mmm
Reputation: 747
How to get the size of the entire X509 certificate
I am reading a .crt certificate which I generate using openSSL. I have the certificate in my C program in a X509 file. I would like to know the size of the whole certificate that I have just read. How can this be there? Is there a specific function that returns the size of the certificate?
Thanks Best Regards
Upvotes: 2
Views: 10328
Answers (1)
Valeri Atamaniouk
Reputation: 5163
For sending certificate over the network, I recommend using DER format. The reason is that PEM is Base64-encoded DER plus some additional text (prefix/suffix).
To estimate the size, you actually need to encode the certificate (this is DER):
size_t get_length(X509 *cer)
{
int len;
len = i2d_X509(cer, NULL);
return len > 0 ? len : 0;
}
For PEM it is trickier:
unsigned char *data;
BIO *bio = BIO_new(BIO_s_mem());
PEM_write_bio_X509(bio, cer);
len = BIO_get_mem_data(bio, &data);
// here - data is a pointer to encoded data, len - length of data.
BIO_free(bio); // free _after_ you no longer need data
Upvotes: 9
Related Questions
- Getting the public key length of an X509 certificate
- Any way to get length of printable version of a X509 certificate (that is printed by X509_print* openssl function)?
- How to get key usage values from X509 cert?
- how to get the Keyusage value from the X509 certificate?
- How to verify a X509 certificate in C
- How to programmatically extract information from certificate?
- Openssl how to find out what the bit size of the public key in an X509 certificate is
- Open SSL extract certificate from X509 structure into char array
- How do I get certificate's key size
- x509 certificate Information