EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Add Extensions property

Also by EldoS: CallbackFilter
A component to monitor and control disk activity, track file and directory operations (create, read, write, rename etc.), alter file data, encrypt files, create virtual files.
#6125
Posted: 05/06/2008 03:25:04
by  xu cong
hi,
I want to add Extensions property while awarding the certificate.
My way is:
Code
TElCertificateRequest FRequest = new TElCertificateRequest();
TElX509Certificate TELX509 = new TElX509Certificate();

...

DateTime date = DateTime.Now;
string date_ = date.ToString("yyyyMMddHHmmss");
TElX509Certificate certificate = new TElX509Certificate(null);

certificate.SerialNumber = SBUtils.Unit.StrToUTF8(date_);
certificate.ValidFrom = Convert.ToDateTime(TextBox3.Text);
certificate.ValidTo = Convert.ToDateTime(TextBox4.Text);
certificate.Extensions.AuthorityInformationAccess.Count = 1;
certificate.Extensions.CRLDistributionPoints.Count = 1;
certificate.Extensions.AuthorityInformationAccess.Value = SBUtils.Unit.StrToUTF8("http://secure.globalsign.net/cacert/orgv1.crt");
certificate.Extensions.CRLDistributionPoints.Value = SBUtils.Unit.StrToUTF8("http://crl.globalsign.net/OrganizationVal1.crl");
certificate.Extensions.ExtendedKeyUsage.ClientAuthentication = true;
certificate.Extensions.ExtendedKeyUsage.CodeSigning = true;
certificate.Extensions.ExtendedKeyUsage.EmailProtection = true;
certificate.Extensions.ExtendedKeyUsage.ServerAuthentication = true;
certificate.Extensions.ExtendedKeyUsage.TimeStamping = true;
certificate.Extensions.AuthorityKeyIdentifier.Value = TELX509.Extensions.SubjectKeyIdentifier.Value;
certificate.Extensions.SubjectKeyIdentifier.Value = FRequest.Extensions.SubjectKeyIdentifier.Value;
certificate.Extensions.BasicConstraints.CA = false;
certificate.Extensions.BasicConstraints.PathLenConstraint = 0;
certificate.Extensions.CertificatePolicies.Value = SBUtils.Unit.StrToUTF8("http://www.globalsign.net/repository/");
certificate.Extensions.CertificatePolicies.OID = SBUtils.Unit.StrToUTF8("1.3.6.1.4.1.4146.1.20");
certificate.Extensions.KeyUsage.Critical = true;
certificate.Extensions.KeyUsage.DigitalSignature = true;
certificate.Extensions.KeyUsage.KeyEncipherment = true;
            
TELX509.Generate(FRequest, certificate);

...


However, can not add Extensions property into the certificate after carrying out the procedure.
I have read the Help document, have not found the method to solve.
#6126
Posted: 05/06/2008 03:45:25
by Eugene Mayevski (EldoS Corp.)

You don't set Included property, which indicates, what extensions you want to include.


Sincerely yours
Eugene Mayevski
#6127
Posted: 05/06/2008 03:59:14
by  xu cong
How should I do ? can provide a Demo .
#6128
Posted: 05/06/2008 04:14:21
by Mykola Olshevsky (Basic support level)
Joined: 07/07/2005
Posts: 450

Please read our documentation at http://www.eldos.com/documentation/sbb/documentation/ref_cl_certificateextensions_prp_included.html

You should write something like
certificate.Extensions.Included := [ceCRLDistributionPoints, ceAuthorityInformationAccess, ceKeyUsage], depending on what extensions you want to include into the certificate.
#6129
Posted: 05/06/2008 04:28:46
by Eugene Mayevski (EldoS Corp.)

This is C#. The code will be different.


Sincerely yours
Eugene Mayevski
#6130
Posted: 05/06/2008 04:44:54
by Mykola Olshevsky (Basic support level)
Joined: 07/07/2005
Posts: 450

Sorry, for C# code will be as following:
certificate.Extensions.In­cluded = SBX509Ext.Unit.ceAuthorityKeyIdentifier | SBX509Ext.Unit.cePrivateKeyUsagePeriod | SBX509Ext.Unit.ceCRLDistributionPoints;
#6152
Posted: 05/07/2008 04:21:42
by  xu cong
A related question:
How to set up AccessMethod property in AuthorityInformationAccess?
This is my code:
Code
...

            SBX509Ext.TElGeneralName AIA_URL = new SBX509Ext.TElGeneralName();            
            AIA_URL.UniformResourceIdentifier = "http://secure.globalsign.net/cacert/orgv1.crt";
            AIA_URL.NameType = SBX509Ext.TSBGeneralName.gnUniformResourceIdentifier;
            certificate.Extensions.AuthorityInformationAccess.Count = 1;
            certificate.Extensions.AuthorityInformationAccess.get_AccessDescriptions(0).AccessMethod = SBUtils.Unit.StrToUTF8("1.3.6.1.5.5.7.48.1");
            certificate.Extensions.AuthorityInformationAccess.get_AccessDescriptions(0).AccessLocation.Assign(AIA_URL);

...

But AccessMethod property set is wrong.
Can you tell me how to correctly set up?
#6153
Posted: 05/07/2008 04:46:29
by Mykola Olshevsky (Basic support level)
Joined: 07/07/2005
Posts: 450

To get OID from this numeric notation, you should use function SBUtils.Unit.StrToOID("1­.3.6.1.5.5.7.48.1");
#6154
Posted: 05/07/2008 05:09:15
by  xu cong
Thank you very much!
#6177
Posted: 05/08/2008 02:07:40
by  xu cong
1)How to disappear UserNotice property in CertificatePolicies ?
2)How to disappear CRL Reason property in CRLDistributionPoints ?
Also by EldoS: CallbackFilter
A component to monitor and control disk activity, track file and directory operations (create, read, write, rename etc.), alter file data, encrypt files, create virtual files.

Reply

Statistics

Topic viewed 7374 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!