DataFlex
DataFlex
Get Certificate Authority Information Access
See more Certificates Examples
Demonstrates how to get a certificate's Authority Information Access extension data (if it exists).Note: This example requires Chilkat v9.5.0.76 or greater.
Chilkat DataFlex Downloads
Use ChilkatAx-win32.pkg
Procedure Test
Boolean iSuccess
Handle hoCert
String sExtensionXmlStr
Handle hoXml
Variant vSbOcsp
Handle hoSbOcsp
Variant vSbIssuer
Handle hoSbIssuer
String sTemp1
Boolean bTemp1
Move False To iSuccess
Get Create (RefClass(cComChilkatCert)) To hoCert
If (Not(IsComObjectCreated(hoCert))) Begin
Send CreateComObject of hoCert
End
Get ComLoadFromFile Of hoCert "qa_data/certs/test_haswdt.cer" To iSuccess
If (iSuccess <> True) Begin
Get ComLastErrorText Of hoCert To sTemp1
Showln sTemp1
Procedure_Return
End
// Get the Authority Information Access extension, which is at OID 1.3.6.1.5.5.7.1.1
Get ComGetExtensionAsXml Of hoCert "1.3.6.1.5.5.7.1.1" To sExtensionXmlStr
Get ComLastMethodSuccess Of hoCert To bTemp1
If (bTemp1 = False) Begin
Showln "Certificate does not have the AuthInfoAccess extension."
Procedure_Return
End
Get Create (RefClass(cComChilkatXml)) To hoXml
If (Not(IsComObjectCreated(hoXml))) Begin
Send CreateComObject of hoXml
End
Get ComLoadXml Of hoXml sExtensionXmlStr To iSuccess
// See what we have..
Get ComGetXml Of hoXml To sTemp1
Showln sTemp1
// We should get XML like this:
// <?xml version="1.0" encoding="utf-8" ?>
// <sequence>
// <sequence>
// <oid>1.3.6.1.5.5.7.48.2</oid>
// <contextSpecific tag="6" constructed="0">aHR0cDovL2NydC5jb21vZG9jYS5jb20vQ09NT0RPUlNBQ2xpZW50QXV0aGVudGljYXRpb25hbmRTZWN1
// cmVFbWFpbENBLmNydA==</contextSpecific>
// </sequence>
// <sequence>
// <oid>1.3.6.1.5.5.7.48.1</oid>
// <contextSpecific tag="6" constructed="0">aHR0cDovL29jc3AuY29tb2RvY2EuY29t</contextSpecific>
// </sequence>
// </sequence>
// Typically, a certificate AIA(Authority Information access) contains 2 parts:
//
// On-line Certificate Status Protocol (1.3.6.1.5.5.7.48.1)
// Certification Authority Issuer (1.3.6.1.5.5.7.48.2)
//
// The base64 content for each OID (in this case) is just a string.
// The data can be accessed and decoded like this:
Get Create (RefClass(cComChilkatStringBuilder)) To hoSbOcsp
If (Not(IsComObjectCreated(hoSbOcsp))) Begin
Send CreateComObject of hoSbOcsp
End
Get pvComObject of hoSbOcsp to vSbOcsp
Get ComGetChildContentSb Of hoXml "/C/oid,1.3.6.1.5.5.7.48.1|++" vSbOcsp To iSuccess
If (iSuccess = True) Begin
Get ComDecode Of hoSbOcsp "base64" "utf-8" To iSuccess
Get ComGetAsString Of hoSbOcsp To sTemp1
Showln "1.3.6.1.5.5.7.48.1: " sTemp1
End
Get Create (RefClass(cComChilkatStringBuilder)) To hoSbIssuer
If (Not(IsComObjectCreated(hoSbIssuer))) Begin
Send CreateComObject of hoSbIssuer
End
Get pvComObject of hoSbIssuer to vSbIssuer
Get ComGetChildContentSb Of hoXml "/C/oid,1.3.6.1.5.5.7.48.2|++" vSbIssuer To iSuccess
If (iSuccess = True) Begin
Get ComDecode Of hoSbIssuer "base64" "utf-8" To iSuccess
Get ComGetAsString Of hoSbIssuer To sTemp1
Showln "1.3.6.1.5.5.7.48.2: " sTemp1
End
// The output looks like this:
// 1.3.6.1.5.5.7.48.1: http://ocsp.comodoca.com
// 1.3.6.1.5.5.7.48.2: http://crt.comodoca.com/COMODORSAClientAuthenticationandSecureEmailCA.crt
// -------------------------------------------------------------------------------
// Note: The Chilkat path passed to GetChildContentSb is composed of two commands:
// The first command is "/C/oid,1.3.6.1.5.5.7.48.1". It says "traverse the XML tree from the caller
// node and stop at the 1st node having tag = "oid" and content = "1.3.6.1.5.5.7.48.1".
// The "|" char separates the 1st command from the 2nd.
// The 2nd command is "++" and says "move to the next sibling".
End_Procedure