(Visual FoxPro) Duplicate CSR Created by OpenSSL with Config.cnf

See more CSR Examples

Demonstrates how to duplicate a CSR created by the following commands:

# Generate Private Key
openssl ecparam -name secp256k1 -genkey -noout -out PrivateKey.pem

#Generate CSR
openssl req -new -sha256 -key PrivateKey.pem -extensions v3_req -config Config.cnf -out CSR.csr

Chilkat ActiveX Downloads ActiveX for 32-bit and 64-bit Windows

LOCAL loSbCsr
LOCAL lnSuccess
LOCAL loCsr0
LOCAL loXml0
LOCAL loXml
LOCAL loEcdsa
LOCAL loPrng
LOCAL loPrivKey
LOCAL loCsr
LOCAL lcCsrPem

* This example assumes the Chilkat API to have been previously unlocked.
* See Global Unlock Sample for sample code.

* This example duplicates the CSR created by OpenSSL with the following config file:

* oid_section = OIDs
* [ OIDs ]
* certificateTemplateName= 1.3.6.1.4.1.311.20.2
* 
* [ req ]
* default_bits 	= 2048
* emailAddress 	= it@example.sa
* req_extensions	= v3_req
* x509_extensions 	= v3_ca
* prompt = no
* default_md = sha256
* req_extensions = req_ext
* distinguished_name = dn
* 
* [ v3_req ]
* basicConstraints = CA:FALSE
* keyUsage = digitalSignature, nonRepudiation, keyEncipherment
* 
* [req_ext]
* certificateTemplateName = ASN1:PRINTABLESTRING:ZATCA-Code-Signing
* subjectAltName = dirName:alt_names
* 
* [ dn ]
* CN =EXAMPLE-CORP  				# Common Name
* C=SA									# Country Code e.g SA
* OU=HEAD-OFFICE							# Organization Unit Name
* O=ASC									# Organization Name
* 
* [alt_names]
* SN=1-ASC|2-V01|3-1234567890				# EGS Serial Number 1-ABC|2-PQR|3-XYZ
* UID=312345678900003						# Organization Identifier (VAT Number)
* title=1100								# Invoice Type
* registeredAddress=Dammam  	 			# Address
* businessCategory=IT						# Business Category

* The OpenSSL commands we are duplicating:

* openssl ecparam -name secp256k1 -genkey -noout -out PrivateKey.pem
* openssl req -new -sha256 -key PrivateKey.pem -extensions v3_req -config Config.cnf -out CSR.csr

* The 1st step is to actually use OpenSSL to generate a sample CSR.csr that we wish to duplicate.
* With the sample CSR.csr, we get the ExtensionRequest as XML.  
* For example:

* For versions of Chilkat < 10.0.0, use CreateObject('Chilkat_9_5_0.StringBuilder')
loSbCsr = CreateObject('Chilkat.StringBuilder')
lnSuccess = loSbCsr.LoadFile("qa_data/csr/openssl_cnf/CSR.csr","utf-8")
IF (lnSuccess = 0) THEN
    ? "Failed to load CSR.csr"
    RELEASE loSbCsr
    CANCEL
ENDIF

* For versions of Chilkat < 10.0.0, use CreateObject('Chilkat_9_5_0.Csr')
loCsr0 = CreateObject('Chilkat.Csr')
lnSuccess = loCsr0.LoadCsrPem(loSbCsr.GetAsString())
IF (lnSuccess = 0) THEN
    ? loCsr0.LastErrorText
    RELEASE loSbCsr
    RELEASE loCsr0
    CANCEL
ENDIF

* For versions of Chilkat < 10.0.0, use CreateObject('Chilkat_9_5_0.Xml')
loXml0 = CreateObject('Chilkat.Xml')
lnSuccess = loCsr0.GetExtensionRequest(loXml0)
IF (lnSuccess = 0) THEN
    ? loCsr0.LastErrorText
    RELEASE loSbCsr
    RELEASE loCsr0
    RELEASE loXml0
    CANCEL
ENDIF

* Let's examine the extension request..
? loXml0.GetXml()

* <?xml version="1.0" encoding="utf-8"?>
* <set>
*     <sequence>
*         <sequence>
*             <oid>1.3.6.1.4.1.311.20.2</oid>
*             <asnOctets>
*                 <printable>ZATCA-Code-Signing</printable>
*             </asnOctets>
*         </sequence>
*         <sequence>
*             <oid>2.5.29.17</oid>
*             <asnOctets>
*                 <sequence>
*                     <contextSpecific tag="4" constructed="1">
*                         <sequence>
*                             <set>
*                                 <sequence>
*                                     <oid>2.5.4.4</oid>
*                                     <utf8>1-ASC|2-V01|3-1234567890</utf8>
*                                 </sequence>
*                             </set>
*                             <set>
*                                 <sequence>
*                                     <oid>0.9.2342.19200300.100.1.1</oid>
*                                     <utf8>312345678900003</utf8>
*                                 </sequence>
*                             </set>
*                             <set>
*                                 <sequence>
*                                     <oid>2.5.4.12</oid>
*                                     <utf8>1100</utf8>
*                                 </sequence>
*                             </set>
*                             <set>
*                                 <sequence>
*                                     <oid>2.5.4.26</oid>
*                                     <utf8>Dammam</utf8>
*                                 </sequence>
*                             </set>
*                             <set>
*                                 <sequence>
*                                     <oid>2.5.4.15</oid>
*                                     <utf8>IT</utf8>
*                                 </sequence>
*                             </set>
*                         </sequence>
*                     </contextSpecific>
*                 </sequence>
*             </asnOctets>
*         </sequence>
*     </sequence>
* </set>

* If you wish to generate the above XML without going through the above steps, copy the XML into
* the online tool at https://tools.chilkat.io/xmlCreate

* Here is the generated code for the above XML:

* For versions of Chilkat < 10.0.0, use CreateObject('Chilkat_9_5_0.Xml')
loXml = CreateObject('Chilkat.Xml')
loXml.Tag = "set"
loXml.UpdateChildContent("sequence|sequence|oid","1.3.6.1.4.1.311.20.2")
loXml.UpdateChildContent("sequence|sequence|asnOctets|printable","ZATCA-Code-Signing")
loXml.UpdateChildContent("sequence|sequence[1]|oid","2.5.29.17")
loXml.UpdateAttrAt("sequence|sequence[1]|asnOctets|sequence|contextSpecific",1,"tag","4")
loXml.UpdateAttrAt("sequence|sequence[1]|asnOctets|sequence|contextSpecific",1,"constructed","1")
loXml.UpdateChildContent("sequence|sequence[1]|asnOctets|sequence|contextSpecific|sequence|set|sequence|oid","2.5.4.4")
loXml.UpdateChildContent("sequence|sequence[1]|asnOctets|sequence|contextSpecific|sequence|set|sequence|utf8","1-ASC|2-V01|3-1234567890")
loXml.UpdateChildContent("sequence|sequence[1]|asnOctets|sequence|contextSpecific|sequence|set[1]|sequence|oid","0.9.2342.19200300.100.1.1")
loXml.UpdateChildContent("sequence|sequence[1]|asnOctets|sequence|contextSpecific|sequence|set[1]|sequence|utf8","312345678900003")
loXml.UpdateChildContent("sequence|sequence[1]|asnOctets|sequence|contextSpecific|sequence|set[2]|sequence|oid","2.5.4.12")
loXml.UpdateChildContent("sequence|sequence[1]|asnOctets|sequence|contextSpecific|sequence|set[2]|sequence|utf8","1100")
loXml.UpdateChildContent("sequence|sequence[1]|asnOctets|sequence|contextSpecific|sequence|set[3]|sequence|oid","2.5.4.26")
loXml.UpdateChildContent("sequence|sequence[1]|asnOctets|sequence|contextSpecific|sequence|set[3]|sequence|utf8","Dammam")
loXml.UpdateChildContent("sequence|sequence[1]|asnOctets|sequence|contextSpecific|sequence|set[4]|sequence|oid","2.5.4.15")
loXml.UpdateChildContent("sequence|sequence[1]|asnOctets|sequence|contextSpecific|sequence|set[4]|sequence|utf8","IT")

* We'll need a new secp256k1 private key, so let's generate it.
* For versions of Chilkat < 10.0.0, use CreateObject('Chilkat_9_5_0.Ecc')
loEcdsa = CreateObject('Chilkat.Ecc')
* For versions of Chilkat < 10.0.0, use CreateObject('Chilkat_9_5_0.Prng')
loPrng = CreateObject('Chilkat.Prng')
loPrivKey = loEcdsa.GenEccKey("secp256k1",loPrng)
IF (loEcdsa.LastMethodSuccess = 0) THEN
    ? loEcdsa.LastErrorText
    RELEASE loSbCsr
    RELEASE loCsr0
    RELEASE loXml0
    RELEASE loXml
    RELEASE loEcdsa
    RELEASE loPrng
    CANCEL
ENDIF

? "Generated secp256k1 private key."

* Use a new CSR object to generate a CSR with the private key and extension request.
* For versions of Chilkat < 10.0.0, use CreateObject('Chilkat_9_5_0.Csr')
loCsr = CreateObject('Chilkat.Csr')

* Add the [dn] fields
*  [ dn ]
*  CN =EXAMPLE-CORP  				# Common Name
*  C=SA									# Country Code e.g SA
*  OU=HEAD-OFFICE							# Organization Unit Name
*  O=ASC									# Organization Name
loCsr.CommonName = "EXAMPLE-CORP"
loCsr.Country = "SA"
loCsr.CompanyDivision = "HEAD-OFFICE"
loCsr.Company = "ASC"

* Add the extension request to the CSR
loCsr.SetExtensionRequest(loXml)

* Generate the CSR with the extension request
lcCsrPem = loCsr.GenCsrPem(loPrivKey)
IF (loCsr.LastMethodSuccess = 0) THEN
    ? loCsr.LastErrorText
    RELEASE loPrivKey
    RELEASE loSbCsr
    RELEASE loCsr0
    RELEASE loXml0
    RELEASE loXml
    RELEASE loEcdsa
    RELEASE loPrng
    RELEASE loCsr
    CANCEL
ENDIF

? lcCsrPem

RELEASE loPrivKey

* Sample output:

* -----BEGIN CERTIFICATE REQUEST-----
* MIIBuDCCAV8CAQAwSDEVMBMGA1UEAwwMRVhBTVBMRS1DT1JQMQswCQYDVQQGEwJT
* QTEUMBIGA1UECwwLSEVBRC1PRkZJQ0UxDDAKBgNVBAoMA0FTQzBWMBAGByqGSM49
* AgEGBSuBBAAKA0IABFI5rusr76HiJcMMr1r4L0B0BOAs6azLkt/RwHoT6A0xFRRt
* tulWT40tNhx3qJ4I5ePNgMceOEtuK1kMGVTovI6ggbcwgbQGCSqGSIb3DQEJDjGB
* pjCBozAhBgkrBgEEAYI3FAIEFBMSWkFUQ0EtQ29kZS1TaWduaW5nMH4GA1UdEQR3
* MHWkczBxMSEwHwYDVQQEDBgxLUFTQ3wyLVYwMXwzLTEyMzQ1Njc4OTAxHzAdBgoJ
* kiaJk/IsZAEBDA8zMTIzNDU2Nzg5MDAwMDMxDTALBgNVBAwMBDExMDAxDzANBgNV
* BBoMBkRhbW1hbTELMAkGA1UEDwwCSVQwCgYIKoZIzj0EAwIDRwAwRAIgJnbgpSGb
* diB+0M1VTqc1GU9sFsfnOvVN/8WhWRRxQIwCIF5eH9vgMgXyoU284X8Bx3dqOJ4q
* xashGWci87POxSvT
* -----END CERTIFICATE REQUEST-----

RELEASE loSbCsr
RELEASE loCsr0
RELEASE loXml0
RELEASE loXml
RELEASE loEcdsa
RELEASE loPrng
RELEASE loCsr