EldoS | Feel safer!

Software components for data protection, secure storage and transfer

How to extract subject name from pfx certificate

Also by EldoS: CallbackDisk
Create virtual disks backed by memory or custom location, expose disk images as disks and more.
#27132
Posted: 11/05/2013 07:28:57
by Jacob jvandiermen (Standard support level)
Joined: 08/09/2013
Posts: 55

Hello Eldos,

For a xml signature I have to retrieve the subject name from a pfx file. The value will be used for the X509SubjectName element in the X509Data node.
I tried to extract the subject name with the following two functions:

Code

const
  strEmptyString = '';

function getSubjectName(fileNameCertificate,password: string): AnsiString;
var
  elX509Certificate: TElX509Certificate;
  index: Integer;
begin
  elX509Certificate:= TElX509Certificate.Create(nil);
  elX509Certificate:= getX509Certificate(fileNameCertificate,password);
  if assigned(elX509Certificate) then
    result:= certificateName2String(elX509Certificate.SubjectName)
  else
    result:= strEmptyString;
  FreeAndNil(elX509Certificate);
end;

function certificateName2String(subjectName : TName) : string;
const
  seperator = ',';
var
  bSperate: Boolean;
begin
  result:= '';
  bSperate:= False;
  if AnsiCompareStr(Trim(subjectName.Country),strEmptyString) <> 0 then
    begin
      result:= 'C=' + subjectName.Country;
      bSperate:= True;
    end;
  if AnsiCompareStr(Trim(subjectName.StateOrProvince),strEmptyString) <> 0 then
    begin
      if bSperate then
        begin
          result:= result + ',';
          result:= result + ' ';
        end
      else
        bSperate:= True;
      result:= result + 'ST=' + subjectName.StateOrProvince;
    end;
  if AnsiCompareStr(Trim(subjectName.Locality),strEmptyString) <> 0 then
    begin
      if bSperate then
        begin
          result:= result + ',';
          result:= result + ' ';
        end
      else
        bSperate:= True;
      result:= result + 'L=' + subjectName.Locality;
    end;
    if AnsiCompareStr(Trim(subjectName.Organization),strEmptyString) <> 0 then
    begin
      if bSperate then
        begin
          result:= result + ',';
          result:= result + ' ';
        end
      else
        bSperate:= True;
      result:= result + 'O=' + subjectName.Organization;
    end;
    if AnsiCompareStr(Trim(subjectName.OrganizationUnit),strEmptyString) <> 0 then
    begin
      if bSperate then
        begin
          result:= result + ',';
          result:= result + ' ';
        end
      else
        bSperate:= True;
      result:= result + 'OU=' + subjectName.OrganizationUnit;
    end;
    if AnsiCompareStr(Trim(subjectName.CommonName),strEmptyString) <> 0 then
    begin
      if bSperate then
        begin
          result:= result + ',';
          result:= result + ' ';
        end
      else
        bSperate:= True;
      result:= result + 'CN=' + subjectName.CommonName;
    end;
    if AnsiCompareStr(Trim(subjectName.EMailAddress),strEmptyString) <> 0 then
    begin
      if bSperate then
        begin
          result:= result + '/';
        end;
      result:= result + 'emailAddress=' + subjectName.EMailAddress;
    end;
end;



When I use the TElXMLSigner object to sign. This object also puts a subject name value in his own X509SubjectName element for the X509Data node.

When I compare the two X509SubjectName values they are not the same.
How can I retrieve the subject name from the pfx file in the right way?

Regards,

Jacob
#27133
Posted: 11/05/2013 07:34:06
by Vsevolod Ievgiienko (EldoS Corp.)

Thank you for contacting us.

You should better use TElX509Certificate.SubjectRDN.SaveToDNString method instead of writing you own certificateName2String function.
#27134
Posted: 11/05/2013 07:39:30
by Dmytro Bogatskyy (EldoS Corp.)

Hello,

Or you can use FormatRDN method from SBXMLSec unit, for example:
Code
str : UnicodeString := FormatRDN(Certificate.SubjectRDN);
#27151
Posted: 11/05/2013 09:44:03
by Jacob jvandiermen (Standard support level)
Joined: 08/09/2013
Posts: 55

Hello Vsevolod & Dmytro,

Thank you ! I can extract the subject name from the certificate!

Code

function getSubjectName(fileNameCertificate,password: string): AnsiString;
var
  elX509Certificate: TElX509Certificate;
begin
  elX509Certificate:= TElX509Certificate.Create(nil);
  elX509Certificate:= getX509Certificate(fileNameCertificate,password);
  if assigned(elX509Certificate) then
    result:= SBXMLSec.FormatRDN(elX509Certificate.SubjectRDN)
  else
    result:= strEmptyString;
  FreeAndNil(elX509Certificate);
end;


Regards,

Jacob

Reply

Statistics

Topic viewed 1286 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!