Visual FoxPro
Visual FoxPro
Generate a CSR with keyUsage, extKeyUsage, and other Extensions
See more CSR Examples
Demonstrates how to generate a CSR containing a 1.2.840.113549.1.9.14 extensionRequest with the following extensions:- 1.3.6.1.4.1.311.20.2 enrollCerttypeExtension
- 2.5.29.15 keyUsage
- 2.5.29.37 extKeyUsage
- 2.5.29.14 subjectKeyIdentifier
Chilkat Visual FoxPro Downloads
LOCAL lnSuccess
LOCAL loEcc
LOCAL loPrng
LOCAL loPrivKey
LOCAL loCsr
LOCAL s
LOCAL loBdTemp
LOCAL lcS_base64_utf16be
LOCAL loXml
LOCAL loPubKey
LOCAL loBdPubKeyDer
LOCAL lcSki
LOCAL lcCsrPem
lnSuccess = 0
* This requires the Chilkat API to have been previously unlocked.
* See Global Unlock Sample for sample code.
* This example will generate a secp256r1 ECDSA key for the CSR.
loEcc = CreateObject('Chilkat.Ecc')
loPrng = CreateObject('Chilkat.Prng')
loPrivKey = CreateObject('Chilkat.PrivateKey')
lnSuccess = loEcc.GenKey("secp256r1",loPrng,loPrivKey)
IF (lnSuccess = 0) THEN
? "Failed to generate a new ECDSA private key."
RELEASE loEcc
RELEASE loPrng
RELEASE loPrivKey
CANCEL
ENDIF
loCsr = CreateObject('Chilkat.Csr')
* Add common CSR fields:
loCsr.CommonName = "mysubdomain.mydomain.com"
loCsr.Country = "GB"
loCsr.State = "Yorks"
loCsr.Locality = "York"
loCsr.Company = "Internet Widgits Pty Ltd"
loCsr.EmailAddress = "support@mydomain.com"
* Add the following 1.2.840.113549.1.9.14 extensionRequest
* Note: The easiest way to know the content and format of the XML to be added is to examine
* a pre-existing CSR with the same desired extensionRequest. You can use Chilkat to
* get the extensionRequest from an existing CSR.
*
* Here is a sample extension request:
* <?xml version="1.0" encoding="utf-8"?>
* <set>
* <sequence>
* <sequence>
* <oid>1.3.6.1.4.1.311.20.2</oid>
* <asnOctets>
* <universal tag="30" constructed="0">AEUAbgBkAEUAbgB0AGkAdAB5AEMAbABpAGUAbgB0AEEAdQB0AGgAQwBlAHIAdABpAGYAaQBjAGEAdABl
* AF8AQwBTAFIAUABhAHMAcwB0AGgAcgBvAHUAZwBoAC8AVgAx</universal>
* </asnOctets>
* </sequence>
* <sequence>
* <oid>2.5.29.15</oid>
* <bool>1</bool>
* <asnOctets>
* <bits n="3">A0</bits>
* </asnOctets>
* </sequence>
* <sequence>
* <oid>2.5.29.37</oid>
* <asnOctets>
* <sequence>
* <oid>1.3.6.1.5.5.7.3.3</oid>
* </sequence>
* </asnOctets>
* </sequence>
* <sequence>
* <oid>2.5.29.14</oid>
* <asnOctets>
* <octets>MCzBMQAViXBz8IDt8LsgmJxJ4Xg=</octets>
* </asnOctets>
* </sequence>
* </sequence>
* </set>
* Use this online tool to generate code from sample XML:
* Generate Code to Create XML
* A few notes:
* The string "AEUAbgBkAEUAbgB0AGkAdAB5AEMAbABpAGUAbgB0AEEAdQB0AGgAQwBlAHIAdABpAGYAaQBjAGEAdABlAF8AQwBTAFIAUABhAHMAcwB0AGgAcgBvAHUAZwBoAC8AVgAx"
* is the base64 encoding of the utf-16be byte representation of the string "EndEntityClientAuthCertificate_CSRPassthrough/V1"
s = "EndEntityClientAuthCertificate_CSRPassthrough/V1"
loBdTemp = CreateObject('Chilkat.BinData')
loBdTemp.AppendString(s,"utf-16be")
lcS_base64_utf16be = loBdTemp.GetEncoded("base64")
* The string should be "AEUA....."
? lcS_base64_utf16be
* Here's the code to generate the above extension request.
loXml = CreateObject('Chilkat.Xml')
loXml.Tag = "set"
loXml.UpdateChildContent("sequence|sequence|oid","1.3.6.1.4.1.311.20.2")
loXml.UpdateAttrAt("sequence|sequence|asnOctets|universal",1,"tag","30")
loXml.UpdateAttrAt("sequence|sequence|asnOctets|universal",1,"constructed","0")
loXml.UpdateChildContent("sequence|sequence|asnOctets|universal",lcS_base64_utf16be)
loXml.UpdateChildContent("sequence|sequence[1]|oid","2.5.29.15")
loXml.UpdateChildContent("sequence|sequence[1]|bool","1")
loXml.UpdateAttrAt("sequence|sequence[1]|asnOctets|bits",1,"n","3")
* A0 is hex for decimal 160.
loXml.UpdateChildContent("sequence|sequence[1]|asnOctets|bits","A0")
loXml.UpdateChildContent("sequence|sequence[2]|oid","2.5.29.37")
loXml.UpdateChildContent("sequence|sequence[2]|asnOctets|sequence|oid","1.3.6.1.5.5.7.3.3")
* This is the subjectKeyIdentifier extension.
* The string "MCzBMQAViXBz8IDt8LsgmJxJ4Xg=" is base64 that decodes to 20 bytes, which is a SHA1 hash.
* This is simply a hash of the DER of the public key.
loPubKey = CreateObject('Chilkat.PublicKey')
loPrivKey.ToPublicKey(loPubKey)
loBdPubKeyDer = CreateObject('Chilkat.BinData')
loBdPubKeyDer.AppendEncoded(loPubKey.GetEncoded(1,"base64"),"base64")
lcSki = loBdPubKeyDer.GetHash("sha1","base64")
loXml.UpdateChildContent("sequence|sequence[3]|oid","2.5.29.14")
loXml.UpdateChildContent("sequence|sequence[3]|asnOctets|octets",lcSki)
* Add the extension request to the CSR
loCsr.SetExtensionRequest(loXml)
* Generate the CSR with the extension request
lcCsrPem = loCsr.GenCsrPem(loPrivKey)
IF (loCsr.LastMethodSuccess = 0) THEN
? loCsr.LastErrorText
RELEASE loEcc
RELEASE loPrng
RELEASE loPrivKey
RELEASE loCsr
RELEASE loBdTemp
RELEASE loXml
RELEASE loPubKey
RELEASE loBdPubKeyDer
CANCEL
ENDIF
? lcCsrPem
RELEASE loEcc
RELEASE loPrng
RELEASE loPrivKey
RELEASE loCsr
RELEASE loBdTemp
RELEASE loXml
RELEASE loPubKey
RELEASE loBdPubKeyDer