DataFlex
DataFlex
Generate a CSR containing an Extension Request
See more CSR Examples
Demonstrates how to generate a CSR containing a 1.2.840.113549.1.9.14 extensionRequest.Chilkat DataFlex Downloads
Use ChilkatAx-win32.pkg
Procedure Test
Boolean iSuccess
Handle hoEcc
Variant vPrng
Handle hoPrng
Variant vPrivKey
Handle hoPrivKey
Handle hoCsr
Variant vXml
Handle hoXml
String sCsrPem
String sTemp1
Boolean bTemp1
Move False To iSuccess
// This requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
// This example will generate a secp256r1 ECDSA key for the CSR.
Get Create (RefClass(cComChilkatEcc)) To hoEcc
If (Not(IsComObjectCreated(hoEcc))) Begin
Send CreateComObject of hoEcc
End
Get Create (RefClass(cComChilkatPrng)) To hoPrng
If (Not(IsComObjectCreated(hoPrng))) Begin
Send CreateComObject of hoPrng
End
Get Create (RefClass(cComChilkatPrivateKey)) To hoPrivKey
If (Not(IsComObjectCreated(hoPrivKey))) Begin
Send CreateComObject of hoPrivKey
End
Get pvComObject of hoPrng to vPrng
Get pvComObject of hoPrivKey to vPrivKey
Get ComGenKey Of hoEcc "secp256r1" vPrng vPrivKey To iSuccess
If (iSuccess = False) Begin
Showln "Failed to generate a new ECDSA private key."
Procedure_Return
End
Get Create (RefClass(cComChilkatCsr)) To hoCsr
If (Not(IsComObjectCreated(hoCsr))) Begin
Send CreateComObject of hoCsr
End
// Add common CSR fields:
Set ComCommonName Of hoCsr To "mysubdomain.mydomain.com"
Set ComCountry Of hoCsr To "GB"
Set ComState Of hoCsr To "Yorks"
Set ComLocality Of hoCsr To "York"
Set ComCompany Of hoCsr To "Internet Widgits Pty Ltd"
Set ComEmailAddress Of hoCsr To "support@mydomain.com"
// Add the following 1.2.840.113549.1.9.14 extensionRequest
// Note: The easiest way to know the content and format of the XML to be added is to examine
// a pre-existing CSR with the same desired extensionRequest. You can use Chilkat to
// get the extensionRequest from an existing CSR.
//
// Here is a sample extension request:
// <?xml version="1.0" encoding="utf-8"?>
// <set>
// <sequence>
// <sequence>
// <oid>1.3.6.1.4.1.311.20.2</oid>
// <asnOctets>
// <printable>ZATCA-Code-Signing</printable>
// </asnOctets>
// </sequence>
// <sequence>
// <oid>2.5.29.17</oid>
// <asnOctets>
// <sequence>
// <contextSpecific tag="4" constructed="1">
// <sequence>
// <set>
// <sequence>
// <oid>2.5.4.4</oid>
// <utf8>334623324234325</utf8>
// </sequence>
// </set>
// <set>
// <sequence>
// <oid>0.9.2342.19200300.100.1.1</oid>
// <utf8>310122393500003</utf8>
// </sequence>
// </set>
// <set>
// <sequence>
// <oid>2.5.4.12</oid>
// <utf8>0000</utf8>
// </sequence>
// </set>
// <set>
// <sequence>
// <oid>2.5.4.26</oid>
// <utf8>Sample E</utf8>
// </sequence>
// </set>
// <set>
// <sequence>
// <oid>2.5.4.15</oid>
// <utf8>Sample Business</utf8>
// </sequence>
// </set>
// </sequence>
// </contextSpecific>
// </sequence>
// </asnOctets>
// </sequence>
// </sequence>
// </set>
// Use this online tool to generate code from sample XML:
// Generate Code to Create XML
// Here's the code to generate the above extension request.
Get Create (RefClass(cComChilkatXml)) To hoXml
If (Not(IsComObjectCreated(hoXml))) Begin
Send CreateComObject of hoXml
End
Set ComTag Of hoXml To "set"
Send ComUpdateChildContent To hoXml "sequence|sequence|oid" "1.3.6.1.4.1.311.20.2"
Send ComUpdateChildContent To hoXml "sequence|sequence|asnOctets|printable" "ZATCA-Code-Signing"
Send ComUpdateChildContent To hoXml "sequence|sequence[1]|oid" "2.5.29.17"
Get ComUpdateAttrAt Of hoXml "sequence|sequence[1]|asnOctets|sequence|contextSpecific" True "tag" "4" To iSuccess
Get ComUpdateAttrAt Of hoXml "sequence|sequence[1]|asnOctets|sequence|contextSpecific" True "constructed" "1" To iSuccess
Send ComUpdateChildContent To hoXml "sequence|sequence[1]|asnOctets|sequence|contextSpecific|sequence|set|sequence|oid" "2.5.4.4"
Send ComUpdateChildContent To hoXml "sequence|sequence[1]|asnOctets|sequence|contextSpecific|sequence|set|sequence|utf8" "334623324234325"
Send ComUpdateChildContent To hoXml "sequence|sequence[1]|asnOctets|sequence|contextSpecific|sequence|set[1]|sequence|oid" "0.9.2342.19200300.100.1.1"
Send ComUpdateChildContent To hoXml "sequence|sequence[1]|asnOctets|sequence|contextSpecific|sequence|set[1]|sequence|utf8" "310122393500003"
Send ComUpdateChildContent To hoXml "sequence|sequence[1]|asnOctets|sequence|contextSpecific|sequence|set[2]|sequence|oid" "2.5.4.12"
Send ComUpdateChildContent To hoXml "sequence|sequence[1]|asnOctets|sequence|contextSpecific|sequence|set[2]|sequence|utf8" "0000"
Send ComUpdateChildContent To hoXml "sequence|sequence[1]|asnOctets|sequence|contextSpecific|sequence|set[3]|sequence|oid" "2.5.4.26"
Send ComUpdateChildContent To hoXml "sequence|sequence[1]|asnOctets|sequence|contextSpecific|sequence|set[3]|sequence|utf8" "Sample E"
Send ComUpdateChildContent To hoXml "sequence|sequence[1]|asnOctets|sequence|contextSpecific|sequence|set[4]|sequence|oid" "2.5.4.15"
Send ComUpdateChildContent To hoXml "sequence|sequence[1]|asnOctets|sequence|contextSpecific|sequence|set[4]|sequence|utf8" "Sample Business"
// Add the extension request to the CSR
Get pvComObject of hoXml to vXml
Get ComSetExtensionRequest Of hoCsr vXml To iSuccess
// Generate the CSR with the extension request
Get pvComObject of hoPrivKey to vPrivKey
Get ComGenCsrPem Of hoCsr vPrivKey To sCsrPem
Get ComLastMethodSuccess Of hoCsr To bTemp1
If (bTemp1 = False) Begin
Get ComLastErrorText Of hoCsr To sTemp1
Showln sTemp1
Procedure_Return
End
Showln sCsrPem
// Sample PEM output:
// -----BEGIN CERTIFICATE REQUEST-----
// MIICEjCCAbkCAQAwgZcxITAfBgNVBAMMGG15c3ViZG9tYWluLm15ZG9tYWluLmNv
// bTELMAkGA1UEBhMCR0IxDjAMBgNVBAgMBVlvcmtzMQ0wCwYDVQQHDARZb3JrMSEw
// HwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxIzAhBgkqhkiG9w0BCQEW
// FHN1cHBvcnRAbXlkb21haW4uY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE
// g8EVNSV0ttlM9kG2E+J3ZB9WEDYVf2QA/8idrPRUafia1CHjd1kslwZA8eP2bAcf
// 2O493QAENqtW6DTHJbRz8KCBvjCBuwYJKoZIhvcNAQkOMYGtMIGqMCEGCSsGAQQB
// gjcUAgQUExJaQVRDQS1Db2RlLVNpZ25pbmcwgYQGA1UdEQR9MHukeTB3MRgwFgYD
// VQQEDA8zMzQ2MjMzMjQyMzQzMjUxHzAdBgoJkiaJk/IsZAEBDA8zMTAxMjIzOTM1
// MDAwMDMxDTALBgNVBAwMBDAwMDAxETAPBgNVBBoMCFNhbXBsZSBFMRgwFgYDVQQP
// DA9TYW1wbGUgQnVzaW5lc3MwCgYIKoZIzj0EAwIDRwAwRAIgF7D30eSBklfo+oel
// 1B0z64eJDB9MB3rCoiFZlj+mz0YCIHYI87eyqdtw2LOcAoBRhyxlBT6i28+Z/8t9
// bYsMIYvp
// -----END CERTIFICATE REQUEST-----
End_Procedure