Pascal (Lazarus/Delphi)
Pascal (Lazarus/Delphi)
Get Certificate Authority Information Access
See more Certificates Examples
Demonstrates how to get a certificate's Authority Information Access extension data (if it exists).Note: This example requires Chilkat v9.5.0.76 or greater.
Chilkat Pascal (Lazarus/Delphi) Downloads
program ChilkatDemo;
// Demonstrates using the Chilkat Pascal wrapper via the C bridge DLL.
// Builds as a console application under Lazarus (FPC) or Delphi.
{$IFDEF FPC}
{$MODE DELPHI}
{$ENDIF}
{$APPTYPE CONSOLE}
uses
{$IFDEF UNIX}
cthreads,
{$ENDIF}
SysUtils,
CkDllLoader,
Chilkat.StringBuilder,
Chilkat.Xml,
Chilkat.Cert;
// ---------------------------------------------------------------------------
procedure RunDemo;
var
success: Boolean;
cert: TCert;
extensionXmlStr: string;
xml: TXml;
sbOcsp: TStringBuilder;
sbIssuer: TStringBuilder;
begin
success := False;
cert := TCert.Create;
success := cert.LoadFromFile('qa_data/certs/test_haswdt.cer');
if (success <> True) then
begin
WriteLn(cert.LastErrorText);
Exit;
end;
// Get the Authority Information Access extension, which is at OID 1.3.6.1.5.5.7.1.1
extensionXmlStr := cert.GetExtensionAsXml('1.3.6.1.5.5.7.1.1');
if (cert.LastMethodSuccess = False) then
begin
WriteLn('Certificate does not have the AuthInfoAccess extension.');
Exit;
end;
xml := TXml.Create;
xml.LoadXml(extensionXmlStr);
// See what we have..
WriteLn(xml.GetXml());
// We should get XML like this:
// <?xml version="1.0" encoding="utf-8" ?>
// <sequence>
// <sequence>
// <oid>1.3.6.1.5.5.7.48.2</oid>
// <contextSpecific tag="6" constructed="0">aHR0cDovL2NydC5jb21vZG9jYS5jb20vQ09NT0RPUlNBQ2xpZW50QXV0aGVudGljYXRpb25hbmRTZWN1
// cmVFbWFpbENBLmNydA==</contextSpecific>
// </sequence>
// <sequence>
// <oid>1.3.6.1.5.5.7.48.1</oid>
// <contextSpecific tag="6" constructed="0">aHR0cDovL29jc3AuY29tb2RvY2EuY29t</contextSpecific>
// </sequence>
// </sequence>
// Typically, a certificate AIA(Authority Information access) contains 2 parts:
//
// On-line Certificate Status Protocol (1.3.6.1.5.5.7.48.1)
// Certification Authority Issuer (1.3.6.1.5.5.7.48.2)
//
// The base64 content for each OID (in this case) is just a string.
// The data can be accessed and decoded like this:
sbOcsp := TStringBuilder.Create;
success := xml.GetChildContentSb('/C/oid,1.3.6.1.5.5.7.48.1|++',sbOcsp);
if (success = True) then
begin
sbOcsp.Decode('base64','utf-8');
WriteLn('1.3.6.1.5.5.7.48.1: ' + sbOcsp.GetAsString());
end;
sbIssuer := TStringBuilder.Create;
success := xml.GetChildContentSb('/C/oid,1.3.6.1.5.5.7.48.2|++',sbIssuer);
if (success = True) then
begin
sbIssuer.Decode('base64','utf-8');
WriteLn('1.3.6.1.5.5.7.48.2: ' + sbIssuer.GetAsString());
end;
// The output looks like this:
// 1.3.6.1.5.5.7.48.1: http://ocsp.comodoca.com
// 1.3.6.1.5.5.7.48.2: http://crt.comodoca.com/COMODORSAClientAuthenticationandSecureEmailCA.crt
// -------------------------------------------------------------------------------
// Note: The Chilkat path passed to GetChildContentSb is composed of two commands:
// The first command is "/C/oid,1.3.6.1.5.5.7.48.1". It says "traverse the XML tree from the caller
// node and stop at the 1st node having tag = "oid" and content = "1.3.6.1.5.5.7.48.1".
// The "|" char separates the 1st command from the 2nd.
// The 2nd command is "++" and says "move to the next sibling".
cert.Free;
xml.Free;
sbOcsp.Free;
sbIssuer.Free;
end;
// ---------------------------------------------------------------------------
begin
try
RunDemo;
except
on E: Exception do
WriteLn('Unhandled exception: ', E.ClassName, ': ', E.Message);
end;
WriteLn;
{$IFDEF MSWINDOWS}
WriteLn('Press Enter to exit...');
ReadLn;
{$ENDIF}
end.