1. 第一步先去认真看下下边这两个连接,了解一下这个x509证书解析到底是个什么玩意
http://www.360doc.com/content/16/0407/16/3242454_548621325.shtml
了解之后大约需要做三步:第一步导入openssl库,如何导入自行百度,注意路径问题,
路径如图,根据自己实际项目修改
第二部:将证书导入结构体
第三部就是证书解析:我这只解析了证书版本,证书序列号(sn),证书颁发者名字(issuer_name),证书颁发者序列号(issuer_sn)
/** 获取SN */
-(NSString*)get_SN:(X509* )m_px{
NSString* str_SN=@"";
ASN1_INTEGER*serial =X509_get_serialNumber(m_px);
//打印证书序列号
//printf("serialNumber is: \n");
NSMutableString *str = [[NSMutableString alloc] init];
for(inti =0; i < serial->length; i++)
{
//printf("%02x", serial->data[i]);
[strappendString:[NSStringstringWithFormat:@"%02x",serial->data[i]]];
}
//小写转大写
// str_SN=str.uppercaseString;
//奇数补0操作
if(str_SN.length%2==1) {
str_SN=[NSStringstringWithFormat:@"0%@",str_SN];
}
returnstr_SN;
}
/** 获取版本号 */
-(NSString*)get_version:(X509* )m_px{
NSString* str_version=@"";
NSIntegerver =X509_get_version(m_px);
// NSLog(@"ver=%zi",ver);
switch(ver)
{
case0: //V1
//...
str_version=@"V1";
break;
case1: //V2
//...
str_version=@"V2";
break;
case2: //V3
//...
str_version=@"V3";
break;
default:
//Error!
break;
}
returnstr_version;
}
/** 获取issuer 以及 issuer_sn */
-(NSDictionary*)get_issuer_nameAnd_issuer_sn:(X509* )m_px{
NSMutableDictionary * dict_issuer =[[NSMutableDictionary alloc]init];
[dict_issuersetObject:@""forKey:@"issuer_name"];
[dict_issuersetObject:@""forKey:@"issuer_sn"];
//解析
// NSMutableString *certInfo = [[NSMutableString alloc]init];
// NSMutableString *certCN = [[NSMutableString alloc]init];
// NSMutableString * _serialNumber = [[NSMutableString alloc]init];
// NSMutableString * _allCertsList = [[NSMutableString alloc]init];
inti;
intentriesNum;
X509_NAME_ENTRY*name_entry;
longNid;
unsignedcharmsginfo[1024];
intmsginfoLen;
//获取证书颁发者信息,X509_NAME结构体保存了多项信息,包括国家、组织、部门、通用名、mail等。
X509_NAME* issuer =X509_get_issuer_name(m_px);
entriesNum =sk_X509_NAME_ENTRY_num(issuer->entries); //获取X509_NAME条目个数
//循环读取各条目信息
for(i=0;i
{
//获取第I个条目值
name_entry =sk_X509_NAME_ENTRY_value(issuer->entries,i);
//获取对象ID
Nid =OBJ_obj2nid(name_entry->object);
msginfoLen=name_entry->value->length;
memcpy(msginfo,name_entry->value->data,msginfoLen);
msginfo[msginfoLen]='\0';
//根据NID打印出信息
// NSLog(@"issuer type is %d",name_entry->value->type);
switch(Nid)
{
case NID_countryName://国家C
//printf("issuer 's C:%s\n",msginfo);
//[certInfo appendString:[NSString stringWithFormat:@"C=%s,",msginfo]];
//[certCN appendString:[NSString stringWithFormat:@"C=%s",msginfo]];
break;
case NID_stateOrProvinceName://省ST
//printf("issuer 's ST:%s\n",msginfo);
//[certInfo appendString:[NSString stringWithFormat:@"ST=%s,",msginfo]];
break;
case NID_localityName://地区L
//printf("issuer 's L:%s\n",msginfo);
//[certInfo appendString:[NSString stringWithFormat:@"L=%s,",msginfo]];
break;
case NID_organizationName://组织O
//printf("issuer 's O:%s\n",msginfo);
//[certInfo appendString:[NSString stringWithFormat:@"O=%s,",msginfo]];
break;
case NID_organizationalUnitName://单位OU
//printf("issuer 's OU:%s\n",msginfo);
//[certInfo appendString:[NSString stringWithFormat:@"OU=%s,",msginfo]];
break;
case NID_commonName://通用名CN
//printf("issuer 's CN:%s\n",msginfo);
//[certInfo appendString:[NSString stringWithFormat:@"CN=%s",msginfo]];
[dict_issuersetObject:[NSStringstringWithFormat:@"%s",msginfo]forKey:@"issuer_name"];
break;
case NID_pkcs9_emailAddress://Mail
//printf("issuer 's emailAddress:%s\n",msginfo);
break;
case NID_serialNumber://issuerSN
//NSLog(@"issuer 's SN:%zi\n",Nid);
//[certInfo appendString:[NSString stringWithFormat:@"sn=%s",msginfo]];
[dict_issuersetObject:[NSStringstringWithFormat:@"%s",msginfo]forKey:@"issuer_sn"];
break;
default:
break;
}
}
//[_allCertsList appendString:certInfo];
//[_allCertsList appendString:@"|"];
returndict_issuer;
}
/**************************************************************************************/
/**************************************************************************************/
/**************************************************************************************/
/**************************************************************************************/
改:下边为解析源码,需要的自行复制:
/**************************************************************************************/
//
// JJDEAnalyticalCert.m
// EIDprepareForSDK
//
// Created by yyb on 2018/5/2.
// Copyright © 2018年 yyb. All rights reserved.
//
#import "JJDEAnalyticalCert.h"
#import"x509.h"
#import "x509v3.h"
#import "x509_vfy.h"
#import "JJDEGetCertInfo.h"
@interface JJDEAnalyticalCert()
@property (nonatomic,copy) Id_Block sendBlock;
@end
@implementationJJDEAnalyticalCert
//全局变量
static JJDEAnalyticalCert * _instance = nil;
//单例方法
+(instancetype)shareBlueTooth{
return[[selfalloc]init];
}
////alloc会调用allocWithZone:
+(instancetype)allocWithZone:(struct_NSZone*)zone{
//只进行一次
staticdispatch_once_tonceToken;
dispatch_once(&onceToken, ^{
_instance= [superallocWithZone:zone];
});
return _instance;
}
//初始化方法
- (instancetype)init{
// 只进行一次
staticdispatch_once_tonceToken;
dispatch_once(&onceToken, ^{
_instance= [superinit];
;
});
return _instance;
}
-(void)deCardSendInstructions_AnalyticalCertWithString:(NSString*)strName andObj:(NSDictionary*)objc andCompletion:(Id_Block)comBlock{
JJDEGetCertInfo * degetCertInfo = [JJDEGetCertInfo shareBlueTooth];
if(degetCertInfo.data_certInfo.length<=0) {
return;
}
NSString * str_data=[JJBluetoothTools convertDataToHexStr:degetCertInfo.data_certInfo];//@"30820316308202BBA00302010202081000000000235751300C06082A811CCF550183750500303E310B3009060355040A0C0247413111300F06035504030C08654944204D494332310F300D06035504050C06303232303132310B300906035504061302434E301E170D3136303931323037333831305A170D3139303931323037333831305A306D314D304B06035504030C44414145397739444A62574C6D6248637744796278623039335446364549436D4A624F41546B5A50794A51414A6B78325644706154655A6351544E7942514F57657645303D310B300906035504060C02434E310F300D060355040A0C063331303030303059301306072A8648CE3D020106082A811CCF5501822D0342000413B29FD275B4A70FE70855280F6CE63CE9BAEC93097A7A71160B9AB5EF357585E71FAFDACD61593912877BA609A9A218ECE1279CA98451787EEA75C8DF9BF1CEA38201703082016C302B0603551D0E0424042204209FA4361184D90E43424EDB2A563EB2739CBAD0319F4367469DD64D21632A39E7302F0603551D23042830268024302280202F4E21716079671BFF36A480BA670C66D1F8D9396F1EAA67F4EC77E8F9D1FCB3300C0603551D1304053003010100300B0603551D0F0404030206C0301D0603551D250416301406082B0601050507030206082B0601050507030430360603551D20042F302D302B06082A811C86EF580202301F301D06082B060105050702011611687474703A2F2F6569642E636E2F637073301106096086480186F8420101040403020780303E06082B0601050507010104323030302E06082B060105050730028622687474703A2F2F63657274732E6569642E636E2F6549444D4943526F6F742E63657230470603551D1F0440303E303CA03AA0388636687474703A2F2F63726C2E6569642E636E2F646F776E6C6F61642F534D325F6549442532304D4943325F67726F7570305F622E63726C300C06082A811CCF550183750500034700304402201F6EFA9BAC64B381DEE7F49112CB6BB04BA9114708D4EFA63F45EC8FF945947C02204C3F481BCB8C6A0ADFF53440B83D35E23EB4BF041782D027F52B3DDF69CE5FE9";
NSData* lpCertData =[JJBluetoothToolshexToBytes:str_data];
Byte* bytes_lpCertData =(Byte*)[lpCertDatabytes];//031A
X509* m_px=d2i_X509(NULL, (unsignedcharconst**)&bytes_lpCertData,794);
//获取版本号
//NSString * string_version = [self get_version:m_px];
//获取SN
NSString* string_SN =[selfget_SN:m_px];
//获取颁发者名字和颁发者序列号
NSDictionary* dict_issuer = [selfget_issuer_nameAnd_issuer_sn:m_px];
//NSLog(@"%@",dict_issuer);
//颁发者名字
NSString* string_issuer_name=dict_issuer[@"issuer_name"];
//颁发者序列号
NSString* string_issuer_sn=dict_issuer[@"issuer_sn"];
if(string_SN.length>0&& string_issuer_name.length>0&& string_issuer_sn.length>0) {
self.string_SN=string_SN;
self.string_issuer_name=string_issuer_name;
self.string_issuer_sn=string_issuer_sn;
if(comBlock) {
comBlock(@{@"status":@"1",@"msg":@"证书解析成功"});
}
}else{
self.string_SN=nil;
self.string_issuer_name=nil;
self.string_issuer_sn=nil;
if(comBlock) {
comBlock(@{@"status":@"0",@"msg":@"证书解析失败"});
}
}
}
/** 获取SN */
-(NSString*)get_SN:(X509* )m_px{
NSString* str_SN=@"";
ASN1_INTEGER*serial =X509_get_serialNumber(m_px);
//打印证书序列号
//printf("serialNumber is: \n");
NSMutableString *str = [[NSMutableString alloc] init];
for(inti =0; i < serial->length; i++)
{
//printf("%02x", serial->data[i]);
[strappendString:[NSStringstringWithFormat:@"%02x",serial->data[i]]];
}
//小写转大写
//str_SN=str.uppercaseString;
//奇数补0操作
if(str_SN.length%2==1) {
str_SN=[NSStringstringWithFormat:@"0%@",str_SN];
}
returnstr_SN;
}
/** 获取版本号 */
-(NSString*)get_version:(X509* )m_px{
NSString* str_version=@"";
NSIntegerver =X509_get_version(m_px);
// NSLog(@"ver=%zi",ver);
switch(ver)
{
case0: //V1
//...
str_version=@"V1";
break;
case1: //V2
//...
str_version=@"V2";
break;
case2: //V3
//...
str_version=@"V3";
break;
default:
//Error!
break;
}
returnstr_version;
}
/** 获取issuer 以及 issuer_sn */
-(NSDictionary*)get_issuer_nameAnd_issuer_sn:(X509* )m_px{
NSMutableDictionary * dict_issuer =[[NSMutableDictionary alloc]init];
[dict_issuersetObject:@""forKey:@"issuer_name"];
[dict_issuersetObject:@""forKey:@"issuer_sn"];
//解析
// NSMutableString *certInfo = [[NSMutableString alloc]init];
// NSMutableString *certCN = [[NSMutableString alloc]init];
// NSMutableString * _serialNumber = [[NSMutableString alloc]init];
// NSMutableString * _allCertsList = [[NSMutableString alloc]init];
inti;
intentriesNum;
X509_NAME_ENTRY*name_entry;
longNid;
unsignedcharmsginfo[1024];
intmsginfoLen;
//获取证书颁发者信息,X509_NAME结构体保存了多项信息,包括国家、组织、部门、通用名、mail等。
X509_NAME* issuer =X509_get_issuer_name(m_px);
entriesNum =sk_X509_NAME_ENTRY_num(issuer->entries); //获取X509_NAME条目个数
//循环读取各条目信息
for(i=0;i
{
//获取第I个条目值
name_entry =sk_X509_NAME_ENTRY_value(issuer->entries,i);
//获取对象ID
Nid =OBJ_obj2nid(name_entry->object);
msginfoLen=name_entry->value->length;
memcpy(msginfo,name_entry->value->data,msginfoLen);
msginfo[msginfoLen]='\0';
//根据NID打印出信息
// NSLog(@"issuer type is %d",name_entry->value->type);
switch(Nid)
{
case NID_countryName://国家C
//printf("issuer 's C:%s\n",msginfo);
//[certInfo appendString:[NSString stringWithFormat:@"C=%s,",msginfo]];
//[certCN appendString:[NSString stringWithFormat:@"C=%s",msginfo]];
break;
case NID_stateOrProvinceName://省ST
//printf("issuer 's ST:%s\n",msginfo);
//[certInfo appendString:[NSString stringWithFormat:@"ST=%s,",msginfo]];
break;
case NID_localityName://地区L
//printf("issuer 's L:%s\n",msginfo);
//[certInfo appendString:[NSString stringWithFormat:@"L=%s,",msginfo]];
break;
case NID_organizationName://组织O
//printf("issuer 's O:%s\n",msginfo);
//[certInfo appendString:[NSString stringWithFormat:@"O=%s,",msginfo]];
break;
case NID_organizationalUnitName://单位OU
//printf("issuer 's OU:%s\n",msginfo);
//[certInfo appendString:[NSString stringWithFormat:@"OU=%s,",msginfo]];
break;
case NID_commonName://通用名CN
//printf("issuer 's CN:%s\n",msginfo);
//[certInfo appendString:[NSString stringWithFormat:@"CN=%s",msginfo]];
[dict_issuersetObject:[NSStringstringWithFormat:@"%s",msginfo]forKey:@"issuer_name"];
break;
case NID_pkcs9_emailAddress://Mail
//printf("issuer 's emailAddress:%s\n",msginfo);
break;
case NID_serialNumber://issuerSN
//NSLog(@"issuer 's SN:%zi\n",Nid);
//[certInfo appendString:[NSString stringWithFormat:@"sn=%s",msginfo]];
[dict_issuersetObject:[NSStringstringWithFormat:@"%s",msginfo]forKey:@"issuer_sn"];
break;
default:
break;
}
}
//[_allCertsList appendString:certInfo];
//[_allCertsList appendString:@"|"];
returndict_issuer;
}
@end
网友评论