Parsing X509 certificate subjectAltName

Tue, 11 Sep 2012 14:15:13 -0700 

I'm 90% deep into parsing an X509 certificate, but I can't find sample 
code for the last piece.

I found the extension, and located the ASN1_OBJECT with nid 85, OID 
2.5.29.17, the subjectAltName.  From the dumpasn output, I see that this 
is an octet string of a sequence, etc.

I have to pull out the three OIDs   '2.23.133.2. [1, 2, and 3]' which are 
presumably in the ASN1_OBJECT. 

Can anyone point me to sample code or a hint? 

~~

515   3: . . . . . OBJECT IDENTIFIER subjectAltName (2 5 29 17)
       : . . . . . . (X.509 extension)
    <01 01 FF>
520   1: . . . . . BOOLEAN TRUE
    <04 4A 30 48 A4 46 30 44 31 42 30 14 06 05 67 81 05 02 01 13 0B 69 64 
3A>
523  74: . . . . . OCTET STRING, encapsulates {
    <30 48 A4 46 30 44 31 42 30 14 06 05 67 81 05 02 01 13 0B 69 64 3A 35 
37>
525  72: . . . . . . SEQUENCE {
    <A4 46 30 44 31 42 30 14 06 05 67 81 05 02 01 13 0B 69 64 3A 35 37 34 
35>
527  70: . . . . . . . [4] {
    <30 44 31 42 30 14 06 05 67 81 05 02 01 13 0B 69 64 3A 35 37 34 35 34 
33>
529  68: . . . . . . . . SEQUENCE {
    <31 42 30 14 06 05 67 81 05 02 01 13 0B 69 64 3A 35 37 34 35 34 33 30 
30>
531  66: . . . . . . . . . SET {
    <30 14 06 05 67 81 05 02 01 13 0B 69 64 3A 35 37 34 35 34 33 30 30>
533  20: . . . . . . . . . . SEQUENCE {
    <06 05 67 81 05 02 01>
535   5: . . . . . . . . . . . OBJECT IDENTIFIER '2 23 133 2 1'
    <13 0B 69 64 3A 35 37 34 35 34 33 30 30>
542  11: . . . . . . . . . . . PrintableString 'id:57454300'
       : . . . . . . . . . . . }
    <30 18 06 05 67 81 05 02 02 13 0F 4E 50 43 54 34 32 78 2F 4E 50 43 54 
35>
555  24: . . . . . . . . . . SEQUENCE {
    <06 05 67 81 05 02 02>
557   5: . . . . . . . . . . . OBJECT IDENTIFIER '2 23 133 2 2'
    <13 0F 4E 50 43 54 34 32 78 2F 4E 50 43 54 35 30 78>
564  15: . . . . . . . . . . . PrintableString 'NPCT42x/NPCT50x'
       : . . . . . . . . . . . }
    <30 10 06 05 67 81 05 02 03 13 07 69 64 3A 30 33 39 31>
581  16: . . . . . . . . . . SEQUENCE {
    <06 05 67 81 05 02 03>
583   5: . . . . . . . . . . . OBJECT IDENTIFIER '2 23 133 2 3'
    <13 07 69 64 3A 30 33 39 31>
590   7: . . . . . . . . . . . PrintableString 'id:0391'
       : . . . . . . . . . . . }
       : . . . . . . . . . . }
       : . . . . . . . . . }
       : . . . . . . . . }
       : . . . . . . . }
       : . . . . . . }
       : . . . . . }

--
Ken Goldman   kgold...@us.ibm.com 
914-945-2415 (862-2415)

Reply via email to