|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(Tcl) Get Certificate Authority Information AccessDemonstrates how to get a certificate's Authority Information Access extension data (if it exists). Note: This example requires Chilkat v9.5.0.76 or greater.
load ./chilkat.dll set cert [new_CkCert] set success [CkCert_LoadFromFile $cert "qa_data/certs/test_haswdt.cer"] if {$success != 1} then { puts [CkCert_lastErrorText $cert] delete_CkCert $cert exit } # Get the Authority Information Access extension, which is at OID 1.3.6.1.5.5.7.1.1 set extensionXmlStr [CkCert_getExtensionAsXml $cert "1.3.6.1.5.5.7.1.1"] if {[CkCert_get_LastMethodSuccess $cert] == 0} then { puts "Certificate does not have the AuthInfoAccess extension." delete_CkCert $cert exit } set xml [new_CkXml] CkXml_LoadXml $xml $extensionXmlStr # See what we have.. puts [CkXml_getXml $xml] # We should get XML like this: # <?xml version="1.0" encoding="utf-8" ?> # <sequence> # <sequence> # <oid>1.3.6.1.5.5.7.48.2</oid> # <contextSpecific tag="6" constructed="0">aHR0cDovL2NydC5jb21vZG9jYS5jb20vQ09NT0RPUlNBQ2xpZW50QXV0aGVudGljYXRpb25hbmRTZWN1 # cmVFbWFpbENBLmNydA==</contextSpecific> # </sequence> # <sequence> # <oid>1.3.6.1.5.5.7.48.1</oid> # <contextSpecific tag="6" constructed="0">aHR0cDovL29jc3AuY29tb2RvY2EuY29t</contextSpecific> # </sequence> # </sequence> # Typically, a certificate AIA(Authority Information access) contains 2 parts: # # On-line Certificate Status Protocol (1.3.6.1.5.5.7.48.1) # Certification Authority Issuer (1.3.6.1.5.5.7.48.2) # # The base64 content for each OID (in this case) is just a string. # The data can be accessed and decoded like this: set sbOcsp [new_CkStringBuilder] set success [CkXml_GetChildContentSb $xml "/C/oid,1.3.6.1.5.5.7.48.1|++" $sbOcsp] if {$success == 1} then { CkStringBuilder_Decode $sbOcsp "base64" "utf-8" puts "1.3.6.1.5.5.7.48.1: [CkStringBuilder_getAsString $sbOcsp]" } set sbIssuer [new_CkStringBuilder] set success [CkXml_GetChildContentSb $xml "/C/oid,1.3.6.1.5.5.7.48.2|++" $sbIssuer] if {$success == 1} then { CkStringBuilder_Decode $sbIssuer "base64" "utf-8" puts "1.3.6.1.5.5.7.48.2: [CkStringBuilder_getAsString $sbIssuer]" } # The output looks like this: # 1.3.6.1.5.5.7.48.1: http://ocsp.comodoca.com # 1.3.6.1.5.5.7.48.2: http://crt.comodoca.com/COMODORSAClientAuthenticationandSecureEmailCA.crt # ------------------------------------------------------------------------------- # Note: The Chilkat path passed to GetChildContentSb is composed of two commands: # The first command is "/C/oid,1.3.6.1.5.5.7.48.1". It says "traverse the XML tree from the caller # node and stop at the 1st node having tag = "oid" and content = "1.3.6.1.5.5.7.48.1". # The "|" char separates the 1st command from the 2nd. # The 2nd command is "++" and says "move to the next sibling". delete_CkCert $cert delete_CkXml $xml delete_CkStringBuilder $sbOcsp delete_CkStringBuilder $sbIssuer |
||||
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.