EldoS | Feel safer!

Software components for data protection, secure storage and transfer

I am pretty ungry

Also by EldoS: Rethync
The cross-platform framework that simplifies synchronizing data between mobile and desktop applications and servers and cloud storages
#483
Posted: 06/19/2006 12:22:14
by Rafael Hernández (Basic support level)
Joined: 06/16/2006
Posts: 26

Ok, I get that no private key is inside the "TElX509Certificate" => "Cert.PrivateKeyExists() = False"

I put such code below the
"CertStorage.Add(Cert, True)" code.

What is wrong here now?

Remember that I made the private key exportable when I installed the certificate and that I have exported the certificate with the "certificate.export(CAPICOM_ENCODE_BASE64)" command.

Can you try the copy of the exported certificate I placed here to see if it really does not include a private key?
#484
Posted: 06/19/2006 13:11:08
by Ken Ivanov (EldoS Corp.)

Quote
Can you try the copy of the exported certificate I placed here to see if it really does not include a private key?

The certificate you attached does not contain a private key. You should export and then load the private key into TElX509Certificate object separately. I'm not sure that the private key can be exported by CAPICOM. Is your certificate stored in the system certificate store?
#485
Posted: 06/19/2006 13:17:42
by Rafael Hernández (Basic support level)
Joined: 06/16/2006
Posts: 26

The certificate is stored in the "MY" store and the private key is marked as exportable.

The CAPICOM export method I suppose that exports the private key also but as the CAPICOM reference is so small I can not confirm such issue.
#486
Posted: 06/19/2006 13:26:01
by Ken Ivanov (EldoS Corp.)

It seems that CAPICOM does not export the private key. Please consider using TElWinCertStorage class to access system stores. Besides providing access to system certificate stores, it also allows to perform operations that involve private key even if it is not marked as exportable.
#487
Posted: 06/19/2006 13:29:13
by Rafael Hernández (Basic support level)
Joined: 06/16/2006
Posts: 26

The issue is that I can use CAPICOM from within a browser with Vbscript coding to get access of the certificate installed in the client machine store "MY".

Shall I be capable of doing the same with your "TElWinCertStorage" class?
#488
Posted: 06/19/2006 13:46:11
by Ken Ivanov (EldoS Corp.)

Hmm, you will need to have SecureBlackbox DLLs installed on client machines in this case. I do not think it is a suitable solution for you.

So, you should find out if CAPICOM allows to export the private keys corresponding to certificate. Exporting to PFX will also help, since SecureBlackbox understands this format.
#494
Posted: 06/20/2006 04:18:21
by Rafael Hernández (Basic support level)
Joined: 06/16/2006
Posts: 26

Shouldn't I use another method than "Cert.LoadFromBuffer(Decoded, 0, DecodedSize)" to load the exported certificate in order to gain access to the private key? I have seen several other methods that ask user to introduce a password for such.

#495
Posted: 06/20/2006 04:32:16
by Ken Ivanov (EldoS Corp.)

The LoadFrom* method should be chosen depending on a format in which the certificate is stored. For the certificate you attached in one of the previous posts (it is stored in DER format), LoadFromBuffer() method should be used.
#502
Posted: 06/21/2006 06:52:19
by Rafael Hernández (Basic support level)
Joined: 06/16/2006
Posts: 26

Ok,

I have come to the idea that the private key can not be exported from within a web browser. So as I am working inside an intranet, what I will try to do is to sign the pdf wich resides in a server directory directly from the client web browser. The question now is

May I use your code to sign the file from vbscrip code written in the web that the client sees? This way I could have access to the private key directly without having to export and import it.
#508
Posted: 06/21/2006 13:42:10
by Ken Ivanov (EldoS Corp.)

Quote
May I use your code to sign the file from vbscrip code written in the web that the client sees? This way I could have access to the private key directly without having to export and import it.

Yes, but in this case the client needs SecureBlackbox DLLs to be installed on his machine.
Also by EldoS: RawDisk
Access locked and protected files in Windows, read and write disks and partitions and more.

Reply

Statistics

Topic viewed 36686 times

Number of guests: 2, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!