PureBasic
PureBasic
Get Certificate Authority Information Access
See more Certificates Examples
Demonstrates how to get a certificate's Authority Information Access extension data (if it exists).Note: This example requires Chilkat v9.5.0.76 or greater.
Chilkat PureBasic Downloads
IncludeFile "CkCert.pb"
IncludeFile "CkStringBuilder.pb"
IncludeFile "CkXml.pb"
Procedure ChilkatExample()
success.i = 0
cert.i = CkCert::ckCreate()
If cert.i = 0
Debug "Failed to create object."
ProcedureReturn
EndIf
success = CkCert::ckLoadFromFile(cert,"qa_data/certs/test_haswdt.cer")
If success <> 1
Debug CkCert::ckLastErrorText(cert)
CkCert::ckDispose(cert)
ProcedureReturn
EndIf
; Get the Authority Information Access extension, which is at OID 1.3.6.1.5.5.7.1.1
extensionXmlStr.s = CkCert::ckGetExtensionAsXml(cert,"1.3.6.1.5.5.7.1.1")
If CkCert::ckLastMethodSuccess(cert) = 0
Debug "Certificate does not have the AuthInfoAccess extension."
CkCert::ckDispose(cert)
ProcedureReturn
EndIf
xml.i = CkXml::ckCreate()
If xml.i = 0
Debug "Failed to create object."
ProcedureReturn
EndIf
CkXml::ckLoadXml(xml,extensionXmlStr)
; See what we have..
Debug CkXml::ckGetXml(xml)
; We should get XML like this:
; <?xml version="1.0" encoding="utf-8" ?>
; <sequence>
; <sequence>
; <oid>1.3.6.1.5.5.7.48.2</oid>
; <contextSpecific tag="6" constructed="0">aHR0cDovL2NydC5jb21vZG9jYS5jb20vQ09NT0RPUlNBQ2xpZW50QXV0aGVudGljYXRpb25hbmRTZWN1
; cmVFbWFpbENBLmNydA==</contextSpecific>
; </sequence>
; <sequence>
; <oid>1.3.6.1.5.5.7.48.1</oid>
; <contextSpecific tag="6" constructed="0">aHR0cDovL29jc3AuY29tb2RvY2EuY29t</contextSpecific>
; </sequence>
; </sequence>
; Typically, a certificate AIA(Authority Information access) contains 2 parts:
;
; On-line Certificate Status Protocol (1.3.6.1.5.5.7.48.1)
; Certification Authority Issuer (1.3.6.1.5.5.7.48.2)
;
; The base64 content for each OID (in this case) is just a string.
; The data can be accessed and decoded like this:
sbOcsp.i = CkStringBuilder::ckCreate()
If sbOcsp.i = 0
Debug "Failed to create object."
ProcedureReturn
EndIf
success = CkXml::ckGetChildContentSb(xml,"/C/oid,1.3.6.1.5.5.7.48.1|++",sbOcsp)
If success = 1
CkStringBuilder::ckDecode(sbOcsp,"base64","utf-8")
Debug "1.3.6.1.5.5.7.48.1: " + CkStringBuilder::ckGetAsString(sbOcsp)
EndIf
sbIssuer.i = CkStringBuilder::ckCreate()
If sbIssuer.i = 0
Debug "Failed to create object."
ProcedureReturn
EndIf
success = CkXml::ckGetChildContentSb(xml,"/C/oid,1.3.6.1.5.5.7.48.2|++",sbIssuer)
If success = 1
CkStringBuilder::ckDecode(sbIssuer,"base64","utf-8")
Debug "1.3.6.1.5.5.7.48.2: " + CkStringBuilder::ckGetAsString(sbIssuer)
EndIf
; The output looks like this:
; 1.3.6.1.5.5.7.48.1: http://ocsp.comodoca.com
; 1.3.6.1.5.5.7.48.2: http://crt.comodoca.com/COMODORSAClientAuthenticationandSecureEmailCA.crt
; -------------------------------------------------------------------------------
; Note: The Chilkat path passed to GetChildContentSb is composed of two commands:
; The first command is "/C/oid,1.3.6.1.5.5.7.48.1". It says "traverse the XML tree from the caller
; node and stop at the 1st node having tag = "oid" and content = "1.3.6.1.5.5.7.48.1".
; The "|" char separates the 1st command from the 2nd.
; The 2nd command is "++" and says "move to the next sibling".
CkCert::ckDispose(cert)
CkXml::ckDispose(xml)
CkStringBuilder::ckDispose(sbOcsp)
CkStringBuilder::ckDispose(sbIssuer)
ProcedureReturn
EndProcedure