nothing, but the serial number is basically an unformatted string of
bytes, that can theoretically be arbitrarily long. You have to "format"
it yourself. The following displays "short" (4 bytes or less) serial
numbers as "numerical" and others as hexadecimal; both include the sign:
char * SerialNumberFromASN1(ASN1_INTEGER *serial_number)
{
char buf[64];
string result;
long l;
int i;
const char *neg;
if (serial_number->length <= 4) {
l=ASN1_INTEGER_get(serial_number);
if (l < 0) {
l= -l;
neg ="-";
} else {
neg ="";
}
snprintf(buf, sizeof(buf),"%s%lu", neg, l);
#if 0
/* The OpenSSL format of 'openssl -x509 -text': */
snprintf(buf, sizeof(buf)," %s%lu (%s0x%lx)", neg, l, neg, l);
#endif
result = buf;
} else {
neg = (serial_number->type == V_ASN1_NEG_INTEGER) ? "-" :"";
snprintf(buf, sizeof(buf), "%s", neg);
result += buf;
for (i=0; i < serial_number->length; i++) {
sprintf(buf, "%02X%c", serial_number->data[i], ((i + 1
== serial_number->length) ? '\0' :':'));
result += buf;
}
}
return strdup(buf);
}
--
Marco Roeland
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [email protected]
Automated List Manager [EMAIL PROTECTED]
