Sample code for 30+ languages & platforms
DataFlex

Get Certificate Authority Information Access

See more Certificates Examples

Demonstrates how to get a certificate's Authority Information Access extension data (if it exists).

Note: This example requires Chilkat v9.5.0.76 or greater.

Chilkat DataFlex Downloads

DataFlex
Use ChilkatAx-win32.pkg

Procedure Test
    Boolean iSuccess
    Handle hoCert
    String sExtensionXmlStr
    Handle hoXml
    Variant vSbOcsp
    Handle hoSbOcsp
    Variant vSbIssuer
    Handle hoSbIssuer
    String sTemp1
    Boolean bTemp1

    Move False To iSuccess

    Get Create (RefClass(cComChilkatCert)) To hoCert
    If (Not(IsComObjectCreated(hoCert))) Begin
        Send CreateComObject of hoCert
    End

    Get ComLoadFromFile Of hoCert "qa_data/certs/test_haswdt.cer" To iSuccess
    If (iSuccess <> True) Begin
        Get ComLastErrorText Of hoCert To sTemp1
        Showln sTemp1
        Procedure_Return
    End

    // Get the Authority Information Access extension, which is at OID 1.3.6.1.5.5.7.1.1
    Get ComGetExtensionAsXml Of hoCert "1.3.6.1.5.5.7.1.1" To sExtensionXmlStr
    Get ComLastMethodSuccess Of hoCert To bTemp1
    If (bTemp1 = False) Begin
        Showln "Certificate does not have the AuthInfoAccess extension."
        Procedure_Return
    End

    Get Create (RefClass(cComChilkatXml)) To hoXml
    If (Not(IsComObjectCreated(hoXml))) Begin
        Send CreateComObject of hoXml
    End
    Get ComLoadXml Of hoXml sExtensionXmlStr To iSuccess

    // See what we have..
    Get ComGetXml Of hoXml To sTemp1
    Showln sTemp1

    // We should get XML like this:

    // <?xml version="1.0" encoding="utf-8" ?>
    // <sequence>
    //     <sequence>
    //         <oid>1.3.6.1.5.5.7.48.2</oid>
    //         <contextSpecific tag="6" constructed="0">aHR0cDovL2NydC5jb21vZG9jYS5jb20vQ09NT0RPUlNBQ2xpZW50QXV0aGVudGljYXRpb25hbmRTZWN1
    // cmVFbWFpbENBLmNydA==</contextSpecific>
    //     </sequence>
    //     <sequence>
    //         <oid>1.3.6.1.5.5.7.48.1</oid>
    //         <contextSpecific tag="6" constructed="0">aHR0cDovL29jc3AuY29tb2RvY2EuY29t</contextSpecific>
    //     </sequence>
    // </sequence>

    // Typically, a certificate AIA(Authority Information access) contains 2 parts:
    // 
    //     On-line Certificate Status Protocol (1.3.6.1.5.5.7.48.1)
    //     Certification Authority Issuer (1.3.6.1.5.5.7.48.2)
    // 
    // The base64 content for each OID (in this case) is just a string.  
    // The data can be accessed and decoded like this:

    Get Create (RefClass(cComChilkatStringBuilder)) To hoSbOcsp
    If (Not(IsComObjectCreated(hoSbOcsp))) Begin
        Send CreateComObject of hoSbOcsp
    End
    Get pvComObject of hoSbOcsp to vSbOcsp
    Get ComGetChildContentSb Of hoXml "/C/oid,1.3.6.1.5.5.7.48.1|++" vSbOcsp To iSuccess
    If (iSuccess = True) Begin
        Get ComDecode Of hoSbOcsp "base64" "utf-8" To iSuccess
        Get ComGetAsString Of hoSbOcsp To sTemp1
        Showln "1.3.6.1.5.5.7.48.1:  " sTemp1
    End

    Get Create (RefClass(cComChilkatStringBuilder)) To hoSbIssuer
    If (Not(IsComObjectCreated(hoSbIssuer))) Begin
        Send CreateComObject of hoSbIssuer
    End
    Get pvComObject of hoSbIssuer to vSbIssuer
    Get ComGetChildContentSb Of hoXml "/C/oid,1.3.6.1.5.5.7.48.2|++" vSbIssuer To iSuccess
    If (iSuccess = True) Begin
        Get ComDecode Of hoSbIssuer "base64" "utf-8" To iSuccess
        Get ComGetAsString Of hoSbIssuer To sTemp1
        Showln "1.3.6.1.5.5.7.48.2:  " sTemp1
    End

    // The output looks like this:

    // 1.3.6.1.5.5.7.48.1:  http://ocsp.comodoca.com
    // 1.3.6.1.5.5.7.48.2:  http://crt.comodoca.com/COMODORSAClientAuthenticationandSecureEmailCA.crt

    // -------------------------------------------------------------------------------
    // Note: The Chilkat path passed to GetChildContentSb is composed of two commands:
    // The first command is "/C/oid,1.3.6.1.5.5.7.48.1".   It says "traverse the XML tree from the caller
    // node and stop at the 1st node having tag = "oid" and content = "1.3.6.1.5.5.7.48.1".
    // The "|" char separates the 1st command from the 2nd.
    // The 2nd command is "++" and says "move to the next sibling".


End_Procedure