EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Add Extensions property

Also by EldoS: CallbackProcess
A component to control process creation and termination in Windows and .NET applications.
Posted: 05/06/2008 03:25:04
by  xu cong
I want to add Extensions property while awarding the certificate.
My way is:
TElCertificateRequest FRequest = new TElCertificateRequest();
TElX509Certificate TELX509 = new TElX509Certificate();


DateTime date = DateTime.Now;
string date_ = date.ToString("yyyyMMddHHmmss");
TElX509Certificate certificate = new TElX509Certificate(null);

certificate.SerialNumber = SBUtils.Unit.StrToUTF8(date_);
certificate.ValidFrom = Convert.ToDateTime(TextBox3.Text);
certificate.ValidTo = Convert.ToDateTime(TextBox4.Text);
certificate.Extensions.AuthorityInformationAccess.Count = 1;
certificate.Extensions.CRLDistributionPoints.Count = 1;
certificate.Extensions.AuthorityInformationAccess.Value = SBUtils.Unit.StrToUTF8("http://secure.globalsign.net/cacert/orgv1.crt");
certificate.Extensions.CRLDistributionPoints.Value = SBUtils.Unit.StrToUTF8("http://crl.globalsign.net/OrganizationVal1.crl");
certificate.Extensions.ExtendedKeyUsage.ClientAuthentication = true;
certificate.Extensions.ExtendedKeyUsage.CodeSigning = true;
certificate.Extensions.ExtendedKeyUsage.EmailProtection = true;
certificate.Extensions.ExtendedKeyUsage.ServerAuthentication = true;
certificate.Extensions.ExtendedKeyUsage.TimeStamping = true;
certificate.Extensions.AuthorityKeyIdentifier.Value = TELX509.Extensions.SubjectKeyIdentifier.Value;
certificate.Extensions.SubjectKeyIdentifier.Value = FRequest.Extensions.SubjectKeyIdentifier.Value;
certificate.Extensions.BasicConstraints.CA = false;
certificate.Extensions.BasicConstraints.PathLenConstraint = 0;
certificate.Extensions.CertificatePolicies.Value = SBUtils.Unit.StrToUTF8("http://www.globalsign.net/repository/");
certificate.Extensions.CertificatePolicies.OID = SBUtils.Unit.StrToUTF8("");
certificate.Extensions.KeyUsage.Critical = true;
certificate.Extensions.KeyUsage.DigitalSignature = true;
certificate.Extensions.KeyUsage.KeyEncipherment = true;
TELX509.Generate(FRequest, certificate);


However, can not add Extensions property into the certificate after carrying out the procedure.
I have read the Help document, have not found the method to solve.
Posted: 05/06/2008 03:45:25
by Eugene Mayevski (Team)

You don't set Included property, which indicates, what extensions you want to include.

Sincerely yours
Eugene Mayevski
Posted: 05/06/2008 03:59:14
by  xu cong
How should I do ? can provide a Demo .
Posted: 05/06/2008 04:14:21
by Mykola Olshevsky (Basic support level)
Joined: 07/07/2005
Posts: 450

Please read our documentation at http://www.eldos.com/documentation/sbb/documentation/ref_cl_certificateextensions_prp_included.html

You should write something like
certificate.Extensions.Included := [ceCRLDistributionPoints, ceAuthorityInformationAccess, ceKeyUsage], depending on what extensions you want to include into the certificate.
Posted: 05/06/2008 04:28:46
by Eugene Mayevski (Team)

This is C#. The code will be different.

Sincerely yours
Eugene Mayevski
Posted: 05/06/2008 04:44:54
by Mykola Olshevsky (Basic support level)
Joined: 07/07/2005
Posts: 450

Sorry, for C# code will be as following:
certificate.Extensions.In­cluded = SBX509Ext.Unit.ceAuthorityKeyIdentifier | SBX509Ext.Unit.cePrivateKeyUsagePeriod | SBX509Ext.Unit.ceCRLDistributionPoints;
Posted: 05/07/2008 04:21:42
by  xu cong
A related question:
How to set up AccessMethod property in AuthorityInformationAccess?
This is my code:

            SBX509Ext.TElGeneralName AIA_URL = new SBX509Ext.TElGeneralName();            
            AIA_URL.UniformResourceIdentifier = "http://secure.globalsign.net/cacert/orgv1.crt";
            AIA_URL.NameType = SBX509Ext.TSBGeneralName.gnUniformResourceIdentifier;
            certificate.Extensions.AuthorityInformationAccess.Count = 1;
            certificate.Extensions.AuthorityInformationAccess.get_AccessDescriptions(0).AccessMethod = SBUtils.Unit.StrToUTF8("");


But AccessMethod property set is wrong.
Can you tell me how to correctly set up?
Posted: 05/07/2008 04:46:29
by Mykola Olshevsky (Basic support level)
Joined: 07/07/2005
Posts: 450

To get OID from this numeric notation, you should use function SBUtils.Unit.StrToOID("1­.");
Posted: 05/07/2008 05:09:15
by  xu cong
Thank you very much!
Posted: 05/08/2008 02:07:40
by  xu cong
1)How to disappear UserNotice property in CertificatePolicies ?
2)How to disappear CRL Reason property in CRLDistributionPoints ?
Also by EldoS: CallbackFilter
A component to monitor and control disk activity, track file and directory operations (create, read, write, rename etc.), alter file data, encrypt files, create virtual files.



Topic viewed 7873 times

Number of guests: 2, registered members: 0, in total hidden: 0


Back to top

As of July 15, 2016 EldoS business operates as a division of /n software, inc. For more information, please read the announcement.

Got it!