在iOS中使用Openssl解析X509证书,加入openssl的库文件,头文件,传入X509证书结构,代码如下:
-(NSString *)tGetX509Info:(X509 *)cerfilepath withoption:(NSInteger)Number
{
NSMutableString *certInfo = [[NSMutableString alloc]init];
NSMutableString *certCN = [[NSMutableString alloc]init];
_serialNumber = [[NSMutableString alloc]init];
_allCertsList = [[NSMutableString alloc]init];
X509 *x509Cert = cerfilepath; //X509证书结构体
unsigned char *pTmp = NULL;
X509_NAME *issuer = NULL; //X509_NAME结构体,保存证书颁发者信息
X509_NAME *subject = NULL; //X509_NAME结构体,保存证书拥有者信息
int i;
int entriesNum;
X509_NAME_ENTRY *name_entry;
ASN1_INTEGER *Serial = NULL; //保存证书序列号
long Nid;
ASN1_TIME *time; //保存证书有效期时间
EVP_PKEY *pubKey; //保存证书公钥
long Version; //保存证书版本
unsigned char derpubkey[1024];
//int derpubkeyLen;
unsigned char msginfo[1024];
int msginfoLen;
//打印整个X509结构信息
//int ret;
BIO *b;
b= BIO_new ( BIO_s_file ());
BIO_set_fp (b, stdout , BIO_NOCLOSE );
// 把 X509 结构打印输出到文件 BIO
//X509_print (b,x509Cert);
// 释放流
BIO_free (b);
Version = X509_get_version(x509Cert); //获取证书版本
//printf("X509 Version:%ld\n",Version);
//获取证书颁发者信息,X509_NAME结构体保存了多项信息,包括国家、组织、部门、通用名、mail等。
issuer = X509_get_issuer_name(x509Cert);
entriesNum = sk_X509_NAME_ENTRY_num(issuer->entries); //获取X509_NAME条目个数
//循环读取各条目信息
for(i=0;i<entriesNum;i++)
{
//获取第I个条目值
name_entry = sk_X509_NAME_ENTRY_value(issuer->entries,i);
//获取对象ID
Nid = OBJ_obj2nid(name_entry->object);
msginfoLen=name_entry->value->length;
memcpy(msginfo,name_entry->value->data,msginfoLen);
msginfo[msginfoLen]='\0';
//根据NID打印出信息
// NSLog(@"issuer type is %d",name_entry->value->type);
switch(Nid)
{
case