i have n o t one idea what that means... i got out on this list by
accident or type-o I have no way of looking at any of the thousands of emails
i have rec'd and been able to find one thing i could understand..... please
HELP
-----Original Message-----
From: Gerhard Gappmeier <[EMAIL PROTECTED]>
To: openssl-users@openssl.org
Sent: Wed, 18 Jun 2008 1:09 am
Subject: Re: How to extract subjectAltName
Thanks for that tip.
It works now this way:
UaPkiCertificateInfo UaPkiCertificate::info() const
{
UaPkiCertificateInfo ret;
X509_EXTENSION *pExt;
char *pBuffer = 0;
int length = 0;
GENERAL_NAMES *subjectAltNames;
subjectAltNames = ( GENERAL_NAMES* ) X509_get_ext_d2i ( m_pCert,
NID_subject_alt_name, NULL, NULL );
if ( subjectAltNames )
{
int numalts;
int i;
/* get amount of alternatives, RFC2459 claims there MUST be at least
one, but we don't depend on it... */
numalts = sk_GENERAL_NAME_num ( subjectAltNames );
/* loop through all alternatives */
for ( i=0; ( i<numalts ); i++ )
{
/* get a handle to alternative name number i */
const GENERAL_NAME *pName = sk_GENERAL_NAME_value (
subjectAltNames, i );
switch ( pName->type )
{
case GEN_OTHERNAME:
break;
case GEN_EMAIL:
ASN1_STRING_to_UTF8((unsigned char**)&pBuffer,
pName->d.ia5);
ret.eMail = pBuffer;
OPENSSL_free(pBuffer);
break;
case GEN_DNS:
ASN1_STRING_to_UTF8((unsigned char**)&pBuffer,
pName->d.ia5);
ret.DNS = pBuffer;
OPENSSL_free(pBuffer);
break;
case GEN_X400:
break;
case GEN_DIRNAME:
break;
case GEN_EDIPARTY:
break;
case GEN_URI:
ASN1_STRING_to_UTF8((unsigned char**)&pBuffer,
pName->d.ia5);
ret.URI = pBuffer;
OPENSSL_free(pBuffer);
break;
case GEN_IPADD:
ASN1_STRING_to_UTF8((unsigned char**)&pBuffer,
pName->d.ia5);
ret.IP = pBuffer;
OPENSSL_free(pBuffer);
break;
case GEN_RID:
break;
}
}
}
return ret;
}
On Tuesday 17 June 2008 23:56:26 Goetz Babin-Ebell wrote:
> GeneralNames *names;
> STACK_OF(CONF_VALUE) *vals = sk_CONV_VALUE_new_null();
>
> names = X509_get_ext_d2i(cert, NID_subject_alt_name, NULL, NULL);
> if (names) {
> /* you now can use OpenSSL to transform the names into
> some printable format... */
> i2v_GENERAL_NAMES(NULL, names, vals);
> sk_GENERAL_NAME_pop_free(names, GENERAL_NAME_free);
> }
>
> for(int i = 0; i < sk_CONF_VALUE_num(vals); i++) {
> CONF_VALUE *conf = sk_CONF_VALUE_value(vals, i);
> ret.subjectAltName.appendNameValue(conf->name, conf->value);
> }
> sk_CONF_VALUE_pop_free(vals, CONF_VALUE_free);
--
mit freundlichen Grüßen / best regards
Gerhard Gappmeier
ascolab GmbH - automation system communication laboratory
Tel.: +49 9131 691 123
Fax: +49 9131 691 128
Web: http://www.ascolab.com
GPG-Key: http://www.ascolab.com/gpg/gg.asc
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
