Jump to content
trancexx

WinHTTP functions

Recommended Posts

23 hours ago, HamidZaeri said:

Hi

I have two questions:

1. What would be the equivalent of this code in winhttp?

With ObjCreate("winhttp.winhttprequest.5.1")
    .SetProxy(0)
    .Open("POST", 'https://api.server.ir/v2/content/get', False)
    .SetRequestHeader("Content-Type", 'application/x-www-form-urlencoded')
    .SetRequestHeader("Connection", 'Keep-Alive')
    .SetRequestHeader("Accept-Encoding", 'gzip')
    .SetRequestHeader("User-Agent", 'okhttp/3.10.0')
    .SetTimeouts(20000,40000,20000,20000)
    .Send($req[$cod][0])
    InputBox('Amount','How many?',.ResponseText)
EndWith

 

2. Does winhttp udf support for encoded (compressed) response? With the above code, I receive 2-4 strange character as ResponseText! or this error:

What about this udf? or any other solution?

Open the help file that comes with this UDF and search for _WinHttpSimpleSSLRequest function example. It's pretty much the same thing, only with different server.

Yes, compressed response is supported, you don't have to do anything about it.

#include "WinHttp.au3"

; Initialize and get session handle
$hOpen = _WinHttpOpen("okhttp/3.10.0")
; Get connection handle
$hConnect = _WinHttpConnect($hOpen, "https://api.server.ir")

; SimpleSSL-request it...
$sReturned = _WinHttpSimpleSSLRequest($hConnect, "POST", "/v2/content/get", Default, $req[$cod][0])

; Close handles
_WinHttpCloseHandle($hConnect)
_WinHttpCloseHandle($hOpen)

; See what's returned
InputBox('Amount', 'How many?', $sReturned)

 

Share this post


Link to post
Share on other sites

EDIT. Sorry, stupid question.

Is there support for authorization procedure when server responds with some error code upon initial _WinHttpConnect ? (which is a starting point in any send request sequence).

For example using this API , server responds with 403 code and breaks all other steps in standard sequence:

#include "WinHttp.au3"

; https://api-metrika.yandex.com/stat/v1/data?preset=tech_platforms&dimensions=ym:s:browser&id=2138128&oauth_token=05dd3dd84ff948fdae2bc4fb91f13e22bb1f289ceef0037

$sDomain = "api-metrika.yandex.com"
$sPage = "/stat/v1/data"

; Data to send
$sAdditionalData = "preset=tech_platforms&dimensions=ym:s:browser&id=2138128&oauth_token=05dd3dd84ff948fdae2bc4fb91f13e22bb1f289ceef0037"

; Initialize and get session handle
$hOpen = _WinHttpOpen()

; Get connection handle
$hConnect = _WinHttpConnect($hOpen, $sDomain)
;response would be 403 forbidden, breaking further steps in sequence

; Make a request
$hRequest = _WinHttpOpenRequest($hConnect, "GET", $sPage)

; Send it. Specify additional data to send too. This is required by the Google API:
_WinHttpSendRequest($hRequest, Default, $sAdditionalData)

; Wait for the response
_WinHttpReceiveResponse($hRequest)

; See what's returned
Dim $sReturned
If _WinHttpQueryDataAvailable($hRequest) Then ; if there is data
    Do
        $sReturned &= _WinHttpReadData($hRequest)
    Until @error
EndIf

; Close handles
_WinHttpCloseHandle($hRequest)
_WinHttpCloseHandle($hConnect)
_WinHttpCloseHandle($hOpen)

; See what's returned
MsgBox(4096, "Returned", $sReturned)
ConsoleWrite($sReturned & @CRLF)

 Mentioned API allows to send authorization token also in headers (not in URL), e.g.:

GET /management/v1/counters HTTP/1.1
Host: api-metrica.yandex.com
Authorization: OAuth 05dd3dd84ff948fdae2bc4fb91f13e22bb1f289ceef0037
Content-Type: application/x-yametrika+json
Content-Length: 123

 But seems like this approach is of no use either because headers cannot be sent by _WinHttpSendRequest as sequence breakes on _WinHttpConnect .  

Edited by ss26

Share this post


Link to post
Share on other sites
1 hour ago, ss26 said:

Is there support for authorization procedure when server responds with some error code upon initial _WinHttpConnect ? (which is a starting point in any send request sequence).

But seems like this approach is of no use either because headers cannot be sent by _WinHttpSendRequest as sequence breakes on _WinHttpConnect . ..........

 

This should be:

#include "WinHttp.au3"


$sDomain = "api-metrika.yandex.com"
$sPage = "/stat/v1/data?preset=tech_platforms&dimensions=ym:s:browser&id=2138128&oauth_token=05dd3dd84ff948fdae2bc4fb91f13e22bb1f289ceef0037"

; Initialize and get session handle
$hOpen = _WinHttpOpen()

; Get connection handle
$hConnect = _WinHttpConnect($hOpen, $sDomain)

; Make a request
$hRequest = _WinHttpOpenRequest($hConnect, "GET", $sPage)

_WinHttpSendRequest($hRequest)

; Wait for the response
_WinHttpReceiveResponse($hRequest)

; See what's returned
Dim $sReturned
If _WinHttpQueryDataAvailable($hRequest) Then ; if there is data
    Do
        $sReturned &= _WinHttpReadData($hRequest)
    Until @error
EndIf

; Close handles
_WinHttpCloseHandle($hRequest)
_WinHttpCloseHandle($hConnect)
_WinHttpCloseHandle($hOpen)

; See what's returned
MsgBox(4096, "Returned", $sReturned)
ConsoleWrite($sReturned & @CRLF)

 

Share this post


Link to post
Share on other sites
1 hour ago, Danp2 said:

it's coming from _WinHttpSendRequest

Indeed, i've mistaken. 

1 hour ago, moimon said:

This should be:

Thanks, that works! 

Share this post


Link to post
Share on other sites

@trancexx Did you consider to fix Au3Check warnings in your UDF WinHttp.au3?

It is not that bad, only few of them

Quote

"WinHttp.au3"(2138,29) : warning: $sInpNme already declared/assigned
            Local $sInpNme = $aSpl[1],
            ~~~~~~~~~~~~~~~~~~~~~~~~~^
"WinHttp.au3"(2138,37) : warning: $sType already declared/assigned
            Local $sInpNme = $aSpl[1], $sType
            ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^
"WinHttp.au3"(2151,66) : warning: $iX already declared/assigned
                        Local $aStrSplit = StringSplit($aDtas[$k], ",", 3), $iX = 0,
                        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^
"WinHttp.au3"(2151,75) : warning: $iY already declared/assigned
                        Local $aStrSplit = StringSplit($aDtas[$k], ",", 3), $iX = 0, $iY = 0
                        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^
"WinHttp.au3"(2166,25) : warning: $sType already declared/assigned
            Local $sInpId, $sType
            ~~~~~~~~~~~~~~~~~~~~~^
"WinHttp.au3"(2184,70) : warning: $sInpNme already declared/assigned
                        Local $sInpNme = __WinHttpAttribVal($aInput[$iInpSubm], "name")
                        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^
"WinHttp.au3"(2186,57) : warning: $aStrSplit already declared/assigned
                        Local $aStrSplit = StringSplit($aDtas[$k], ",", 3),
                        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^
"WinHttp.au3"(2186,66) : warning: $iX already declared/assigned
                        Local $aStrSplit = StringSplit($aDtas[$k], ",", 3), $iX = 0,
                        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^
"WinHttp.au3"(2186,75) : warning: $iY already declared/assigned
                        Local $aStrSplit = StringSplit($aDtas[$k], ",", 3), $iX = 0, $iY = 0
                        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^
"WinHttp.au3"(2357,46) : warning: $sHeaders: declared, but not used in func.
Func __WinHttpFormUpload($hRequest, $sHeaders,
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^

 

Edited by maniootek

Share this post


Link to post
Share on other sites

Signature beginning:   Wondering who uses AutoIT and what it can be used for ?
* GHAPI UDF - modest begining - comunication with GitHub REST API Forum Rules *
ADO.au3 UDF     POP3.au3 UDF     XML.au3 UDF    How to use IE.au3  UDF with  AutoIt v3.3.14.x  for other useful stuff click the following button

Spoiler

Any of my own code posted anywhere on the forum is available for use by others without any restriction of any kind. 

My contribution (my own projects): * Debenu Quick PDF Library - UDF * Debenu PDF Viewer SDK - UDF * Acrobat Reader - ActiveX Viewer * UDF for PDFCreator v1.x.x * XZip - UDF * AppCompatFlags UDF * CrowdinAPI UDF * _WinMergeCompare2Files() * _JavaExceptionAdd() * _IsBeta() * Writing DPI Awareness App - workaround * _AutoIt_RequiredVersion() * Chilkatsoft.au3 UDF * TeamViewer.au3 UDF * JavaManagement UDF * VIES over SOAP * WinSCP UDF * GHAPI UDF - modest begining - comunication with GitHub REST APIErrorLog.au3 UDF - A logging Library *

My contribution to others projects or UDF based on  others projects: * _sql.au3 UDF  * POP3.au3 UDF *  RTF Printer - UDF * XML.au3 UDF * ADO.au3 UDF SMTP Mailer UDF * Dual Monitor resolution detection * * 2GUI on Dual Monitor System * _SciLexer.au3 UDF *

Useful links: * Forum Rules * Forum etiquette *  Forum Information and FAQs * How to post code on the forum * AutoIt Online Documentation * AutoIt Online Beta Documentation * SciTE4AutoIt3 getting started * Convert text blocks to AutoIt code * Games made in Autoit * Programming related sites * Polish AutoIt Tutorial * DllCall Code Generator * 

Wiki: Expand your knowledge - AutoIt Wiki * Collection of User Defined Functions * How to use HelpFile * Good coding practices in AutoIt * 

IE Related:  * How to use IE.au3  UDF with  AutoIt v3.3.14.x * Why isn't Autoit able to click a Javascript Dialog? * Clicking javascript button with no ID * IE document >> save as MHT file * IETab Switcher (by LarsJ ) * HTML Entities * _IEquerySelectorAll() (by uncommon) * IE in TaskScheduler

I encourage you to read: * Global Vars * Best Coding Practices * Please explain code used in Help file for several File functions * OOP-like approach in AutoIt * UDF-Spec Questions *  EXAMPLE: How To Catch ConsoleWrite() output to a file or to CMD *

"Homo sum; humani nil a me alienum puto" - Publius Terentius Afer
"Program are meant to be read by humans and only incidentally for computers and execute" - Donald Knuth, "The Art of Computer Programming"
:naughty:  :ranting:, be  :) and       \\//_.

Anticipating Errors :  "Any program that accepts data from a user must include code to validate that data before sending it to the data store. You cannot rely on the data store, ...., or even your programming language to notify you of problems. You must check every byte entered by your users, making sure that data is the correct type for its field and that required fields are not empty."

11

Signature last update: 2018-10-31

Share this post


Link to post
Share on other sites

Is there an example for using cookies? Maybe I overlooked it. There were some questions about cookies and didnt find a example now. :)

I just dont want to login and login again, while Iam testing/debugging a script ^^

 

Thanks :) 

Share this post


Link to post
Share on other sites

Hi trancexx,

is there any way of getting certificate information and details, such us Issued to, Issued by, Valid from, etc.?

I'm already using the following code to get Subject Alternative Name:

#include <Array.au3>
#include "WinHttp.au3"

$hOpen = _WinHttpOpen()
$hConnect = _WinHttpConnect($hOpen, "https://www.microsoft.com/es-ar/store/b/home")
$hRequest = _WinHttpSimpleSendSSLRequest($hConnect)

; Query for CERT_CONTEXT pointer
$tBuffer = DllStructCreate("ptr")
DllCall($hWINHTTPDLL__WINHTTP, "bool", "WinHttpQueryOption", _
        "handle", $hRequest, _
        "dword", $WINHTTP_OPTION_SERVER_CERT_CONTEXT, _
        "struct*", $tBuffer, _
        "dword*", DllStructGetSize($tBuffer))

Local $pCertContext = DllStructGetData($tBuffer, 1)

; Close handles
_WinHttpCloseHandle($hRequest)
_WinHttpCloseHandle($hConnect)
_WinHttpCloseHandle($hOpen)

ConsoleWrite("> CERT_CONTEXT pointer: " & $pCertContext & @CRLF)

Local $tCERT_CONTEXT = DllStructCreate("dword dwCertEncodingType;" & _
        "ptr pbCertEncoded;" & _
        "dword cbCertEncoded;" & _
        "ptr pCertInfo;" & _
        "handle hCertStore", _
        $pCertContext)

$pCERT_INFO = $tCERT_CONTEXT.pCertInfo



ConsoleWrite("> $pCERT_INFO pointer: " & $pCERT_INFO & @CRLF)

; CERT_INFO struct is complex one made out of number of others. Reinterpret $pCERT_INFO as CERT_INFO struct pointer
$tCERT_INFO = DllStructCreate( _
        "struct;" & _
            "dword dwVersion;" & _
            "struct;" & _ ; SerialNumber CRYPT_INTEGER_BLOB
                "dword SerialNumber_cbData;" & _
                "ptr SerialNumber_pbData;" & _
            "endstruct;" & _
            "struct;" & _ ; SignatureAlgorithm CRYPT_ALGORITHM_IDENTIFIER
                "ptr SignatureAlgorithm_pszObjId;" & _
                "struct;" & _ ; SignatureAlgorithm.Parameters CRYPT_OBJID_BLOB
                    "dword SignatureAlgorithm_Parameters_cbData;" & _
                    "ptr SignatureAlgorithm_Parameters_pbData;" & _
                "endstruct;" & _
            "endstruct;" & _
            "struct;" & _ ; Issuer CERT_NAME_BLOB
                "dword Issuer_cbData;" & _
                "ptr Issuer_pbData;" & _
            "endstruct;" & _
            "struct;" & _ ; NotBefore FILETIME
                "dword NotBefore_dwLowDateTime;" & _
                "dword NotBefore_dwHighDateTime;" & _
            "endstruct;" & _
            "struct;" & _ ; NotAfter FILETIME
                "dword NotAfter_dwLowDateTime;" & _
                "dword NotAfter_dwHighDateTime;" & _
            "endstruct;" & _
            "struct;" & _ ; Subject CERT_NAME_BLOB
                "dword Subject_cbData;" & _
                "ptr Subject_pbData;" & _
            "endstruct;" & _
            "struct;" & _ ; SubjectPublicKeyInfo CERT_PUBLIC_KEY_INFO
                "struct;" & _ ; SubjectPublicKeyInfo.Algorithm CRYPT_ALGORITHM_IDENTIFIER
                    "ptr SubjectPublicKeyInfo_Algorithm_pszObjId;" & _
                    "struct;" & _ ; SubjectPublicKeyInfo.Parameters CRYPT_OBJID_BLOB
                        "dword SubjectPublicKeyInfo_Parameters_cbData;" & _
                        "ptr SubjectPublicKeyInfo_Parameters_pbData;" & _
                    "endstruct;" & _
                "endstruct;" & _
                "struct;" & _ ; SubjectPublicKeyInfo.PublicKey CRYPT_BIT_BLOB
                    "dword SubjectPublicKeyInfo_PublicKey_cbData;" & _
                    "ptr ParametersSubjectPublicKeyInfo_pbData;" & _
                    "dword SubjectPublicKeyInfo_PublicKey_cUnusedBits;" & _
                "endstruct;" & _
            "endstruct;" & _
            "struct;" & _ ; IssuerUniqueId CRYPT_BIT_BLOB
                "dword IssuerUniqueId_cbData;" & _
                "ptr IssuerUniqueId_pbData;" & _
                "dword IssuerUniqueId_cUnusedBits;" & _
            "endstruct;" & _
            "struct;" & _ ; SubjectUniqueId CRYPT_BIT_BLOB
                "dword dwSubjectUniqueId_cbData;" & _
                "ptr SubjectUniqueId_pbData;" & _
                "dword SubjectUniqueId_cUnusedBits;" & _
            "endstruct;" & _
            "dword cExtension;" & _
            "ptr rgExtension;" & _
        "endstruct;" , _
        $pCERT_INFO)

; Read wanted data out of it
$iExtensions = $tCERT_INFO.cExtension

$pExtensions = $tCERT_INFO.rgExtension

ConsoleWrite("> $pExtensions pointer = " & $pExtensions & @CRLF)

; Find subject alternative name extension
Const $szOID_SUBJECT_ALT_NAME2 = "2.5.29.17"
$aCall = DllCall("Crypt32.dll", "ptr", "CertFindExtension", _
        "str", $szOID_SUBJECT_ALT_NAME2, _
        "dword", $iExtensions, _
        "ptr", $pExtensions)

$pExtension = $aCall[0] ; here it is!

ConsoleWrite("!> $pExtension pointer = " & $pExtension & @CRLF)

Const $X509_ASN_ENCODING = 0x00000001
Const $CRYPT_FORMAT_STR_MULTI_LINE = 0x0001

$tCERT_EXTENSION = DllStructCreate( _
            "struct;" & _
                "ptr pszObjId;" & _
                "bool fCritical;" & _
                "struct;" & _ ; Value CRYPT_OBJID_BLOB
                    "dword Value_cbData;" & _
                    "ptr Value_pbData;" & _
                "endstruct;" & _
            "endstruct;", _
            $pExtension)

$aCall = DllCall("Crypt32.dll", "int", "CryptFormatObject", _
        "dword", $X509_ASN_ENCODING, _
        "dword", 0, _
        "dword", $CRYPT_FORMAT_STR_MULTI_LINE, _
        "ptr", 0, _
        "ptr", $tCERT_EXTENSION.pszObjId, _
        "ptr", $tCERT_EXTENSION.Value_pbData, _
        "dword", $tCERT_EXTENSION.Value_cbData, _
        "wstr", "", _
        "dword*",65536)

ConsoleWrite("Subject Alternative Name" & @CRLF & $aCall[8] & @CRLF)

;_ArrayDisplay($aCall)


; Free CERT_CONTEXT
DllCall("Crypt32.dll", "dword", "CertFreeCertificateContext", "ptr", $pCertContext)

Thanks in advance.

Share this post


Link to post
Share on other sites

Hey @trancexx, is it possible to "reactivate" the automatic cookie handling? 

If I have a cookie, that I want to use to login again, I would love, to just use it the 1 time I need to login and after that the WinHttp automatic cookie handling should take over again. :)

If I use 1x "_WinHttpSimpleSSLRequest()", I have to set the cookie for every other request if I want to do something logged in.

Share this post


Link to post
Share on other sites
3 hours ago, Acanis said:

Hey @trancexx, is it possible to "reactivate" the automatic cookie handling? 

If I have a cookie, that I want to use to login again, I would love, to just use it the 1 time I need to login and after that the WinHttp automatic cookie handling should take over again. :)

If I use 1x "_WinHttpSimpleSSLRequest()", I have to set the cookie for every other request if I want to do something logged in.

Don't close session handle ($hOpen), reuse it for other connections or requests.
Cookies are "properties" of sessions, and once set they are automatically resend for all subsequent requests until expired or session closed. 

Share this post


Link to post
Share on other sites

@trancexx, hmmm... Thanks, maybe Iam doing it wrong?! I put the "Cookie: XxX"-stuff into the $fGetHeaders-part of _WinHttpSimpleSSLRequest(). If I do it, Iam logged in, if I dont use it the next request, iam logged out, if Iam using it for the 2nd request too, iam logged in.

Do I set it somehow as session property? 

Share this post


Link to post
Share on other sites
On ‎28‎.‎12‎.‎2018‎. at 7:17 PM, jcpetu said:

Hi trancexx,

is there any way of getting certificate information and details, such us Issued to, Issued by, Valid from, etc.?

I'm already using the following code to get Subject Alternative Name:

#include <Array.au3>
#include "WinHttp.au3"

$hOpen = _WinHttpOpen()
$hConnect = _WinHttpConnect($hOpen, "https://www.microsoft.com/es-ar/store/b/home")
$hRequest = _WinHttpSimpleSendSSLRequest($hConnect)

; Query for CERT_CONTEXT pointer
$tBuffer = DllStructCreate("ptr")
DllCall($hWINHTTPDLL__WINHTTP, "bool", "WinHttpQueryOption", _
        "handle", $hRequest, _
        "dword", $WINHTTP_OPTION_SERVER_CERT_CONTEXT, _
        "struct*", $tBuffer, _
        "dword*", DllStructGetSize($tBuffer))

Local $pCertContext = DllStructGetData($tBuffer, 1)

; Close handles
_WinHttpCloseHandle($hRequest)
_WinHttpCloseHandle($hConnect)
_WinHttpCloseHandle($hOpen)

ConsoleWrite("> CERT_CONTEXT pointer: " & $pCertContext & @CRLF)

Local $tCERT_CONTEXT = DllStructCreate("dword dwCertEncodingType;" & _
        "ptr pbCertEncoded;" & _
        "dword cbCertEncoded;" & _
        "ptr pCertInfo;" & _
        "handle hCertStore", _
        $pCertContext)

$pCERT_INFO = $tCERT_CONTEXT.pCertInfo



ConsoleWrite("> $pCERT_INFO pointer: " & $pCERT_INFO & @CRLF)

; CERT_INFO struct is complex one made out of number of others. Reinterpret $pCERT_INFO as CERT_INFO struct pointer
$tCERT_INFO = DllStructCreate( _
        "struct;" & _
            "dword dwVersion;" & _
            "struct;" & _ ; SerialNumber CRYPT_INTEGER_BLOB
                "dword SerialNumber_cbData;" & _
                "ptr SerialNumber_pbData;" & _
            "endstruct;" & _
            "struct;" & _ ; SignatureAlgorithm CRYPT_ALGORITHM_IDENTIFIER
                "ptr SignatureAlgorithm_pszObjId;" & _
                "struct;" & _ ; SignatureAlgorithm.Parameters CRYPT_OBJID_BLOB
                    "dword SignatureAlgorithm_Parameters_cbData;" & _
                    "ptr SignatureAlgorithm_Parameters_pbData;" & _
                "endstruct;" & _
            "endstruct;" & _
            "struct;" & _ ; Issuer CERT_NAME_BLOB
                "dword Issuer_cbData;" & _
                "ptr Issuer_pbData;" & _
            "endstruct;" & _
            "struct;" & _ ; NotBefore FILETIME
                "dword NotBefore_dwLowDateTime;" & _
                "dword NotBefore_dwHighDateTime;" & _
            "endstruct;" & _
            "struct;" & _ ; NotAfter FILETIME
                "dword NotAfter_dwLowDateTime;" & _
                "dword NotAfter_dwHighDateTime;" & _
            "endstruct;" & _
            "struct;" & _ ; Subject CERT_NAME_BLOB
                "dword Subject_cbData;" & _
                "ptr Subject_pbData;" & _
            "endstruct;" & _
            "struct;" & _ ; SubjectPublicKeyInfo CERT_PUBLIC_KEY_INFO
                "struct;" & _ ; SubjectPublicKeyInfo.Algorithm CRYPT_ALGORITHM_IDENTIFIER
                    "ptr SubjectPublicKeyInfo_Algorithm_pszObjId;" & _
                    "struct;" & _ ; SubjectPublicKeyInfo.Parameters CRYPT_OBJID_BLOB
                        "dword SubjectPublicKeyInfo_Parameters_cbData;" & _
                        "ptr SubjectPublicKeyInfo_Parameters_pbData;" & _
                    "endstruct;" & _
                "endstruct;" & _
                "struct;" & _ ; SubjectPublicKeyInfo.PublicKey CRYPT_BIT_BLOB
                    "dword SubjectPublicKeyInfo_PublicKey_cbData;" & _
                    "ptr ParametersSubjectPublicKeyInfo_pbData;" & _
                    "dword SubjectPublicKeyInfo_PublicKey_cUnusedBits;" & _
                "endstruct;" & _
            "endstruct;" & _
            "struct;" & _ ; IssuerUniqueId CRYPT_BIT_BLOB
                "dword IssuerUniqueId_cbData;" & _
                "ptr IssuerUniqueId_pbData;" & _
                "dword IssuerUniqueId_cUnusedBits;" & _
            "endstruct;" & _
            "struct;" & _ ; SubjectUniqueId CRYPT_BIT_BLOB
                "dword dwSubjectUniqueId_cbData;" & _
                "ptr SubjectUniqueId_pbData;" & _
                "dword SubjectUniqueId_cUnusedBits;" & _
            "endstruct;" & _
            "dword cExtension;" & _
            "ptr rgExtension;" & _
        "endstruct;" , _
        $pCERT_INFO)

; Read wanted data out of it
$iExtensions = $tCERT_INFO.cExtension

$pExtensions = $tCERT_INFO.rgExtension

ConsoleWrite("> $pExtensions pointer = " & $pExtensions & @CRLF)

; Find subject alternative name extension
Const $szOID_SUBJECT_ALT_NAME2 = "2.5.29.17"
$aCall = DllCall("Crypt32.dll", "ptr", "CertFindExtension", _
        "str", $szOID_SUBJECT_ALT_NAME2, _
        "dword", $iExtensions, _
        "ptr", $pExtensions)

$pExtension = $aCall[0] ; here it is!

ConsoleWrite("!> $pExtension pointer = " & $pExtension & @CRLF)

Const $X509_ASN_ENCODING = 0x00000001
Const $CRYPT_FORMAT_STR_MULTI_LINE = 0x0001

$tCERT_EXTENSION = DllStructCreate( _
            "struct;" & _
                "ptr pszObjId;" & _
                "bool fCritical;" & _
                "struct;" & _ ; Value CRYPT_OBJID_BLOB
                    "dword Value_cbData;" & _
                    "ptr Value_pbData;" & _
                "endstruct;" & _
            "endstruct;", _
            $pExtension)

$aCall = DllCall("Crypt32.dll", "int", "CryptFormatObject", _
        "dword", $X509_ASN_ENCODING, _
        "dword", 0, _
        "dword", $CRYPT_FORMAT_STR_MULTI_LINE, _
        "ptr", 0, _
        "ptr", $tCERT_EXTENSION.pszObjId, _
        "ptr", $tCERT_EXTENSION.Value_pbData, _
        "dword", $tCERT_EXTENSION.Value_cbData, _
        "wstr", "", _
        "dword*",65536)

ConsoleWrite("Subject Alternative Name" & @CRLF & $aCall[8] & @CRLF)

;_ArrayDisplay($aCall)


; Free CERT_CONTEXT
DllCall("Crypt32.dll", "dword", "CertFreeCertificateContext", "ptr", $pCertContext)

Thanks in advance.

It's all there, you just have to read the data you want:

#include "WinHttp.au3"

$hOpen = _WinHttpOpen()
$hConnect = _WinHttpConnect($hOpen, "https://www.microsoft.com/es-ar/store/b/home")
$hRequest = _WinHttpSimpleSendSSLRequest($hConnect)

; Query for CERT_CONTEXT pointer
Local $pCertContext = _WinHttpQueryOption($hRequest, $WINHTTP_OPTION_SERVER_CERT_CONTEXT)

; Close handles
_WinHttpCloseHandle($hRequest)
_WinHttpCloseHandle($hConnect)
_WinHttpCloseHandle($hOpen)

ConsoleWrite("> CERT_CONTEXT pointer: " & $pCertContext & @CRLF)

Local $tCERT_CONTEXT = DllStructCreate("dword dwCertEncodingType;" & _
        "ptr pbCertEncoded;" & _
        "dword cbCertEncoded;" & _
        "ptr pCertInfo;" & _
        "handle hCertStore", _
        $pCertContext)

$pCERT_INFO = DllStructGetData($tCERT_CONTEXT, "pCertInfo")

ConsoleWrite("> CERT_INFO pointer: " & $pCERT_INFO & @CRLF)

; CERT_INFO struct is complex one made out of number of others. Reinterpret $pCERT_INFO as CERT_INFO struct pointer
$tCERT_INFO = DllStructCreate( _
        "struct;" & _
        "dword dwVersion;" & _
        "struct;" & _ ; SerialNumber CRYPT_INTEGER_BLOB
        "dword SerialNumber_cbData;" & _
        "ptr SerialNumber_pbData;" & _
        "endstruct;" & _
        "struct;" & _ ; SignatureAlgorithm CRYPT_ALGORITHM_IDENTIFIER
        "ptr SignatureAlgorithm_pszObjId;" & _
        "struct;" & _ ; SignatureAlgorithm.Parameters CRYPT_OBJID_BLOB
        "dword SignatureAlgorithm_Parameters_cbData;" & _
        "ptr SignatureAlgorithm_Parameters_pbData;" & _
        "endstruct;" & _
        "endstruct;" & _
        "struct;" & _ ; Issuer CERT_NAME_BLOB
        "dword Issuer_cbData;" & _
        "ptr Issuer_pbData;" & _
        "endstruct;" & _
        "struct;" & _ ; NotBefore FILETIME
        "dword NotBefore_dwLowDateTime;" & _
        "dword NotBefore_dwHighDateTime;" & _
        "endstruct;" & _
        "struct;" & _ ; NotAfter FILETIME
        "dword NotAfter_dwLowDateTime;" & _
        "dword NotAfter_dwHighDateTime;" & _
        "endstruct;" & _
        "struct;" & _ ; Subject CERT_NAME_BLOB
        "dword Subject_cbData;" & _
        "ptr Subject_pbData;" & _
        "endstruct;" & _
        "struct;" & _ ; SubjectPublicKeyInfo CERT_PUBLIC_KEY_INFO
        "struct;" & _ ; SubjectPublicKeyInfo.Algorithm CRYPT_ALGORITHM_IDENTIFIER
        "ptr SubjectPublicKeyInfo_Algorithm_pszObjId;" & _
        "struct;" & _ ; SubjectPublicKeyInfo.Parameters CRYPT_OBJID_BLOB
        "dword SubjectPublicKeyInfo_Parameters_cbData;" & _
        "ptr SubjectPublicKeyInfo_Parameters_pbData;" & _
        "endstruct;" & _
        "endstruct;" & _
        "struct;" & _ ; SubjectPublicKeyInfo.PublicKey CRYPT_BIT_BLOB
        "dword SubjectPublicKeyInfo_PublicKey_cbData;" & _
        "ptr ParametersSubjectPublicKeyInfo_pbData;" & _
        "dword SubjectPublicKeyInfo_PublicKey_cUnusedBits;" & _
        "endstruct;" & _
        "endstruct;" & _
        "struct;" & _ ; IssuerUniqueId CRYPT_BIT_BLOB
        "dword IssuerUniqueId_cbData;" & _
        "ptr IssuerUniqueId_pbData;" & _
        "dword IssuerUniqueId_cUnusedBits;" & _
        "endstruct;" & _
        "struct;" & _ ; SubjectUniqueId CRYPT_BIT_BLOB
        "dword dwSubjectUniqueId_cbData;" & _
        "ptr SubjectUniqueId_pbData;" & _
        "dword SubjectUniqueId_cUnusedBits;" & _
        "endstruct;" & _
        "dword cExtension;" & _
        "ptr rgExtension;" & _
        "endstruct;", _
        $pCERT_INFO)


; ConsoleWrite("Algorithm = " & DllStructGetData(DllStructCreate("char[32]", DllStructGetData($tCERT_INFO, "SignatureAlgorithm_pszObjId")), 1) & @CRLF)
ConsoleWrite("Valid from: " & FileTimeToWinHttpTime(DllStructGetPtr($tCERT_INFO, "NotBefore_dwLowDateTime")) & @CRLF)
ConsoleWrite("Valid to: " & FileTimeToWinHttpTime(DllStructGetPtr($tCERT_INFO, "NotAfter_dwLowDateTime")) & @CRLF)
ConsoleWrite("Issuer: " & CertNameToStr(DllStructGetPtr($tCERT_INFO, "Issuer_cbData")) & @CRLF)
ConsoleWrite("Subject: " & CertNameToStr(DllStructGetPtr($tCERT_INFO, "Subject_cbData")) & @CRLF)

; Free CERT_CONTEXT
DllCall("Crypt32.dll", "dword", "CertFreeCertificateContext", "ptr", $pCertContext)

; Few helper functions
Func FileTimeToWinHttpTime($pTime)
    Local $SYSTEMTIME = DllStructCreate("word Year;" & _
            "word Month;" & _
            "word DayOfWeek;" & _
            "word Day;" & _
            "word Hour;" & _
            "word Minute;" & _
            "word Second;" & _
            "word Milliseconds")
    Local $aCall = DllCall("kernel32.dll", "bool", "FileTimeToSystemTime", "struct*", $pTime, "struct*", $SYSTEMTIME)
    If @error Or Not $aCall[0] Then Return SetError(1, 0, "")
    $aCall = DllCall("winhttp.dll", "bool", "WinHttpTimeFromSystemTime", "struct*", $SYSTEMTIME, "wstr", "")
    If @error Or Not $aCall[0] Then Return SetError(2, 0, "")
    Return $aCall[2]
EndFunc

Func CertNameToStr($pBlob, $iOutType = 3) ; CERT_X500_NAME_STR as default type
    Local Const $X509_ASN_ENCODING = 0x00000001
    Local $aCall = DllCall("Crypt32.dll", "dword", "CertNameToStrW", _
            "dword", $X509_ASN_ENCODING, _
            "struct*", $pBlob, _
            "dword", $iOutType, _
            "wstr", "", _
            "dword", 65536)
    If @error Or Not $aCall[0] Then Return SetError(1, 0, "")
    Return $aCall[4]
EndFunc

 

Share this post


Link to post
Share on other sites
On ‎16‎.‎1‎.‎2019‎. at 10:21 PM, Acanis said:

@trancexx, hmmm... Thanks, maybe Iam doing it wrong?! I put the "Cookie: XxX"-stuff into the $fGetHeaders-part of _WinHttpSimpleSSLRequest(). If I do it, Iam logged in, if I dont use it the next request, iam logged out, if Iam using it for the 2nd request too, iam logged in.

Do I set it somehow as session property? 

Session cookies are set internally by reading the response "Set-Cookie" header. If you set it manually that way then yes, you have to repeat it for every other request because server "thinks" cookie has already been sent to you.

Share this post


Link to post
Share on other sites

Hey, thank you. :) Still trying to understand this cookie handling.

What does a browser with the "Set-Cookie:"-part, to "know", what he needs to send as "Cookie:" in the next request? 

 

Share this post


Link to post
Share on other sites
34 minutes ago, Acanis said:

What does a browser with the "Set-Cookie:"-part

I'd advise to learn some PHP ( or the like ), setup a web server ( nothing fancy, XAMPP will do ) on your PC, and play with your browser and web server.
In this way, you can deeply understand the whole dynamic of server and client interaction ( sessions, cookies, etc. ).

Edited by argumentum
correcting my english

Share this post


Link to post
Share on other sites
20 hours ago, trancexx said:

It's all there, you just have to read the data you want:

Thanks a lot Trancexx, it is working.

Share this post


Link to post
Share on other sites

Hi @trancexx

- How can I receive response Status? (200, 404, 403,...) Should I get it from response Header?

 

 

- And I have a problem; this request sends to this address: "http://api.server.ir:443/v2/content/"

but I want it to be sent  to "https://api.server.ir/v2/content/"

Global $hOpen = _WinHttpOpen('okhttp/3.10.0');,3,'127.0.0.1:8888')
_WinHttpSetOption($hOpen, 118, 0x00000003)
$hConnect = _WinHttpConnect($hOpen, "https://api.server.ir")
; Make a request
Global $hRequest = _WinHttpOpenRequest($hConnect, "POST", "/v2/content/")
_WinHttpAddRequestHeaders($hRequest, "Content-Type: application/x-www-form-urlencoded")

_WinHttpSendRequest($hRequest, 'Accept-Encoding: gzip', $rq[$num][0])
_WinHttpReceiveResponse($hRequest)
; Check if there is a response
If _WinHttpQueryDataAvailable($hRequest) Then
    Global $sHeader = _WinHttpQueryHeaders($hRequest), $sReturned
    MsgBox(64, "Header", $sHeader)
    Do
        $sReturned &= _WinHttpReadData($hRequest, 1)
    Until @error
    InputBox(1,ClipPut($sReturned),$sReturned)
    Exit
EndIf

.

Edited by HamidZaeri

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...