EldoS | Feel safer!

Software components for data protection, secure storage and transfer

AuthorityCertSerial byte order certificate generate

Also by EldoS: BizCrypto
Components for BizTalk® and SQL Server® Integration Services that let you securely store and transfer information in your business automation solutions.
#9873
Posted: 04/30/2009 02:16:59
by Janusz W (Standard support level)
Joined: 03/27/2009
Posts: 8

Dear Sirs,
I set AuthorityCertSerial before certificate generating.
After generate, the byte order is changed.
Example:
before generate:
AuthorityCertSerial=[1][6]
after generate:
AuthorityCertSerial=[6][1]
Is this correct?
Sincerely
Janusz
#9875
Posted: 04/30/2009 05:19:42
by Ken Ivanov (EldoS Corp.)

Would you be so kind to provide the exact code?
#9897
Posted: 05/04/2009 04:04:43
by Janusz W (Standard support level)
Joined: 03/27/2009
Posts: 8

Dear Mr Innokentiy Ivanow,
here is my code:
//before this line You have AuthorityCertSerial =null
and SerialNumber as for example byte[2] with values [0]=13 and [1]=1
m_certificate.Extensions.AuthorityKeyIdentifier.AuthorityCertSerial = cCA.SerialNumber;
//after above line You can see both variables AuthorityCertSerial and SerialNumber as byte[2] with values [0]=13 [1]=1
//and after this line:
m_certificate.Generate(cCA, SBUtils.Unit.SB_CERT_ALGORITHM_ID_RSA_ENCRYPTION,32);

You can see AuthorityCertSerial as byte[2] with values [0]=1 [1]=13

Sincerely
Janusz Witrykus
Full procedure:
public void CertificateCreate(string commonName,
string emailAddress, string organization)
{
try
{
m_certificate = new TElX509Certificate();
m_certificate.ValidFrom = System.DateTime.Now;
m_certificate.ValidTo = System.DateTime.Now.AddYears(1);
TName tn = new TName();
tn.CommonName = commonName;
tn.Country = "Poland";
tn.EMailAddress = emailAddress;
tn.Organization = organization;
m_certificate.SetSubject(tn);
m_certificate.SetIssuer(tn);
m_certificate.SerialNumber = SerialNumberNext;
m_certificate.Extensions.KeyUsage.DataEncipherment = true;
m_certificate.Extensions.KeyUsage.DigitalSignature = true;
m_certificate.Extensions.KeyUsage.KeyAgreement = true;
Certificate certHelper = new Certificate();
certHelper.CertificateLoadFromDatabase("Certyfikat TS CA", 269);
if (certHelper.Result != ResultEnum.OK)
{
OperationResultCopy(certHelper);
return;
}
TElX509Certificate cCA = certHelper.CerificateGet;
if (!cCA.PrivateKeyExists)
{
m_result = ResultEnum.ERROR;
m_errArea = ErrAreaEnum.FIN;
m_processed = ProcessedEnum.NO;
m_errMessage = "Brak klucza prywatnego w certyfikacie CA.";
log.Error(m_errMessage);
return;
}
m_certificate.Extensions.AuthorityKeyIdentifier.AuthorityCertSerial = cCA.SerialNumber;
m_certificate.Extensions.Included = SBX509Ext.Unit.ceAuthorityKeyIdentifier | SBX509Ext.Unit.ceKeyUsage;
m_certificate.SetCACertificate(cCA);
byte[] caPrivateKey=null;
cCA.SaveKeyToBuffer(out caPrivateKey);
m_certificate.SetCAPrivateKey(caPrivateKey);

/*When creating a certificate using CA, Algorithm can be one of the following:
SB_CERT_ALGORITHM_ID_RSA_ENCRYPTION
SB_CERT_ALGORITHM_ID_DSA
SB_CERT_ALGORITHM_DH_PUBLIC
SB_CERT_ALGORITHM_UNKNOWN
*/
m_certificate.Generate(cCA, SBUtils.Unit.SB_CERT_ALGORITHM_ID_RSA_ENCRYPTION,32);

Certificate c = new Certificate(m_certificate);
c.CertificateWriteToDatabase();
//c.CertificateWriteToPFX("mojCertyf3.pfx", "...");
}
catch (Exception e)
{
m_result = ResultEnum.ERROR;
m_errArea = ErrAreaEnum.TECH ;
m_processed = ProcessedEnum.UNSURE ;
m_errMessage = e.Message;
log.Error(m_errMessage);
return;
}
}
#9904
Posted: 05/05/2009 02:55:36
by Mykola Olshevsky (Basic support level)
Joined: 07/07/2005
Posts: 450

Hi. We found the source of problem, and fix will be included in the next build.
This problem occurs only during certificate loading.
#9908
Posted: 05/05/2009 04:24:09
by Janusz W (Standard support level)
Joined: 03/27/2009
Posts: 8

Thank You very much.
Sincerely
Janusz
Also by EldoS: Callback File System
Create virtual file systems and disks, expose and manage remote data as if they were files on the local disk.

Reply

Statistics

Topic viewed 1413 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!