Geek Answers Handbook

ASN1_INTEGER - ASN1_STRING

I am using openssl to get x509 certificate information. Is there a way to convert ASN1_INTEGER to ASN1_STRING, which can be easily converted to a char array? Is there a way to convert it to any other human readable format?

EDIT: I am using openssl compiled for iOS since I have an iOS project. Here is the code I use to extract the serial number from the certificate:

ASN1_INTEGER *serial = X509_get_serialNumber(certificateX509); long value = ASN1_INTEGER_get(serial); NSLog(@"Serial %ld", value);

certificateX509 is a valid X509 object, and I managed to get other fields from it (issuer name, expiration date, etc.)

EDIT 2:
I finally came up with a solution that might not be the easiest:

  ASN1_INTEGER *serial = X509_get_serialNumber(certificateX509); BIGNUM *bnser = ASN1_INTEGER_to_BN(serial, NULL); int n = BN_num_bytes(bnser); unsigned char outbuf[n]; int bin = BN_bn2bin(bnser, outbuf); char *hexbuf = (char*) outbuf;

hexBuf then contains characters whose value must be read as a hexadecimal integer to get boolean values. I use NSMutableString to create a user-readable string:

 NSMutableString *str = [[NSMutableString alloc] init]; for (int i=0; i<n; i++) { NSString *temp = [NSString stringWithFormat:@"%.6x", hexbuf[i]]; [str appendString:[NSString stringWithFormat:@"%@ ", temp]]; }

If there is an easier way, I would really like to know.

+7
source share
4 answers

Finally, I came up with a solution that might not be the easiest:

  ASN1_INTEGER *serial = X509_get_serialNumber(certificateX509); BIGNUM *bnser = ASN1_INTEGER_to_BN(serial, NULL); int n = BN_num_bytes(bnser); unsigned char outbuf[n]; int bin = BN_bn2bin(bnser, outbuf); char *hexBuf = (char*) outbuf;

hexBuf then contains characters whose value must be read as a hexadecimal integer to get boolean values. I use NSMutableString to create a user-readable string:

  NSMutableString *str = [[NSMutableString alloc] init]; for (int i=0; i<n; i++) { NSString *temp = [NSString stringWithFormat:@"%.6x", hexbuf[i]]; [str appendString:[NSString stringWithFormat:@"%@ ", temp]]; }
+2
source

Converting ascii hex is easier to do with the built-in function BN_bn2hex (BIGNUM *)

 ASN1_INTEGER *serial = X509_get_serialNumber(certificateX509); BIGNUM *bnser = ASN1_INTEGER_to_BN(serial, NULL); char *asciiHex = BN_bn2hex(bnser);
+10
source

One possibility is that you can extract the value of ASN1_INTEGER as a normal C integer:

 #include <openssl/asn1.h> #include <stdio.h> int main(int argc, char** argv) { long value; ASN1_INTEGER asn1int = {0}; ASN1_INTEGER_set(&asn1int, 42); value = ASN1_INTEGER_get(&asn1int); printf("The value is %ld.\n", value); return 0; }

Compiled as follows:

 gcc -Wall -o sploots sploots.c -lcrypto

outputs the result:

 The value is 42.

To have a string value in a char array, use snprintf .

I suspect that there is also the possibility of using BIO printing procedures to reset a value to a BIO (possibly a BIO memory). However, this approach seems simpler.

As I came up with this answer, I looked at the OpenSSL headers for ASN1_INTEGER. Having examined the appropriate APIs for a BIO-based solution, I noticed the function ASN1_INTEGER_get.

Looking around the OpenSSL header files, as a rule, I will learn how to use OpenSSL, since most of the APIs are undocumented or incorrect or not fully documented.

+5
source

If you just need a readable NSString, BN_bn2dec more consize than BN_bn2hex or BN_bn2bin .
No need to bother with hexadecimal encoding.

Here is my way, in iOS / ObjC, using the pod 'OpenSSL-Universal', '1.0.2.10' :

 ASN1_INTEGER *serialAsn1 = X509_get_serialNumber(certX509); BIGNUM *serialBigNumber = ASN1_INTEGER_to_BN(serialAsn1, NULL); char *serialChar = BN_bn2dec(serialBigNumber); NSString *serialString = [NSString stringWithCString:(const char *) serialChar encoding:NSUTF8StringEncoding];

Greetings.

+1
source

More articles:


All Articles