1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
|
\begin{verbatim}
#include <stdio.h>
#include <stdlib.h>
#include <gnutls/gnutls.h>
#include <gnutls/x509.h>
static const char* bin2hex( const void* bin, size_t bin_size)
{
static char printable[120];
unsigned char *_bin;
char* print;
print = printable;
for (i = 0; i < bin_size; i++) {
sprintf(print, "%.2x ", _bin[i]);
print += 2;
}
return printable;
}
/* This function will print information about this session's peer
* certificate.
*/
static void print_x509_certificate_info(gnutls_session session)
{
char serial[40];
char dn[128];
int i;
size_t size;
unsigned int algo, bits;
time_t expiration_time, activation_time;
const gnutls_datum *cert_list;
int cert_list_size = 0;
gnutls_x509_crt cert;
cert_list = gnutls_certificate_get_peers(session, &cert_list_size);
if (cert_list_size > 0
&& gnutls_certificate_type_get(session) == GNUTLS_CRT_X509) {
/* no error checking
*/
gnutls_x509_crt_init( &cert);
gnutls_x509_crt_import( cert, &cert_list[0]);
printf(" - Certificate info:\n");
expiration_time = gnutls_x509_crt_get_expiration_time( cert);
activation_time = gnutls_x509_crt_get_activation_time( cert);
printf(" - Certificate is valid since: %s", ctime(&activation_time));
printf(" - Certificate expires: %s", ctime(&expiration_time));
/* Print the serial number of the certificate.
*/
size = sizeof(serial);
gnutls_x509_crt_get_serial(cert, serial, &size);
printf(" - Certificate serial number: %s\n",
bin2hex( serial, serial_size));
/* Extract some of the public key algorithm's parameters
*/
algo =
gnutls_x509_crt_get_pk_algorithm(cert, &bits);
printf("Certificate public key: ");
if (algo == GNUTLS_PK_RSA) {
printf("RSA\n");
printf(" Modulus: %d bits\n", bits);
} else if (algo == GNUTLS_PK_DSA) {
printf("DSA\n");
printf(" Exponent: %d bits\n", bits);
} else {
printf("UNKNOWN\n");
}
/* Print the version of the X.509
* certificate.
*/
printf(" - Certificate version: #%d\n",
gnutls_x509_crt_get_version( cert));
size = sizeof(dn);
gnutls_x509_crt_get_dn( cert, dn, &size);
printf(" - DN: %s\n", dn);
size = sizeof(dn);
gnutls_x509_crt_get_issuer_dn( cert, dn, &size);
printf(" - Certificate Issuer's DN: %s\n", dn);
gnutls_x509_crt_deinit( cert);
}
}
\end{verbatim}
|