|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(AutoIt) Duplicate CSR Created by OpenSSL with Config.cnfSee more CSR ExamplesDemonstrates how to duplicate a CSR created by the following commands: # Generate Private Key openssl ecparam -name secp256k1 -genkey -noout -out PrivateKey.pem #Generate CSR openssl req -new -sha256 -key PrivateKey.pem -extensions v3_req -config Config.cnf -out CSR.csr
; This example assumes the Chilkat API to have been previously unlocked. ; See Global Unlock Sample for sample code. ; This example duplicates the CSR created by OpenSSL with the following config file: ; oid_section = OIDs ; [ OIDs ] ; certificateTemplateName= 1.3.6.1.4.1.311.20.2 ; ; [ req ] ; default_bits = 2048 ; emailAddress = it@example.sa ; req_extensions = v3_req ; x509_extensions = v3_ca ; prompt = no ; default_md = sha256 ; req_extensions = req_ext ; distinguished_name = dn ; ; [ v3_req ] ; basicConstraints = CA:FALSE ; keyUsage = digitalSignature, nonRepudiation, keyEncipherment ; ; [req_ext] ; certificateTemplateName = ASN1:PRINTABLESTRING:ZATCA-Code-Signing ; subjectAltName = dirName:alt_names ; ; [ dn ] ; CN =EXAMPLE-CORP # Common Name ; C=SA # Country Code e.g SA ; OU=HEAD-OFFICE # Organization Unit Name ; O=ASC # Organization Name ; ; [alt_names] ; SN=1-ASC|2-V01|3-1234567890 # EGS Serial Number 1-ABC|2-PQR|3-XYZ ; UID=312345678900003 # Organization Identifier (VAT Number) ; title=1100 # Invoice Type ; registeredAddress=Dammam # Address ; businessCategory=IT # Business Category ; The OpenSSL commands we are duplicating: ; openssl ecparam -name secp256k1 -genkey -noout -out PrivateKey.pem ; openssl req -new -sha256 -key PrivateKey.pem -extensions v3_req -config Config.cnf -out CSR.csr ; The 1st step is to actually use OpenSSL to generate a sample CSR.csr that we wish to duplicate. ; With the sample CSR.csr, we get the ExtensionRequest as XML. ; For example: $oSbCsr = ObjCreate("Chilkat.StringBuilder") Local $bSuccess = $oSbCsr.LoadFile("qa_data/csr/openssl_cnf/CSR.csr","utf-8") If ($bSuccess = False) Then ConsoleWrite("Failed to load CSR.csr" & @CRLF) Exit EndIf $oCsr0 = ObjCreate("Chilkat.Csr") $bSuccess = $oCsr0.LoadCsrPem($oSbCsr.GetAsString()) If ($bSuccess = False) Then ConsoleWrite($oCsr0.LastErrorText & @CRLF) Exit EndIf $oXml0 = ObjCreate("Chilkat.Xml") $bSuccess = $oCsr0.GetExtensionRequest($oXml0) If ($bSuccess = False) Then ConsoleWrite($oCsr0.LastErrorText & @CRLF) Exit EndIf ; Let's examine the extension request.. ConsoleWrite($oXml0.GetXml() & @CRLF) ; <?xml version="1.0" encoding="utf-8"?> ; <set> ; <sequence> ; <sequence> ; <oid>1.3.6.1.4.1.311.20.2</oid> ; <asnOctets> ; <printable>ZATCA-Code-Signing</printable> ; </asnOctets> ; </sequence> ; <sequence> ; <oid>2.5.29.17</oid> ; <asnOctets> ; <sequence> ; <contextSpecific tag="4" constructed="1"> ; <sequence> ; <set> ; <sequence> ; <oid>2.5.4.4</oid> ; <utf8>1-ASC|2-V01|3-1234567890</utf8> ; </sequence> ; </set> ; <set> ; <sequence> ; <oid>0.9.2342.19200300.100.1.1</oid> ; <utf8>312345678900003</utf8> ; </sequence> ; </set> ; <set> ; <sequence> ; <oid>2.5.4.12</oid> ; <utf8>1100</utf8> ; </sequence> ; </set> ; <set> ; <sequence> ; <oid>2.5.4.26</oid> ; <utf8>Dammam</utf8> ; </sequence> ; </set> ; <set> ; <sequence> ; <oid>2.5.4.15</oid> ; <utf8>IT</utf8> ; </sequence> ; </set> ; </sequence> ; </contextSpecific> ; </sequence> ; </asnOctets> ; </sequence> ; </sequence> ; </set> ; If you wish to generate the above XML without going through the above steps, copy the XML into ; the online tool at https://tools.chilkat.io/xmlCreate ; Here is the generated code for the above XML: $oXml = ObjCreate("Chilkat.Xml") $oXml.Tag = "set" $oXml.UpdateChildContent "sequence|sequence|oid","1.3.6.1.4.1.311.20.2" $oXml.UpdateChildContent "sequence|sequence|asnOctets|printable","ZATCA-Code-Signing" $oXml.UpdateChildContent "sequence|sequence[1]|oid","2.5.29.17" $oXml.UpdateAttrAt("sequence|sequence[1]|asnOctets|sequence|contextSpecific",True,"tag","4") $oXml.UpdateAttrAt("sequence|sequence[1]|asnOctets|sequence|contextSpecific",True,"constructed","1") $oXml.UpdateChildContent "sequence|sequence[1]|asnOctets|sequence|contextSpecific|sequence|set|sequence|oid","2.5.4.4" $oXml.UpdateChildContent "sequence|sequence[1]|asnOctets|sequence|contextSpecific|sequence|set|sequence|utf8","1-ASC|2-V01|3-1234567890" $oXml.UpdateChildContent "sequence|sequence[1]|asnOctets|sequence|contextSpecific|sequence|set[1]|sequence|oid","0.9.2342.19200300.100.1.1" $oXml.UpdateChildContent "sequence|sequence[1]|asnOctets|sequence|contextSpecific|sequence|set[1]|sequence|utf8","312345678900003" $oXml.UpdateChildContent "sequence|sequence[1]|asnOctets|sequence|contextSpecific|sequence|set[2]|sequence|oid","2.5.4.12" $oXml.UpdateChildContent "sequence|sequence[1]|asnOctets|sequence|contextSpecific|sequence|set[2]|sequence|utf8","1100" $oXml.UpdateChildContent "sequence|sequence[1]|asnOctets|sequence|contextSpecific|sequence|set[3]|sequence|oid","2.5.4.26" $oXml.UpdateChildContent "sequence|sequence[1]|asnOctets|sequence|contextSpecific|sequence|set[3]|sequence|utf8","Dammam" $oXml.UpdateChildContent "sequence|sequence[1]|asnOctets|sequence|contextSpecific|sequence|set[4]|sequence|oid","2.5.4.15" $oXml.UpdateChildContent "sequence|sequence[1]|asnOctets|sequence|contextSpecific|sequence|set[4]|sequence|utf8","IT" ; We'll need a new secp256k1 private key, so let's generate it. $oEcdsa = ObjCreate("Chilkat.Ecc") $oPrng = ObjCreate("Chilkat.Prng") Local $oPrivKey = $oEcdsa.GenEccKey("secp256k1",$oPrng) If ($oEcdsa.LastMethodSuccess = False) Then ConsoleWrite($oEcdsa.LastErrorText & @CRLF) Exit EndIf ConsoleWrite("Generated secp256k1 private key." & @CRLF) ; Use a new CSR object to generate a CSR with the private key and extension request. $oCsr = ObjCreate("Chilkat.Csr") ; Add the [dn] fields ; [ dn ] ; CN =EXAMPLE-CORP # Common Name ; C=SA # Country Code e.g SA ; OU=HEAD-OFFICE # Organization Unit Name ; O=ASC # Organization Name $oCsr.CommonName = "EXAMPLE-CORP" $oCsr.Country = "SA" $oCsr.CompanyDivision = "HEAD-OFFICE" $oCsr.Company = "ASC" ; Add the extension request to the CSR $oCsr.SetExtensionRequest($oXml) ; Generate the CSR with the extension request Local $sCsrPem = $oCsr.GenCsrPem($oPrivKey) If ($oCsr.LastMethodSuccess = False) Then ConsoleWrite($oCsr.LastErrorText & @CRLF) Exit EndIf ConsoleWrite($sCsrPem & @CRLF) ; Sample output: ; -----BEGIN CERTIFICATE REQUEST----- ; MIIBuDCCAV8CAQAwSDEVMBMGA1UEAwwMRVhBTVBMRS1DT1JQMQswCQYDVQQGEwJT ; QTEUMBIGA1UECwwLSEVBRC1PRkZJQ0UxDDAKBgNVBAoMA0FTQzBWMBAGByqGSM49 ; AgEGBSuBBAAKA0IABFI5rusr76HiJcMMr1r4L0B0BOAs6azLkt/RwHoT6A0xFRRt ; tulWT40tNhx3qJ4I5ePNgMceOEtuK1kMGVTovI6ggbcwgbQGCSqGSIb3DQEJDjGB ; pjCBozAhBgkrBgEEAYI3FAIEFBMSWkFUQ0EtQ29kZS1TaWduaW5nMH4GA1UdEQR3 ; MHWkczBxMSEwHwYDVQQEDBgxLUFTQ3wyLVYwMXwzLTEyMzQ1Njc4OTAxHzAdBgoJ ; kiaJk/IsZAEBDA8zMTIzNDU2Nzg5MDAwMDMxDTALBgNVBAwMBDExMDAxDzANBgNV ; BBoMBkRhbW1hbTELMAkGA1UEDwwCSVQwCgYIKoZIzj0EAwIDRwAwRAIgJnbgpSGb ; diB+0M1VTqc1GU9sFsfnOvVN/8WhWRRxQIwCIF5eH9vgMgXyoU284X8Bx3dqOJ4q ; xashGWci87POxSvT ; -----END CERTIFICATE REQUEST----- |
||||
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.