EldoS | Feel safer!

Software components for data protection, secure storage and transfer

AuthorityCertSerial byte order certificate generate

Also by EldoS: RawDisk
Access locked and protected files in Windows, read and write disks and partitions and more.
#9873
Posted: 04/30/2009 02:16:59
by Janusz W (Standard support level)
Joined: 03/27/2009
Posts: 8

Dear Sirs,
I set AuthorityCertSerial before certificate generating.
After generate, the byte order is changed.
Example:
before generate:
AuthorityCertSerial=[1][6]
after generate:
AuthorityCertSerial=[6][1]
Is this correct?
Sincerely
Janusz
#9875
Posted: 04/30/2009 05:19:42
by Ken Ivanov (EldoS Corp.)

Would you be so kind to provide the exact code?
#9897
Posted: 05/04/2009 04:04:43
by Janusz W (Standard support level)
Joined: 03/27/2009
Posts: 8

Dear Mr Innokentiy Ivanow,
here is my code:
//before this line You have AuthorityCertSerial =null
and SerialNumber as for example byte[2] with values [0]=13 and [1]=1
m_certificate.Extensions.AuthorityKeyIdentifier.AuthorityCertSerial = cCA.SerialNumber;
//after above line You can see both variables AuthorityCertSerial and SerialNumber as byte[2] with values [0]=13 [1]=1
//and after this line:
m_certificate.Generate(cCA, SBUtils.Unit.SB_CERT_ALGORITHM_ID_RSA_ENCRYPTION,32);

You can see AuthorityCertSerial as byte[2] with values [0]=1 [1]=13

Sincerely
Janusz Witrykus
Full procedure:
public void CertificateCreate(string commonName,
string emailAddress, string organization)
{
try
{
m_certificate = new TElX509Certificate();
m_certificate.ValidFrom = System.DateTime.Now;
m_certificate.ValidTo = System.DateTime.Now.AddYears(1);
TName tn = new TName();
tn.CommonName = commonName;
tn.Country = "Poland";
tn.EMailAddress = emailAddress;
tn.Organization = organization;
m_certificate.SetSubject(tn);
m_certificate.SetIssuer(tn);
m_certificate.SerialNumber = SerialNumberNext;
m_certificate.Extensions.KeyUsage.DataEncipherment = true;
m_certificate.Extensions.KeyUsage.DigitalSignature = true;
m_certificate.Extensions.KeyUsage.KeyAgreement = true;
Certificate certHelper = new Certificate();
certHelper.CertificateLoadFromDatabase("Certyfikat TS CA", 269);
if (certHelper.Result != ResultEnum.OK)
{
OperationResultCopy(certHelper);
return;
}
TElX509Certificate cCA = certHelper.CerificateGet;
if (!cCA.PrivateKeyExists)
{
m_result = ResultEnum.ERROR;
m_errArea = ErrAreaEnum.FIN;
m_processed = ProcessedEnum.NO;
m_errMessage = "Brak klucza prywatnego w certyfikacie CA.";
log.Error(m_errMessage);
return;
}
m_certificate.Extensions.AuthorityKeyIdentifier.AuthorityCertSerial = cCA.SerialNumber;
m_certificate.Extensions.Included = SBX509Ext.Unit.ceAuthorityKeyIdentifier | SBX509Ext.Unit.ceKeyUsage;
m_certificate.SetCACertificate(cCA);
byte[] caPrivateKey=null;
cCA.SaveKeyToBuffer(out caPrivateKey);
m_certificate.SetCAPrivateKey(caPrivateKey);

/*When creating a certificate using CA, Algorithm can be one of the following:
SB_CERT_ALGORITHM_ID_RSA_ENCRYPTION
SB_CERT_ALGORITHM_ID_DSA
SB_CERT_ALGORITHM_DH_PUBLIC
SB_CERT_ALGORITHM_UNKNOWN
*/
m_certificate.Generate(cCA, SBUtils.Unit.SB_CERT_ALGORITHM_ID_RSA_ENCRYPTION,32);

Certificate c = new Certificate(m_certificate);
c.CertificateWriteToDatabase();
//c.CertificateWriteToPFX("mojCertyf3.pfx", "...");
}
catch (Exception e)
{
m_result = ResultEnum.ERROR;
m_errArea = ErrAreaEnum.TECH ;
m_processed = ProcessedEnum.UNSURE ;
m_errMessage = e.Message;
log.Error(m_errMessage);
return;
}
}
#9904
Posted: 05/05/2009 02:55:36
by Mykola Olshevsky (Basic support level)
Joined: 07/07/2005
Posts: 450

Hi. We found the source of problem, and fix will be included in the next build.
This problem occurs only during certificate loading.
#9908
Posted: 05/05/2009 04:24:09
by Janusz W (Standard support level)
Joined: 03/27/2009
Posts: 8

Thank You very much.
Sincerely
Janusz
Also by EldoS: Solid File System
A virtual file system that offers a feature-rich storage for application documents and data with built-in compression and encryption.

Reply

Statistics

Topic viewed 1411 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!