[openssl-users] X509 subject key identifier

Viktor Dukhovni openssl-users at dukhovni.org
Tue Sep 22 05:25:43 UTC 2015

On Mon, Sep 21, 2015 at 06:29:02PM -0400, Ken Goldman wrote:

> How can I programmatically get the Subject Key Identifier as a byte array
> from an X509 certificate.

Unless I'm mistaken:

    size_t len;
    unsigned char *data;
    ASN1_OCTET_STRING *skid;

    skid = X509_get_ext_d2i(subject, NID_subject_key_identifier, NULL, NULL);
    len = ASN1_STRING_length(skid);
    data = ASN1_STRING_data(skid);

    ... Take unspeakable liberties with "data" and "len" ...



More information about the openssl-users mailing list