当前位置: 首页 > news >正文

openssl编程之x509证书信息解析

news 2025/10/1 5:59:00

image

// 从文件加载证书
X509* load_certificate_from_file(const char* filename) {BIO* bio = BIO_new_file(filename, "r");if (!bio) {fprintf(stderr, "Error opening certificate file: %s\n", filename);return NULL;}X509* cert = PEM_read_bio_X509(bio, NULL, NULL, NULL);BIO_free(bio);if (!cert) {fprintf(stderr, "Error reading certificate from: %s\n", filename);}return cert;
}void print_certificate_details(X509* cert) {if (!cert) {fprintf(stderr, "Invalid certificate pointer\n");return;}printf("\n=== 证书详细信息 ===\n");// 1. 版本信息printf("1. 版本: X509v%d\n", X509_get_version(cert) + 1);// 2. 序列号ASN1_INTEGER* serial = X509_get_serialNumber(cert);if (serial) {BIGNUM* bn = ASN1_INTEGER_to_BN(serial, NULL);if (bn) {char* serial_str = BN_bn2dec(bn);printf("2. 序列号: %s\n", serial_str);OPENSSL_free(serial_str);BN_free(bn);}}// 3. 签名算法printf("3. 签名算法: ");const ASN1_OBJECT* sig_alg_obj = X509_get0_tbs_sigalg(cert)->algorithm;char sig_alg_buf[128];OBJ_obj2txt(sig_alg_buf, sizeof(sig_alg_buf), sig_alg_obj, 1);printf("%s\n", sig_alg_buf);// 4. 颁发者信息printf("4. 颁发者:\n");X509_NAME* issuer = X509_get_issuer_name(cert);if (issuer) {for (int i = 0; i < X509_NAME_entry_count(issuer); i++) {X509_NAME_ENTRY* entry = X509_NAME_get_entry(issuer, i);ASN1_OBJECT* obj = X509_NAME_ENTRY_get_object(entry);ASN1_STRING* data = X509_NAME_ENTRY_get_data(entry);char obj_buf[128];OBJ_obj2txt(obj_buf, sizeof(obj_buf), obj, 0);unsigned char* data_str = NULL;int len = ASN1_STRING_to_UTF8(&data_str, data);if (len > 0) {printf("   %s: %s\n", obj_buf, data_str);OPENSSL_free(data_str);}}}// 5. 有效期printf("5. 有效期:\n");ASN1_TIME* not_before = (ASN1_TIME*)X509_get0_notBefore(cert);ASN1_TIME* not_after =(ASN1_TIME*) X509_get0_notAfter(cert);if (not_before) {BIO* bio = BIO_new(BIO_s_mem());ASN1_TIME_print(bio, not_before);char time_buf[256];int len = BIO_read(bio, time_buf, sizeof(time_buf) - 1);time_buf[len] = '\0';printf("   生效时间: %s\n", time_buf);BIO_free(bio);}if (not_after) {BIO* bio = BIO_new(BIO_s_mem());ASN1_TIME_print(bio, not_after);char time_buf[256];int len = BIO_read(bio, time_buf, sizeof(time_buf) - 1);time_buf[len] = '\0';printf("   过期时间: %s\n", time_buf);BIO_free(bio);}// 6. 主体信息printf("6. 主体:\n");X509_NAME* subject = X509_get_subject_name(cert);if (subject) {for (int i = 0; i < X509_NAME_entry_count(subject); i++) {X509_NAME_ENTRY* entry = X509_NAME_get_entry(subject, i);ASN1_OBJECT* obj = X509_NAME_ENTRY_get_object(entry);ASN1_STRING* data = X509_NAME_ENTRY_get_data(entry);char obj_buf[128];OBJ_obj2txt(obj_buf, sizeof(obj_buf), obj, 0);unsigned char* data_str = NULL;int len = ASN1_STRING_to_UTF8(&data_str, data);if (len > 0) {printf("   %s: %s\n", obj_buf, data_str);OPENSSL_free(data_str);}}}// 7. 公钥信息printf("7. 公钥信息:\n");EVP_PKEY* pkey = X509_get_pubkey(cert);if (pkey) {int type = EVP_PKEY_id(pkey);printf("   算法: %s\n", OBJ_nid2ln(type));int bits = EVP_PKEY_bits(pkey);printf("   密钥长度: %d bits\n", bits);EVP_PKEY_free(pkey);}// 8. 扩展信息printf("8. 扩展信息:\n");int ext_count = X509_get_ext_count(cert);for (int i = 0; i < ext_count; i++) {X509_EXTENSION* ext = X509_get_ext(cert, i);ASN1_OBJECT* obj = X509_EXTENSION_get_object(ext);char ext_buf[128];OBJ_obj2txt(ext_buf, sizeof(ext_buf), obj, 0);printf("   %s", ext_buf);// 显示关键扩展if (X509_EXTENSION_get_critical(ext)) {printf(" (关键)");}printf("\n");// 显示特定扩展的详细信息if (OBJ_obj2nid(obj) == NID_subject_alt_name) {printf("     主题备用名称: ");BIO* bio = BIO_new(BIO_s_mem());//X509V3_EXT_print(bio, ext, 0, 0);//nmflag(名称显示标志)X509_print_ex(bio, cert, XN_FLAG_COMPAT , X509_FLAG_NO_EXTENSIONS);char ext_info[1024];int len = BIO_read(bio, ext_info, sizeof(ext_info) - 1);if (len > 0) {ext_info[len] = '\0';printf("%s", ext_info);}BIO_free(bio);printf("\n");}}// 9. 证书指纹printf("9. 指纹:\n");unsigned char md[EVP_MAX_MD_SIZE];unsigned int len;if (X509_digest(cert, EVP_sha1(), md, &len)) {printf("   SHA-1: ");for (unsigned int i = 0; i < len; i++) {printf("%02X", md[i]);if (i < len - 1) printf(":");}printf("\n");}if (X509_digest(cert, EVP_sha256(), md, &len)) {printf("   SHA-256: ");for (unsigned int i = 0; i < len; i++) {printf("%02X", md[i]);if (i < len - 1) printf(":");}printf("\n");}printf("=== 证书信息结束 ===\n\n");
}int openssl_rsa() {X509 *x509=load_certificate_from_file("ca.crt");print_certificate_details(x509);return 0;
}
http://www.sczhlp.com/news/50052/

相关文章:

  • 动易门户网站价格产品网络推广的方法有哪些
  • 做网站可以设账户吗苏州建网站哪个好
  • 网页打不开建设银行网站技术支持 上海做网站
  • zencart 网站换域名网站如何做容易收录
  • 网站安全建设方案金华建站价格
  • 安卓端网站开发ide新公司简介模板范文
  • 推广 高端网站建设住房和城乡建设部网站 城市绿地分类
  • 网站文件解压农业网站建设模板
  • 没有网站怎么做CPC网站图片分辨率
  • 短信营销平台seo怎么去优化
  • c 做的网站好用的h5网站模板下载
  • 无极平台网站河南省建设厅官网查询
  • 扭曲语言模型修正语音识别错误技术解析
  • pygame小游戏飞机大战_15子弹和飞机的碰撞
  • CF407
  • 2025年流程行业五大PLM厂商(供应商)深度推荐报告
  • 网站建设和网络营销新安网站建设
  • 定制网站建设济南申请域名的流程
  • 学做网站要学什么东西wordpress设置视频图片
  • 网站如何做sem推广怎么制作网站教程图片
  • 老河口网站定制免费网站推广工具
  • 网站后台管理系统怎么做的软件培训班学费多少
  • 也买酒技术网站建设搬家公司电话附近
  • 为什么要做企业网站杭州住房建设部官方网站
  • 金融股票类app网站开发精准营销理论
  • Java 结合 Tesseract OCR 实现验证码识别
  • 九运项目宝 vs Notion:轻量化协作与全能型平台的选择
  • 2025年人工智能与数字治理国际研讨会 (AIDG 2025)
  • 从慕尼黑街头的伪装车,看汽车背后的“千锤百炼”
  • 深入解析Web应用安全与XSS防御策略