EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Add Extensions property

Also by EldoS: CallbackRegistry
A component to monitor and control Windows registry access and create virtual registry keys.
Posted: 05/06/2008 03:25:04
by  xu cong
I want to add Extensions property while awarding the certificate.
My way is:
TElCertificateRequest FRequest = new TElCertificateRequest();
TElX509Certificate TELX509 = new TElX509Certificate();


DateTime date = DateTime.Now;
string date_ = date.ToString("yyyyMMddHHmmss");
TElX509Certificate certificate = new TElX509Certificate(null);

certificate.SerialNumber = SBUtils.Unit.StrToUTF8(date_);
certificate.ValidFrom = Convert.ToDateTime(TextBox3.Text);
certificate.ValidTo = Convert.ToDateTime(TextBox4.Text);
certificate.Extensions.AuthorityInformationAccess.Count = 1;
certificate.Extensions.CRLDistributionPoints.Count = 1;
certificate.Extensions.AuthorityInformationAccess.Value = SBUtils.Unit.StrToUTF8("http://secure.globalsign.net/cacert/orgv1.crt");
certificate.Extensions.CRLDistributionPoints.Value = SBUtils.Unit.StrToUTF8("http://crl.globalsign.net/OrganizationVal1.crl");
certificate.Extensions.ExtendedKeyUsage.ClientAuthentication = true;
certificate.Extensions.ExtendedKeyUsage.CodeSigning = true;
certificate.Extensions.ExtendedKeyUsage.EmailProtection = true;
certificate.Extensions.ExtendedKeyUsage.ServerAuthentication = true;
certificate.Extensions.ExtendedKeyUsage.TimeStamping = true;
certificate.Extensions.AuthorityKeyIdentifier.Value = TELX509.Extensions.SubjectKeyIdentifier.Value;
certificate.Extensions.SubjectKeyIdentifier.Value = FRequest.Extensions.SubjectKeyIdentifier.Value;
certificate.Extensions.BasicConstraints.CA = false;
certificate.Extensions.BasicConstraints.PathLenConstraint = 0;
certificate.Extensions.CertificatePolicies.Value = SBUtils.Unit.StrToUTF8("http://www.globalsign.net/repository/");
certificate.Extensions.CertificatePolicies.OID = SBUtils.Unit.StrToUTF8("");
certificate.Extensions.KeyUsage.Critical = true;
certificate.Extensions.KeyUsage.DigitalSignature = true;
certificate.Extensions.KeyUsage.KeyEncipherment = true;
TELX509.Generate(FRequest, certificate);


However, can not add Extensions property into the certificate after carrying out the procedure.
I have read the Help document, have not found the method to solve.
Posted: 05/06/2008 03:45:25
by Eugene Mayevski (Team)

You don't set Included property, which indicates, what extensions you want to include.

Sincerely yours
Eugene Mayevski
Posted: 05/06/2008 03:59:14
by  xu cong
How should I do ? can provide a Demo .
Posted: 05/06/2008 04:14:21
by Mykola Olshevsky (Basic support level)
Joined: 07/07/2005
Posts: 450

Please read our documentation at http://www.eldos.com/documentation/sbb/documentation/ref_cl_certificateextensions_prp_included.html

You should write something like
certificate.Extensions.Included := [ceCRLDistributionPoints, ceAuthorityInformationAccess, ceKeyUsage], depending on what extensions you want to include into the certificate.
Posted: 05/06/2008 04:28:46
by Eugene Mayevski (Team)

This is C#. The code will be different.

Sincerely yours
Eugene Mayevski
Posted: 05/06/2008 04:44:54
by Mykola Olshevsky (Basic support level)
Joined: 07/07/2005
Posts: 450

Sorry, for C# code will be as following:
certificate.Extensions.In­cluded = SBX509Ext.Unit.ceAuthorityKeyIdentifier | SBX509Ext.Unit.cePrivateKeyUsagePeriod | SBX509Ext.Unit.ceCRLDistributionPoints;
Posted: 05/07/2008 04:21:42
by  xu cong
A related question:
How to set up AccessMethod property in AuthorityInformationAccess?
This is my code:

            SBX509Ext.TElGeneralName AIA_URL = new SBX509Ext.TElGeneralName();            
            AIA_URL.UniformResourceIdentifier = "http://secure.globalsign.net/cacert/orgv1.crt";
            AIA_URL.NameType = SBX509Ext.TSBGeneralName.gnUniformResourceIdentifier;
            certificate.Extensions.AuthorityInformationAccess.Count = 1;
            certificate.Extensions.AuthorityInformationAccess.get_AccessDescriptions(0).AccessMethod = SBUtils.Unit.StrToUTF8("");


But AccessMethod property set is wrong.
Can you tell me how to correctly set up?
Posted: 05/07/2008 04:46:29
by Mykola Olshevsky (Basic support level)
Joined: 07/07/2005
Posts: 450

To get OID from this numeric notation, you should use function SBUtils.Unit.StrToOID("1­.");
Posted: 05/07/2008 05:09:15
by  xu cong
Thank you very much!
Posted: 05/08/2008 02:07:40
by  xu cong
1)How to disappear UserNotice property in CertificatePolicies ?
2)How to disappear CRL Reason property in CRLDistributionPoints ?
Also by EldoS: MsgConnect
Cross-platform protocol-independent communication framework for building peer-to-peer and client-server applications and middleware components.



Topic viewed 7954 times

Number of guests: 1, registered members: 0, in total hidden: 0


Back to top

As of July 15, 2016 EldoS business operates as a division of /n software, inc. For more information, please read the announcement.

Got it!