David,

>Question is how do I parse, decode or whatever this certificate data
>stream. From what I understand, as a minimum, I need to pull out the
>server public key from the certificate for the rest of the SSL process
> - eg to create the master secret.

You'll need an ASN.1 DER decoder. You can get one, plus some classes to
interpret the certificate, from http://www.forge.com.au - the FORGE JCE
provider is free and has ASN.1 classes. There is also one from Cryptix that
is free.

>Can anyone point me to some introductory doc on what ASN is and how to
>decode, parse it and how to pull out specific fields from the certificate.

The Layman's Guide to ASN.1 from RSA (http://www.rsa.com) is an
introduction to ASN.1 and the DER and BER encoding rules.

>Is there a specification of what a certificate looks like. X509 seems to
>be some sort of standard for the certificate. Where is that explained or
>documented? How do I know if the certificate is X509? I have a bunch of

Have a look at the PKIX documents from the IETF (http://www.ieft.org). They
are all about certificates and CAs.

Regards,
David Taylor
FORGE Information Technology.

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to