|
Chilkat • HOME • Android™ • Classic ASP • C • C++ • C# • Mono C# • .NET Core C# • C# UWP/WinRT • DataFlex • Delphi ActiveX • Delphi DLL • Visual FoxPro • Java • Lianja • MFC • Objective-C • Perl • PHP ActiveX • PHP Extension • PowerBuilder • PowerShell • PureBasic • CkPython • Chilkat2-Python • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • Visual Basic 6.0 • VB.NET • VB.NET UWP/WinRT • VBScript • Xojo Plugin • Node.js • Excel • Go
(MFC) Get Certificate Authority Information AccessDemonstrates how to get a certificate's Authority Information Access extension data (if it exists). Note: This example requires Chilkat v9.5.0.76 or greater.
#include <CkCert.h> #include <CkXml.h> #include <CkStringBuilder.h> void ChilkatSample(void) { CkString strOut; CkCert cert; bool success = cert.LoadFromFile("qa_data/certs/test_haswdt.cer"); if (success != true) { strOut.append(cert.lastErrorText()); strOut.append("\r\n"); SetDlgItemText(IDC_EDIT1,strOut.getUnicode()); return; } // Get the Authority Information Access extension, which is at OID 1.3.6.1.5.5.7.1.1 const char *extensionXmlStr = cert.getExtensionAsXml("1.3.6.1.5.5.7.1.1"); if (cert.get_LastMethodSuccess() == false) { strOut.append("Certificate does not have the AuthInfoAccess extension."); strOut.append("\r\n"); SetDlgItemText(IDC_EDIT1,strOut.getUnicode()); return; } CkXml xml; xml.LoadXml(extensionXmlStr); // See what we have.. strOut.append(xml.getXml()); strOut.append("\r\n"); // We should get XML like this: // <?xml version="1.0" encoding="utf-8" ?> // <sequence> // <sequence> // <oid>1.3.6.1.5.5.7.48.2</oid> // <contextSpecific tag="6" constructed="0">aHR0cDovL2NydC5jb21vZG9jYS5jb20vQ09NT0RPUlNBQ2xpZW50QXV0aGVudGljYXRpb25hbmRTZWN1 // cmVFbWFpbENBLmNydA==</contextSpecific> // </sequence> // <sequence> // <oid>1.3.6.1.5.5.7.48.1</oid> // <contextSpecific tag="6" constructed="0">aHR0cDovL29jc3AuY29tb2RvY2EuY29t</contextSpecific> // </sequence> // </sequence> // Typically, a certificate AIA(Authority Information access) contains 2 parts: // // On-line Certificate Status Protocol (1.3.6.1.5.5.7.48.1) // Certification Authority Issuer (1.3.6.1.5.5.7.48.2) // // The base64 content for each OID (in this case) is just a string. // The data can be accessed and decoded like this: CkStringBuilder sbOcsp; success = xml.GetChildContentSb("/C/oid,1.3.6.1.5.5.7.48.1|++",sbOcsp); if (success == true) { sbOcsp.Decode("base64","utf-8"); strOut.append("1.3.6.1.5.5.7.48.1: "); strOut.append(sbOcsp.getAsString()); strOut.append("\r\n"); } CkStringBuilder sbIssuer; success = xml.GetChildContentSb("/C/oid,1.3.6.1.5.5.7.48.2|++",sbIssuer); if (success == true) { sbIssuer.Decode("base64","utf-8"); strOut.append("1.3.6.1.5.5.7.48.2: "); strOut.append(sbIssuer.getAsString()); strOut.append("\r\n"); } // The output looks like this: // 1.3.6.1.5.5.7.48.1: http://ocsp.comodoca.com // 1.3.6.1.5.5.7.48.2: http://crt.comodoca.com/COMODORSAClientAuthenticationandSecureEmailCA.crt // ------------------------------------------------------------------------------- // Note: The Chilkat path passed to GetChildContentSb is composed of two commands: // The first command is "/C/oid,1.3.6.1.5.5.7.48.1". It says "traverse the XML tree from the caller // node and stop at the 1st node having tag = "oid" and content = "1.3.6.1.5.5.7.48.1". // The "|" char separates the 1st command from the 2nd. // The 2nd command is "++" and says "move to the next sibling". SetDlgItemText(IDC_EDIT1,strOut.getUnicode()); } |
||||
© 2000-2022 Chilkat Software, Inc. All Rights Reserved.