CryptoSys PKI Pro Manual

X509_GetCertFromP7Chain

Extracts an X.509 certificate from a PKCS-7 "certs-only" certificate chain file (typically saved with extension .p7c or .p7b), saving the output directly as a new file.

VBA/VB6 Syntax

Public Declare Function X509_GetCertFromP7Chain Lib "diCrPKI.dll" (ByVal strOutputFile As String, ByVal strP7cFile As String, ByVal nIndex As Long, ByVal nOptions As Long) As Long

nRet = X509_GetCertFromP7Chain(strOutputFile, strP7cFile, nIndex, nOptions) As Long

C/C++ Syntax

long __stdcall X509_GetCertFromP7Chain(const char *szNewCertFile, const char *szP7cFile, long nIndex, long nOptions);

Parameters

szNewCertFile
[in] filename of the output file to be created.
szP7cFile
[in] filename of the PKCS-7 "certs-only" file, or a string containing its PEM textual representation.
nIndex
[in] specifying which certificate (1,2,...) in the chain to extract, or 0 (deprecated) to return the count of certificates in the set.
nOptions
[in] option flags: not used in this release. Specify zero.

Returns (VBA/C)

If successful and nIndex is greater than zero, it returns the number of bytes written to the output file, which may be zero if no certificate could be found at the given index. If an error occurred, it returns a negative error code.

.NET Equivalent

X509.GetCertFromP7Chain Method

C++ (STL) Equivalent

static bool dipki::X509::GetCertFromP7Chain (const std::string &outputFile, const std::string &inputFile, int index)

Python Equivalent

static X509.get_cert_from_p7(outfile, p7file, index=1)

Remarks

If nIndex is specified as a number greater than zero, the nIndex'th certificate found in the list, if any, will be extracted and saved directly as a DER-encoded X.509 certificate file. This function will also extract certificates from CMS signed data objects, too.

[New in v12.2] To find the number of certificates in the chain, use X509_GetCertCountInP7Chain. The old (deprecated) way to find the count of certificates was to set nIndex to zero.

Example

nBytes = X509_GetCertFromP7Chain("cert2.cer", "certs.p7c", 2, 0)

will extract the second certificate in certs.p7c and create a new X.509 certificate file called cert2.cer containing nBytes bytes.

The following example shows how to extract all the certificates from a PKCS-7 CertList file

Dim nRet As Long
Dim strListFile As String
Dim strCertFile As String
Dim nCerts As Long
Dim iCert As Long

strListFile = "bob.p7b"
' How many certificates?  - NB new function in [v12.2]
nCerts = X509_GetCertCountInP7Chain(strListFile, 0)
Debug.Print "X509_GetCertCountInP7Chain returns " & nCerts & " for " & strListFile
' Enumerate through them all
If nCerts > 0 Then
    For iCert = 1 To nCerts
        strCertFile = "bobcert" & iCert & ".cer"
        nRet = X509_GetCertFromP7Chain(strCertFile, strListFile, iCert, 0)
        Debug.Print "X509_GetCertFromP7Chain(" & iCert & ") returns " _
            & nRet & "->" & strCertFile
    Next
End If

This should result in output as follows:

X509_GetCertCountInP7Chain() returns 2 for bob.p7b
X509_GetCertFromP7Chain(1) returns 555->bobcert1.cer
X509_GetCertFromP7Chain(2) returns 495->bobcert2.cer

where, in this example, the file bob.p7b contains two X.509 certificates of size 555 and 495 bytes respectively.

See Also

X509_ReadCertStringFromP7Chain X509_GetCertCountInP7Chain CMS_QuerySigData

[Contents] [Index]

[PREV: X509_GetCertCountInP7Chain...]   [Contents]   [Index]   
   [NEXT: X509_GetCertFromPFX...]
Copyright © 2004-24 D.I. Management Services Pty Ltd. All rights reserved. Generated 2024-09-23T07:52:09Z.