[openssl-users] Is there openssl API to verify certificate content is DER or PEM format ?
Nayna Jain
naynjain at in.ibm.com
Thu Jun 11 00:31:26 UTC 2015
Hi,
Thanks Victor, I am going to try these..
I have similar concern for private key.
If I have a pem file with private key in that, how do I check if that is
RSA/DSA ?
Thanks & Regards,
Nayna Jain
From: Viktor Dukhovni <openssl-users at dukhovni.org>
To: openssl-users at openssl.org, openssl-dev at openssl.org
Date: 06/10/2015 10:18 AM
Subject: Re: [openssl-users] Is there openssl API to verify certificate
content is DER or PEM format ?
Sent by: "openssl-users" <openssl-users-bounces at openssl.org>
On Wed, Jun 10, 2015 at 08:48:41AM +0530, Nayna Jain wrote:
> I think I will try with PEM_read_xxx and d2i_, then probably do not have
> to read throu first character as 0x30.
That works, provided you rewind or re-open the file.
> Are all d2i_xxx type of APIs for DER format.
Yes, they decode binary ASN.1 encodings of the relevant structures.
And conversely i2d_... encodes a C structure to ASN.1 (typically
DER) form.
>
> And if I have to operate on DER formatted certs, do I need to first
convert
> it to PEM and then user PEM APIs. or there are DER specific APIs also, I
> didn't find though, unless they are d2i_xxx types.
I don't see why you would need to convert to PEM first, though
there are legitimate reasons to do so when you need to write
configuration files to disk, as PEM is easier to work with as a
configuration format.
--
Viktor.
_______________________________________________
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20150611/f43ea838/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: graycol.gif
Type: image/gif
Size: 105 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20150611/f43ea838/attachment.gif>
More information about the openssl-users
mailing list