CryptoSys PKI Pro Manual

X509_CertThumb

Calculates the thumbprint (message digest hash) of an X.509 certificate.

VBA/VB6 Syntax

Public Declare Function X509_CertThumb Lib "diCrPKI.dll" (ByVal strCertFile As String, ByVal strHexHash As String, ByVal nHexHashLen As Long, ByVal nOptions As Long) As Long

nRet = X509_CertThumb(strCertFile, strHexHash, nHexHashLen, nOptions)

C/C++ Syntax

long __stdcall X509_CertThumb(const char *szCertFile, char *szOutput, long nOutChars, long nOptions);

Parameters

szCertFile
[in] with the filename of the X.509 certificate (or base64 representation).
szOutput
[out] to receive the message digest.
nOutChars
[in] specifying the maximum length of the digest string.
nOptions
[in] Option flags. Select one of:
PKI_HASH_SHA1 (0) to use the SHA-1 algorithm (default)
PKI_HASH_SHA224 to use the SHA-224 algorithm
PKI_HASH_SHA256 to use the SHA-256 algorithm
PKI_HASH_SHA384 to use the SHA-384 algorithm
PKI_HASH_SHA512 to use the SHA-512 algorithm
PKI_HASH_MD5 to use the MD5 algorithm

Returns (VBA/C)

the number of digits set in the output string or a negative error code.

VBA Wrapper Syntax

Public Function x509CertThumb (szCertFile As String, Optional nOptions As Long = 0) As String

.NET Equivalent

X509.CertThumb Method

C++ (STL) Equivalent

static std::string dipki::X509::CertThumb (const std::string &certFile, HashAlg hashAlg=HashAlg::Sha1)

Python Equivalent

static X509.cert_thumb(certfilename, hashalg=0)

Remarks

For the "raw" VBA/C function, the user must allocate an output string buffer szOutput of the required length. Specify a zero nOutChars or an empty string for szOutput to find the required length. ANSI C users must add one to this value when allocating memory.

The maximum length of the output string is PKI_MAX_HASH_CHARS (C/C++ users add one). The default hash algorithm is SHA-1 and the result should match the SHA-1 thumbprint shown in the Windows Certificate Viewer.

Example (VBA core function)

These examples compute the SHA-1 message digest hash ("thumbprint") of Alice's certificate from S/MIME examples. 

Dim nRet As Long
Dim strCertName As String
Dim strHexHash As String
 
strHexHash = String(PKI_SHA1_CHARS, " ")
strCertName = "AliceRSASignByCarl.cer"
nRet = X509_CertThumb(strCertName, strHexHash, Len(strHexHash), 0)
Debug.Print "X509_CertThumb returns " & nRet & " for " & strCertName
Debug.Print strHexHash

In C:

long lRet;
char *certname = "C:\\test\\AliceRSASignByCarl.cer";
char hexdigest[PKI_SHA1_CHARS+1]; /* NB one extra */

lRet = X509_CertThumb(certname, hexdigest, sizeof(hexdigest)-1, 0);
printf("X509_CertThumb returns %ld for %s\n", lRet, certname);
printf("%s\n", hexdigest);

Both of these should result in

X509_CertThumb returns 40 for AliceRSASignByCarl.cer
b30c48855055c2e64ce3196492d4b83831a6b3cb

Example (VBA wrapper function)

Dim strCertString As String
strCertString = x509ReadStringFromFile("AliceRSASignByCarl.cer")
Debug.Print strCertString
Debug.Print "CertThumb=" & x509CertThumb(strCertString)
strCertString = x509ReadCertStringFromP7Chain("alice_bob_carl_certs.p7c", 3)
Debug.Print strCertString
Debug.Print "CertThumb=" & x509CertThumb(strCertString)
Debug.Print "HashIssuerAndSN=" & x509HashIssuerAndSN(strCertString, PKI_HASH_SHA256)

See Also

X509_CertIsValidNow X509_VerifyCert

[Contents] [Index]

[PREV: X509_CertSubjectName...]   [Contents]   [Index]   
   [NEXT: X509_CheckCertInCRL...]
Copyright © 2004-24 D.I. Management Services Pty Ltd. All rights reserved. Generated 2024-09-23T07:52:09Z.