本文介绍了如何从PKCS7.p7b证书文件中读取证书文件usind openssl?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我得到PKCS7文件(p7b)。我想读取文件的内容并提取X509结构中的证书。
I am getting PKCS7 file (p7b). I want to read the content of the file and extract certificate in X509 structure.
如何使用openssl库从PKCS容器访问个人证书?
How can I access individual Certificate from the PKCS container using openssl library?
推荐答案
我使用了以下程序:
#include <stdio.h>
#include <openssl/pkcs7.h>
#include <openssl/x509.h>
#include <openssl/bio.h>
#include <openssl/pem.h>
int main(int argc, char **argv)
{
PKCS7 *p7 = NULL;
BIO *in = BIO_new(BIO_s_file());
BIO *out = BIO_new(BIO_s_file());
int der = 0; /* Input from DER or PEM ? */
int text = 0; /* Dump text or output PEM ? */
STACK_OF(X509) *certs = NULL;
int i;
CRYPTO_malloc_init(); \
ERR_load_crypto_strings();
OpenSSL_add_all_algorithms();
BIO_set_fp(out, stdout, BIO_NOCLOSE);
BIO_read_filename(in, argv[1]);
p7 = der ?
d2i_PKCS7_bio(in, NULL) :
PEM_read_bio_PKCS7(in, NULL, NULL, NULL);
i = OBJ_obj2nid(p7->type);
if(i == NID_pkcs7_signed) {
certs = p7->d.sign->cert;
} else if(i == NID_pkcs7_signedAndEnveloped) {
certs = p7->d.signed_and_enveloped->cert;
}
for (i = 0; certs && i < sk_X509_num(certs); i++) {
X509 *x = sk_X509_value(certs,i);
if(text) {
X509_print(out, x);
} else {
PEM_write_bio_X509(out,x);
}
}
}
$ c> openssl-1.0.0d / apps / pkcs7.c ,它很容易编译(在Linux或Mac OS X上)(如果你将它保存为readp7.c):
It's based on openssl-1.0.0d/apps/pkcs7.c and it's easily compiled (on Linux or Mac OS X) with (provided you save it as readp7.c):
gcc -o readp7 readp7.c -lcrypto
您可以使用openssl创建文件,并按如下所示读取它们:
You can create files with openssl and read them like this:
openssl crl2pkcs7 -nocrl -certfile a.crt -certfile b.crt -out test.p7b
./readp7 test.p7b
这篇关于如何从PKCS7.p7b证书文件中读取证书文件usind openssl?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!