X509_ALGOR sig_alg; 签名算法 ASN1_BIT_STRING signature; 签名值 X509_SIG_INFO siginf; CRYPTO_REF_COUNT references; 引用次数,被引用一次则加一 CRYPTO_EX_DATA ex_data; 扩展数据结构,用于存放用户自定义的信息 long ex_pathlen; 证书路径长度,对应扩展项为NID_basic_constraints long ex_pcpathlen; uin...
int X509_REQ_set_version(X509_REQ *x,long version); int X509_REQ_set_subject_name(X509_REQ *req,X509_NAME*name); int X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey); EVP_PKEY * X509_REQ_get_pubkey(X509_REQ *req); X509_REQ_extract_key(a) int X509_REQ_verify(X509_REQ *a,...
X509_REQ结构的设置、读取、打印和比较;数字证书的验证、摘要;各种公钥的导入导出等功能。x509v3目录主要实现了数字证书扩展项相关的函数。26.3 X509数据结构 该结构定义在crypto/x509.h中,如下:typedef struct x509_cinf_st { ASN1_INTEGER *version; /* 版本*/ ASN1_INTEGER *serialNumber; /* 序列号*/...
OpenSS/ X509系列之4-证书请求的扩展项操作【扩展项操作函数】这些函数主要是对证书的请求的扩展项进行读取与设置操作,int X509_REQ_extension_nid(int nid);int * X509_REQ_get_extension_nids(void);void X509_REQ_set_extension_nids(int *nids);STACK_OF(X509_EXTENSION) *X509_REQ_get_extensions(X509_...
signature:签名值,存放CA对该证书采用sig_alg算法签名的结果; valid:是否是合法证书,1为合法,0为未知; references:引用次数,被引用一次则加一; name:证书持有者信息,内容形式为/C=CN/O=ourinfo……,该内容在调用d2i_X509 的过程中,通过回调函数x509_cb(crypto/asn1/x_x509.c)调用X509_NAME_oneline来设置; ...
我想使证书成为证书颁发机构(CA),所以我想在CSR中添加基本约束扩展。我目前正在使用以下代码add_ext(exts, x509_req, NID_basic_constraints, "critical;sk_X509_EXTENSION_pop_free(exts, X509_EXTENSION_free); 添加扩展函数如下所示::Logging::LOG_LEVE ...
void X509_REQ_set_extension_nids(int *nids); STACK_OF(X509_EXTENSION) *X509_REQ_get_extensions(X509_REQ *req); int X509_REQ_add_extensions_nid(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts,int nid); int X509_REQ_add_extensions(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts); 【...
tbsGen.setSignature(sigAlg); if (!extGenerator.isEmpty()) tbsGen.setExtensions(extGenerator.generate()); 代码示例来源:origin: igniterealtime/Openfire ); final ExtensionsGenerator extGen = new ExtensionsGenerator(); extGen.addExtension(Extension.subjectAlternativeName, false, subjectAltNames); csrBu...
BIO_printf(bio_err,"Signature ok\n"); print_name(bio_err, "subject=", X509_REQ_get_subject_name(req), nmflag); if ((x=X509_new()) == NULL) goto end; ci=x->cert_info; if (sno == NULL) { sno = ASN1_INTEGER_new(); ...
/* Check version and signature NID. */ ver_long = X509_ACERT_get_version(x509); ExpectIntEQ(ver_long, 1); ver = wolfSSL_X509_ACERT_version(x509); ExpectIntEQ(ver, 2); nid = X509_ACERT_get_signature_nid(x509); if (is_rsa_pss) { ExpectIntEQ(nid, NID_rsassaPss); } else { ...