X509CertificateToXmlDoc (String function)
Convert BER encoded X.509 certificate to XML (String class)
[Introduced in Sirius Mods 8.0]
X509 is a general authentication framework that establishes standard formats for for public-key certificates, certificate revocation list (CRLs), and more. X509CertificateToXmlDoc converts a string (Longstring) that contains a certificate to an XmlDoc.
Syntax
%doc = string:X509CertificateToXmlDoc Throws InvalidBerData
Syntax terms
| %doc | An XmlDoc object variable to contain the decoded value of the method object, string. |
|---|---|
| string | A DER encoded string that contains the contents of a digital certificate. |
Usage notes
- X509CertificateToXmlDoc is very similar to DerToXmlDoc, except that X509CrlToXmlDoc understands the semantics of the certificate tags, so it provides more meaningful XML element names. Contrast the DerToXmlDoc example with the X509CertificateToXmlDoc example, below.
- X509CertificateToXmlDoc is a complete implementation of the PKCS standards for X509 certificates.
- Currently, no method is available to produce a DER stream from an XmlDoc nor to validate the signature on a certificate.
Examples
In the following example, the PemToString method loads a Longstring with the contents of a base64 encoded Certificate. The Longstring is then converted to the XmlDoc whose contents are printed thereafter:
begin %ls is longstring %sl is object stringlist %doc is object xmldoc text to %sl = new raw -----BEGIN X509 CERTIFICATE----- MIIDyjCCArICBQG6t2wFMA0GCSqGSIb3DQEBBAUAMIGpMQswCQYDVQQGEwJVUzEL MAkGA1UECBMCTUExEjAQBgNVBAcTCUNhbWJyaWRnZTEdMBsGA1UEChMUU2lyaXVz IFNvZnR3YXJlIEluYy4xHTAbBgNVBAsTFFNvZnR3YXJlIERldmVsb3BtZW50MTsw OQYDVQQDEzJzaXJpdXN8c2lyaXVzLXNvZnR3YXJlLmNvbXx3d3cuc2lyaXVzLXNv ZnR3YXJlLmNvbTAeFw0xMjAxMjkxNzQ2NDFaFw0xMzAxMjkxNzQ2NDFaMIGpMQsw CQYDVQQGEwJVUzELMAkGA1UECBMCTUExEjAQBgNVBAcTCUNhbWJyaWRnZTEdMBsG A1UEChMUU2lyaXVzIFNvZnR3YXJlIEluYy4xHTAbBgNVBAsTFFNvZnR3YXJlIERl dmVsb3BtZW50MTswOQYDVQQDEzJzaXJpdXN8c2lyaXVzLXNvZnR3YXJlLmNvbXx3 d3cuc2lyaXVzLXNvZnR3YXJlLmNvbTCCASAwDQYJKoZIhvcNAQEBBQADggENADCC AQgCggEBAK64Djria2RMkAgUhNME8yfP15vprKFo5jQXw1hTkK2IvkmVeUY6/TSF FO6ueOM/Zpx4M+ke0k2cbQhge0zCaTvMoiACeK3uR0F7cXKgAqoCHw87o0W5+zPp p4XLCe41xQ16/GIunbCGidYMoy9lL45BsCgY2tpd7dq/FP0eO6JPogyZa8DeDqFY tvof6HtcVBwzKT0ZH/Wg3H++VnbUwE+15itvVuIIdRra7UKqctDdw/2JW/NJsQVb lZxIGO307dwm1BPzoHw+IkAoVUorcVn1+ZV5M4yDkjfv7D9BKAyI6eyM1UiCyX3C Zv27MHz+Ui/rrF1GPUsQRoUcLtTATdkCAQMwDQYJKoZIhvcNAQEEBQADggEBAAo1 QU/u3Yg8tBlbHT9RZOIQihw6HMDDjjFwrN0Yl4Dw70qh6ADI/u8MfxVBpt4gLqjP OAb1oGHslTjllqSoHIN6nP58SZHHL5ExOIFQJnWodRQyCyQ0dFWv4/TB6NihYZLb 3YJysceP8RdU9u6KMFca9AaXKIiBhDClAq0jXk/0ew4xlXJM8bRUXEVVWPGjXiP6 owT5jqCxVO6YyYMabVa1+fIu7g2EKOW26+2xdOBoti8wUHV5u/v7EhX4gl1SFRA0 HDqjT/PVYzAkLPr7LrMVUtPaE6ostjP4uLKr5K8IUz/Q7oab+sHeiTGk9qhflTMA K7EE6AGXgEWr5q18Xc0= -----END X509 CERTIFICATE----- end text %ls = %sl:pemToString('X509 CERTIFICATE') %doc = %ls:x509certificateTOXMLDOC %doc:print end
The result is shown below:
<Certificate> <tbsCertificate> <version>0</version> <serialNumber>7427550213</serialNumber> <signature> <algorithm name="md5WithRSAEncryption"> 1.2.840.113549.1.1.4 </algorithm> <parameters/> </signature> <issuer> <RelativeDistinguishedName> <countryName>US</countryName> </RelativeDistinguishedName> <RelativeDistinguishedName> <stateOrProvinceName type="PrintableString"> MA </stateOrProvinceName> </RelativeDistinguishedName> <RelativeDistinguishedName> <localityName type="PrintableString"> Cambridge </localityName> </RelativeDistinguishedName> <RelativeDistinguishedName> <organizationName type="PrintableString"> Sirius Software Inc. </organizationName> </RelativeDistinguishedName> <RelativeDistinguishedName> <organizationalUnitName type="PrintableString"> Software Development </organizationalUnitName> </RelativeDistinguishedName> <commonName type="PrintableString"> sirius|sirius-software.com|www.sirius-software.com </commonName> </RelativeDistinguishedName> </issuer> <validity> <notBefore type="UTCTime"> 20120129174641.000Z </notBefore> <notAfter type="UTCTime"> 20130129174641.000Z </notAfter> </validity> <subject> <RelativeDistinguishedName> <countryName>US</countryName> </RelativeDistinguishedName> <RelativeDistinguishedName> <stateOrProvinceName type="PrintableString"> MA </stateOrProvinceName> </RelativeDistinguishedName> <RelativeDistinguishedName> <localityName type="PrintableString"> Cambridge </localityName> </RelativeDistinguishedName> <RelativeDistinguishedName> <organizationName type="PrintableString"> Sirius Software Inc. </organizationName> </RelativeDistinguishedName> <RelativeDistinguishedName> <organizationalUnitName type="PrintableString"> Software Development </organizationalUnitName> </RelativeDistinguishedName> <RelativeDistinguishedName> <commonName type="PrintableString"> sirius|sirius-software.com|www.sirius-software.com </commonName> </RelativeDistinguishedName> </subject> <subjectPublicKeyInfo> <algorithm> <algorithm name="rsaEncryption"> 1.2.840.113549.1.1.1 </algorithm> <parameters/> </algorithm> <subjectPublicKey bits="2144"> 308201080282010100AEB80E3AE26B644C90081484D304F327CFD79BE9ACA168E63417C3585390AD88BE499579463AFD348514EEAE78E33F669C783- 3E91ED24D9C6D08607B4CC2693BCCA2200278ADEE47417B7172A002AA021F0F3BA345B9FB33E9A785CB09EE35C50D7AFC622E9DB08689D60CA32F652F8E41B02818- DADA5DEDDABF14FD1E3BA24FA20C996BC0DE0EA158B6FA1FE87B5C541C33293D191FF5A0DC7FBE5676D4C04FB5E62B6F56E208751ADAED42AA72D0DDC3FD895BF34- 9B1055B959C4818EDF4EDDC26D413F3A07C3E224028554A2B7159F5F99579338C839237EFEC3F41280C88E9EC8CD54882C97DC266FDBB307CFE522FEBAC5D463D4B- 1046851C2ED4C04DD9020103 </subjectPublicKey> </subjectPublicKeyInfo> </tbsCertificate> <signatureAlgorithm> <algorithm name="md5WithRSAEncryption"> 1.2.840.113549.1.1.4 </algorithm> <parameters/> </signatureAlgorithm> <signatureValuebits="2048"> 0A35414FEEDD883CB4195B1D3F5164E2108A1C3A1CC0C38E3170ACDD189780F0EF4AA1E800C8FEEF0C7F1541A6DE202EA8CF3806F5A061EC9538E596A4A81- C837A9CFE7C4991C72F91313881502675A87514320B24347455AFE3F4C1E8D8A16192DBDD8272B1C78FF11754F6EE8A30571AF406972888818430A502AD235E4FF4- 7B0E3195724CF1B4545C455558F1A35E23FAA304F98EA0B154EE98C9831A6D56B5F9F22EEE0D8428E5B6EBEDB174E068B62F30507579BBFBFB1215F8825D5215103- 41C3AA34FF3D56330242CFAFB2EB31552D3DA13AA2CB633F8B8B2ABE4AF08533FD0EE869BFAC1DE8931A4F6A85F9533002BB104E801978045ABE6AD7C5DCD </signatureValue> </Certificate>
See also
Related methods:
- String class: DerToXmlDoc, X509CrlToXmlDoc, and RSAPrivateKeyToXmlDoc
- System class: ClientCertificate
- Socket class: Certificate
- HttpRequest class: Get, Post, and Send
- Stringlist class: PemToString