Unicode C
Unicode C
Get Certificate Authority Information Access
See more Certificates Examples
Demonstrates how to get a certificate's Authority Information Access extension data (if it exists).Note: This example requires Chilkat v9.5.0.76 or greater.
Chilkat Unicode C Downloads
#include <C_CkCertW.h>
#include <C_CkXmlW.h>
#include <C_CkStringBuilderW.h>
void ChilkatSample(void)
{
BOOL success;
HCkCertW cert;
const wchar_t *extensionXmlStr;
HCkXmlW xml;
HCkStringBuilderW sbOcsp;
HCkStringBuilderW sbIssuer;
success = FALSE;
cert = CkCertW_Create();
success = CkCertW_LoadFromFile(cert,L"qa_data/certs/test_haswdt.cer");
if (success != TRUE) {
wprintf(L"%s\n",CkCertW_lastErrorText(cert));
CkCertW_Dispose(cert);
return;
}
// Get the Authority Information Access extension, which is at OID 1.3.6.1.5.5.7.1.1
extensionXmlStr = CkCertW_getExtensionAsXml(cert,L"1.3.6.1.5.5.7.1.1");
if (CkCertW_getLastMethodSuccess(cert) == FALSE) {
wprintf(L"Certificate does not have the AuthInfoAccess extension.\n");
CkCertW_Dispose(cert);
return;
}
xml = CkXmlW_Create();
CkXmlW_LoadXml(xml,extensionXmlStr);
// See what we have..
wprintf(L"%s\n",CkXmlW_getXml(xml));
// We should get XML like this:
// <?xml version="1.0" encoding="utf-8" ?>
// <sequence>
// <sequence>
// <oid>1.3.6.1.5.5.7.48.2</oid>
// <contextSpecific tag="6" constructed="0">aHR0cDovL2NydC5jb21vZG9jYS5jb20vQ09NT0RPUlNBQ2xpZW50QXV0aGVudGljYXRpb25hbmRTZWN1
// cmVFbWFpbENBLmNydA==</contextSpecific>
// </sequence>
// <sequence>
// <oid>1.3.6.1.5.5.7.48.1</oid>
// <contextSpecific tag="6" constructed="0">aHR0cDovL29jc3AuY29tb2RvY2EuY29t</contextSpecific>
// </sequence>
// </sequence>
// Typically, a certificate AIA(Authority Information access) contains 2 parts:
//
// On-line Certificate Status Protocol (1.3.6.1.5.5.7.48.1)
// Certification Authority Issuer (1.3.6.1.5.5.7.48.2)
//
// The base64 content for each OID (in this case) is just a string.
// The data can be accessed and decoded like this:
sbOcsp = CkStringBuilderW_Create();
success = CkXmlW_GetChildContentSb(xml,L"/C/oid,1.3.6.1.5.5.7.48.1|++",sbOcsp);
if (success == TRUE) {
CkStringBuilderW_Decode(sbOcsp,L"base64",L"utf-8");
wprintf(L"1.3.6.1.5.5.7.48.1: %s\n",CkStringBuilderW_getAsString(sbOcsp));
}
sbIssuer = CkStringBuilderW_Create();
success = CkXmlW_GetChildContentSb(xml,L"/C/oid,1.3.6.1.5.5.7.48.2|++",sbIssuer);
if (success == TRUE) {
CkStringBuilderW_Decode(sbIssuer,L"base64",L"utf-8");
wprintf(L"1.3.6.1.5.5.7.48.2: %s\n",CkStringBuilderW_getAsString(sbIssuer));
}
// The output looks like this:
// 1.3.6.1.5.5.7.48.1: http://ocsp.comodoca.com
// 1.3.6.1.5.5.7.48.2: http://crt.comodoca.com/COMODORSAClientAuthenticationandSecureEmailCA.crt
// -------------------------------------------------------------------------------
// Note: The Chilkat path passed to GetChildContentSb is composed of two commands:
// The first command is "/C/oid,1.3.6.1.5.5.7.48.1". It says "traverse the XML tree from the caller
// node and stop at the 1st node having tag = "oid" and content = "1.3.6.1.5.5.7.48.1".
// The "|" char separates the 1st command from the 2nd.
// The 2nd command is "++" and says "move to the next sibling".
CkCertW_Dispose(cert);
CkXmlW_Dispose(xml);
CkStringBuilderW_Dispose(sbOcsp);
CkStringBuilderW_Dispose(sbIssuer);
}