CryptoSys PKI Toolkit Manual

X509_GetCertFromP7Chain

X509_GetCertFromP7Chain extracts an X.509 certificate from a PKCS-7 "certs-only" certificate chain file (typically saved with extension .p7c or .p7b), saving the output directly as a new file.

VB6/VBA Syntax

Public Declare Function X509_GetCertFromP7Chain Lib "diCrPKI.dll" (ByVal strOutputFile As String, ByVal strP7cFile As String, ByVal nIndex As Long, ByVal nOptions As Long) As Long

nRet = X509_GetCertFromP7Chain(strOutputFile, strP7cFile, nIndex, nOptions) As Long

Parameters

strOutputFile
[in] String specifying the filename of the output file to be created.
strP7cFile
[in] String containing the PKCS-7 "certs-only" filename.
nIndex
[in] Long specifying which certificate (1,2,...) in the chain to extract, or 0 to return the count of certificates in the set.
nOptions
[in] Long option flags: not used in this release. Specify zero.

C/C++ Syntax

long _stdcall X509_GetCertFromP7Chain(const char *szOutputFile, const char *szP7cFile, long nIndex, long nOptions);

Returns (VB6/C)

Long: If successful and nIndex is greater than zero, it returns the number of bytes written to the output file, which may be zero if no certificate could be found at the given index. However, if nIndex is zero, it returns the count of certificates found in the list. If an error occurred, it returns a negative error code.

.NET Equivalent

X509.GetCertFromP7Chain Method

Remarks

If nIndex is specified as a number greater than zero, the nIndex'th certificate found in the list, if any, will be extracted and saved directly as a DER-encoded X.509 certificate file. If nIndex is specified as zero, no output is created and the count of certificates found in the list will be returned. This function will also extract certificates from CMS signed data objects, too. The input must be in binary BER-encoded format.

Example

nCerts = X509_GetCertFromP7Chain("", "certs.p7c", 0, 0)

will return the number of certificates found in the file certs.p7c.

nBytes = X509_GetCertFromP7Chain("cert2.cer", "certs.p7c", 2, 0)

will extract the second certificate in certs.p7c and create a new X.509 certificate file called cert2.cer containing nBytes bytes.

The following example shows how to extract all the certificates from a PKCS-7 CertList file

Dim nRet As Long
Dim strListFile As String
Dim strCertFile As String
Dim nCerts As Long
Dim iCert As Long

strListFile = "bob.p7b"
' How many certificates?
nCerts = X509_GetCertFromP7Chain("", strListFile, 0, 0)
Debug.Print "X509_GetCertFromP7Chain(0) returns " & nCerts & " for " & strListFile
' Enumerate through them all
If nCerts > 0 Then
    For iCert = 1 To nCerts
        strCertFile = "bobcert" & iCert & ".cer"
        nRet = X509_GetCertFromP7Chain(strCertFile, strListFile, iCert, 0)
        Debug.Print "X509_GetCertFromP7Chain(" & iCert & ") returns " _
            & nRet & "->" & strCertFile
    Next
End If

This should result in output as follows:

X509_GetCertFromP7Chain(0) returns 2 for C:\Test\bob.p7b
X509_GetCertFromP7Chain(1) returns 555->C:\Test\bobcert1.cer
X509_GetCertFromP7Chain(2) returns 495->C:\Test\bobcert2.cer

where, in this example, the file bob.p7b contains two X.509 certificates of size 555 and 495 bytes respectively.

See Also

X509_GetCertFromPFX CMS_QuerySigData

[Contents] [Index]

[HOME]   [NEXT: X509_GetCertFromPFX...]
Copyright © 2004-10 D.I. Management Services Pty Ltd. All rights reserved.