EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Loading trusted root certs

Also by EldoS: CallbackFilter
A component to monitor and control disk activity, track file and directory operations (create, read, write, rename etc.), alter file data, encrypt files, create virtual files.
#10355
Posted: 06/10/2009 13:06:44
by Sandeep Mohan (Standard support level)
Joined: 02/25/2009
Posts: 46

We have SafeBoot which encryption utility for the hard drive.
#10356
Posted: 06/10/2009 13:37:41
by Eugene Mayevski (EldoS Corp.)

ok ... did you try the same code on some other computer? Did it expose the same behavior? It's necessary to understand whether the issue is specific to one computer or it can be more or less consistently reproduced on any or at least several systems.


Sincerely yours
Eugene Mayevski
#10357
Posted: 06/10/2009 13:41:08
by Sandeep Mohan (Standard support level)
Joined: 02/25/2009
Posts: 46

It is mostly slow on 75 percent of the PC's here.
#10362
Posted: 06/11/2009 04:16:13
by Eugene Mayevski (EldoS Corp.)

Fine, thank you. A final question: can you please create a tiny sample project (compileable) and send it in ZIP file either here or to HelpDesk? Remember to remove the license key from the code.


Sincerely yours
Eugene Mayevski
#10366
Posted: 06/11/2009 07:01:02
by Sandeep Mohan (Standard support level)
Joined: 02/25/2009
Posts: 46

Some more deveoplments:
I ran the CertDemo.exe on the PC's which were responding very slowly. I noticed that loading a trust store on those PC's using CertDemo took very very long than loading it on my PC.
Yesterday i was debugging on a developer PC, and noticed that the Loading of the store was faster but validating was slower but not that slow.
The issue of slowness was reported from a QA PC's. To figure out what was wrong i ran the CertDemo on those PC's because i cannot debug code on them.
I noticed that loading a trust store took very long.
I wonder what makes it slow.
Do you still need a program?
#10370
Posted: 06/11/2009 11:00:22
by Eugene Mayevski (EldoS Corp.)

The problem can't be reproduced on our side (at least without a sample) so it would be great to have a test. The test also helps you on your side: when you create a test from scratch sometimes you have a chance to see and correct the mistake in your code. Of course this doesn't work always, but it does work sometimes. So we always welcome a test.


Sincerely yours
Eugene Mayevski
#10374
Posted: 06/12/2009 07:47:38
by Sandeep Mohan (Standard support level)
Joined: 02/25/2009
Posts: 46

Sample Attached..
The sample is just a modification of the SimpleSSLClient demo with our validation process.
I would also like to check with you guys if calling the Validate method on WinCertStorage will check for certificate validity.


thanks


[ Download ]
#10375
Posted: 06/12/2009 10:44:19
by Sandeep Mohan (Standard support level)
Joined: 02/25/2009
Posts: 46

There was a typo in the prev post.
I would like to know what the Validate method checks and in what order?
1. Issuer
2. Trusted CA
3. Date
If you look at the code, do you think we need the VaildateDate method?

thanks
#10378
Posted: 06/13/2009 03:30:36
by Eugene Mayevski (EldoS Corp.)

TElCustomCertStorage.Validate does the following:

1. Validity interval (date) is checked.
2. For self-signed certificates, TElX509Certificate.Validate is called.
3. For CA-signed certificates the CRL is checked, if it's present
4. For CA-signed certificates issuer certificate is looked for. If it's found, certificate in question is validated with the CA certificate. Only one issuer certificate is checked, i.e. the certificate chain is not built.
#10379
Posted: 06/13/2009 03:31:05
by Eugene Mayevski (EldoS Corp.)

BTW TElX509Certificate.Validate doesn't check the date against validity interval.
Also by EldoS: CallbackDisk
Create virtual disks backed by memory or custom location, expose disk images as disks and more.

Reply

Statistics

Topic viewed 4528 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!