Archive for December, 2014

Parse X509 certificate parsing with an example

If you have a .der or raw binary format of X509 certificate Here is the basic template for loading the certificate.

#include <openssl/x509.h>
#include <openssl/x509v3.h>
#include <openssl/bio.h>

const unsigned char *data = ... ;
size_t len = ... ;

X509 *cert = d2i_X509(NULL, &data, len);
if (!cert) {
fprintf(stderr, "unable to parse certificate in memory\n");

// any additional processing would go here..


To iterate through all the values in X509 certificate subject the following snippet of code is very useful.

X509_NAME *subj = X509_get_subject_name(cert);

for (int i = 0; i < X509_NAME_entry_count(subj); i++) {
X509_NAME_ENTRY *e = X509_NAME_get_entry(subj, i);
ASN1_STRING *d = X509_NAME_ENTRY_get_data(e);
char *str = ASN1_STRING_data(d);


X509 certificate parsing useful Links

Here are some of the very useful links available online for parsing X509 certificates in C language. The following links will be handy if you are working on a tight schedule project and don’t have enough time to read the official documentation

Official X509 docs.