Get Serial number from a cert

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Get Serial number from a cert

Angel Martinez Gonzalez
Hello:

I want to get the serial number from a certificate.

I use this function: X509_get_serialNumber().

This function returns a ASN1_INTEGER struct, with the field length, type,
data and flag. I suppose that the serial number is stored in the data field
of the struct. But I canĀ“t get it.

My code is the following:

 char *CERTIFICADO_TTP = "cacert.pem";
 FILE *fp;
 X509 *cert;
 int serialNumber;
 ASN1_INTEGER *bs;

 if (!(fp = fopen(CERTIFICADO_TTP, "r")))
  printf ("Error\n");

 if (!(cert = PEM_read_X509(fp, NULL, NULL, NULL)))
  printf ("Error\n");
 fclose(fp);

 bs = X509_get_serialNumber(cert);

  printf ("Serial number: %s \n", bs->data);

What is wrong?. Thanks.

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Get Serial number from a cert

Marco Roeland
On Monday May 23rd 2005 Angel Martinez Gonzalez wrote:

> I want to get the serial number from a certificate.
>
> ...
>
>  FILE *fp;
>  X509 *cert;
>  int serialNumber;
>  ASN1_INTEGER *bs;
>
>  if (!(fp = fopen(CERTIFICADO_TTP, "r")))
>   printf ("Error\n");
>
>  if (!(cert = PEM_read_X509(fp, NULL, NULL, NULL)))
>   printf ("Error\n");
>  fclose(fp);
>
>  bs = X509_get_serialNumber(cert);
>
>   printf ("Serial number: %s \n", bs->data);
>
> What is wrong?. Thanks.

Nothing, but the serial number is basically an unformatted string of
bytes, that can theoretically be arbitrarily long. You have to "format"
it yourself. The following displays "short" (4 bytes or less) serial
numbers as "numerical" and others as hexadecimal; both include the sign:

char * SerialNumberFromASN1(ASN1_INTEGER *serial_number)
{
        char buf[64];
        string result;
        long l;
        int i;
        const char *neg;
        if (serial_number->length <= 4) {
                l=ASN1_INTEGER_get(serial_number);
                if (l < 0) {
                        l= -l;
                        neg ="-";
                } else {
                        neg ="";
                }
                snprintf(buf, sizeof(buf),"%s%lu", neg, l);
#if 0
                /* The OpenSSL format of 'openssl -x509 -text': */
                snprintf(buf, sizeof(buf)," %s%lu (%s0x%lx)", neg, l, neg, l);
#endif
                result = buf;
        } else {
                neg = (serial_number->type == V_ASN1_NEG_INTEGER) ? "-" :"";
                snprintf(buf, sizeof(buf), "%s", neg);
                result += buf;
                for (i=0; i < serial_number->length; i++) {
                        sprintf(buf, "%02X%c", serial_number->data[i], ((i + 1 == serial_number->length) ? '\0' :':'));
                        result += buf;
                }

        }
        return strdup(buf);
}
--
Marco Roeland
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]