I've a certificate (using openssl app) with SubjectAltName set as :
I want to read to field RegisteredID (for example) for that I've constructed the following code:
GENERAL_NAME* getX508SubjectAltNameInfo(X509* pCertificate)
{
int i;
int san_nb =-1;
STACK_OF(GENERAL_NAME) * san_names=NULL;
GENERAL_NAME *current_name;
san_names =(STACK_OF(GENERAL_NAME) *)X509_get_ext_d2i(pCertificate, NID_subject_alt_name, NULL, NULL);
if (san_names == NULL)
return NULL;
san_nb = sk_GENERAL_NAME_num(san_names);
if (san_nb <= 0)
return NULL;
for (i=0;i<san_nb;i++){
current_name = sk_GENERAL_NAME_value(san_names, i);
if (current_name->type == GEN_RID/*8*/) {
return current_name;
{
}
sk_GENERAL_NAME_pop_free(san_names, GENERAL_NAME_free);
return current_name;
}
later I use it
ASN1_OBJECT* rid;
char* ridStr;
GENERAL_NAME* san = getX508SubjectAltNameInfo(pCertificate);
if (san == NULL)//<-- always true
{
print_log_err("no indx key found");
}
rid = san->d.registeredID;
ridStr = (char*)rid->data;
printf("%s",ridStr);
but when I debug it all I can see inside current_name is:
(gdb) p *current_name.d->rid
$5 = {sn = 0x1600000010 <Address 0x1600000010 out of bounds>, ln = 0x1bee1f0 "[email protected]", nid = 0, length = 0,
data = 0x21 <Address 0x21 out of bounds>, flags = 8}
(gdb) p *current_name.d->registeredID
$6 = {sn = 0x1600000010 <Address 0x1600000010 out of bounds>, ln = 0x1bee1f0 "[email protected]", nid = 0, length = 0,
data = 0x21 <Address 0x21 out of bounds>, flags = 8}
my question is what am I doing wrong ? is my code OK but the certificate creation gone wrong or the opposite (or both)