EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Add certificate to the CRL

Also by EldoS: Callback File System
Create virtual file systems and disks, expose and manage remote data as if they were files on the local disk.
#861
Posted: 07/26/2006 08:16:11
by Andrei Johann (Basic support level)
Joined: 07/20/2006
Posts: 12

Code
Hi !

I'm trying to generate a CRL, but when I call the Add method i always receive -1 value, and the certificate information isn't added to the CRL ... (code below..)

I couldn't find what i'm doing wrong ... if somebody could help me ?

Other problem i have is when I get or set a value to/from CRL.ThisUpdate and CRL.NextUpdate, it returns the date minus three hours (???). I'm using a Win XP (pt-BR) (Brazil)

CODE -----

    Private Sub btnEmitCRL_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MICRL.Click
        OpenFileDialogCert.Title = "Selecione o certificado da CA para efetuar a assinatura."
        txtLOG.Text = "OPERAÇÃO: Seleção de certificado de CA para efetuar assinatura." & Chr(13) & Chr(10)
        Application.DoEvents()
        Dim CertSelecionado As String
        Dim resultDialogCert As DialogResult = OpenFileDialogCert.ShowDialog()
        If (resultDialogCert = Windows.Forms.DialogResult.OK) Then
            CertSelecionado = OpenFileDialogCert.FileName
            txtLOG.Text &= "Certificado de CA selecionado:" & CertSelecionado & Chr(13) & Chr(10)
        Else
            txtLOG.Text &= "OPERAÇÃO CANCELADA PELO USUÁRIO" & Chr(13) & Chr(10)
            Exit Sub
        End If
        Application.DoEvents()
        Try
            Dim objStream As Stream = File.Open(CertSelecionado, FileMode.Open, FileAccess.Read, FileShare.ReadWrite)

            Dim sqd As New StringQueryForm(True)
            sqd.Text = "Informe a Senha"
            sqd.Description = "Informe a senha para a Chave Privada:"
            If sqd.ShowDialog(Me) <> Windows.Forms.DialogResult.OK Then
                txtLOG.Text &= "Opera&#231;&#227;o cancelada pelo usu&#225;rio: " & Chr(13) & Chr(10)
                Return
            End If
            Dim sPKpass As String = sqd.TextBox

            Dim oCertCA As New SBX509.TElX509Certificate(Nothing)
            oCertCA.LoadFromStreamPFX(objStream, sPKpass, 0)

            If Not ValidaCertCA(oCertCA) Then
                Exit Sub
            End If

            Dim FrmCert As New FrmCertWizard(oCertCA)
            If FrmCert.ShowDialog(Me) <> Windows.Forms.DialogResult.OK Then
                txtLOG.Text &= "Opera&#231;&#227;o cancelada pelo usu&#225;rio: " & Chr(13) & Chr(10)
                Return
            End If

            txtLOG.Text &= "AGUARDE ... GERANDO O CRL" & Chr(13) & Chr(10)
            Application.DoEvents()

            '--------------
            Dim oCRL As New SBCRL.TElCertificateRevocationList()
            oCRL.ThisUpdate = CType(FrmCert.txtThisUpdate.Text.Trim, Date).AddHours(3)
            oCRL.NextUpdate = CType(FrmCert.txtNextUpdate.Text.Trim, Date).AddHours(3)

            oCRL.Issuer.Assign(oCertCA.IssuerRDN)

            oCRL.Extensions.Included = crlAuthorityKeyIdentifier Or crlCRLNumber
            oCRL.Extensions.CRLNumber.Number = FrmCert.txtCRLNumber.Text.Trim
            oCRL.Extensions.AuthorityKeyIdentifier.KeyIdentifier = oCertCA.Extensions.SubjectKeyIdentifier.KeyIdentifier
            Dim certRevockedIndex As Integer
            Dim oCert As SBX509.TElX509Certificate
            For Each oCert In FrmCert.CertArray
                certRevockedIndex = oCRL.Add(CType(oCert, SBX509.TElX509Certificate))
            Next

            'SALVA EM DISCO e assina
            Dim fs As FileStream = Nothing
            Dim sFileName As String = ""
            saveDlgCrl.Title = "Salvar CRL como:"
            If saveDlgCrl.ShowDialog(Me) = Windows.Forms.DialogResult.OK Then
                sFileName = saveDlgCrl.FileName
                sFileName = sFileName.Remove(sFileName.Length - 4, 4)
                sFileName += ".crl"
            End If

            Try
                fs = New FileStream(sFileName, FileMode.Create)
                Dim retSave As Integer = oCRL.SaveToStream(fs, oCertCA)
                If retSave <> 0 Then
                    MessageBox.Show("1. Falha ao salvar o CRL: " + retSave, "NFe", MessageBoxButtons.OK, MessageBoxIcon.Error)
                Else
                    txtLOG.Text &= "CRL GERADO COM SUCESSO !"
                    Application.DoEvents()
                End If

            Catch exc As Exception
                MessageBox.Show("2. Falha ao salvar o CRL: " + exc.Message, "NFe", MessageBoxButtons.OK, MessageBoxIcon.Error)
                Return
            Finally
                If Not (fs Is Nothing) Then
                    fs.Close()
                End If
            End Try
            FrmCert.Dispose()
        Catch Ex As Exception
            MessageBox.Show("Ocorreu uma exce&#231;&#227;o. ERRO:" & Ex.Message, "Erro", MessageBoxButtons.OK, MessageBoxIcon.Error)
            txtLOG.Text &= "Ocorreu uma exce&#231;&#227;o. ERRO:" & Ex.Message & Chr(13) & Chr(10)
        End Try
    End Sub

#862
Posted: 07/26/2006 09:20:31
by Andrei Johann (Basic support level)
Joined: 07/20/2006
Posts: 12

The first problem i've solved removing the folowing line:

oCRL.Issuer.Assign(oCertCA.IssuerRDN)

Now the certificate information is added to the itens collection in the CRL

The problems about DateTimes in the ThisUpdate And NextUpdate properties persists... In the ElRevocationItem.RevocationDate i've got the same problem .. (when I get or set a value to/from CRL.ThisUpdate and CRL.NextUpdate, it returns the date minus three hours )
#863
Posted: 07/26/2006 09:27:55
by Ken Ivanov (EldoS Corp.)

Quote
I'm trying to generate a CRL, but when I call the Add method i always receive -1 value, and the certificate information isn't added to the CRL ... (code below..)

TElCertificateRevocationList.Add() returns -1 (i.e., the certificate cannot be added) in the following cases:
a) the certificate with the same serial number is already present in the CRL,
b) the issuer of the certificate does not correspond to the TElCertificateRevocationList.Issuer property.

Quote
Other problem i have is when I get or set a value to/from CRL.ThisUpdate and CRL.NextUpdate, it returns the date minus three hours (???).

The values of ThisUpdate and NextUpdate properties of the TElCertificateRevocationList class are expected to be set in UTC. Most likely, it is the reason for the problem.

Reply

Statistics

Topic viewed 3050 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!