EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Question concerning certificates

Also by EldoS: CallbackProcess
A component to control process creation and termination in Windows and .NET applications.
#12480
Posted: 02/18/2010 06:13:00
by neil young (Standard support level)
Joined: 11/05/2007
Posts: 96

Hold on, probably in GenerateCert.cs, below line 1213? :) Can this extension also
be set for non-selfsigned certs?

UPDATE: ARGHGHHG, my version does not have SBX509Ext.Unit.gnRFC822Name...
UPDATE2:
Found this:
Quote
Cert.Extensions.SubjectAlternativeName.Content.get_Names(0).NameType = SBX509Ext.TSBGeneralName.gnRFC822Name;



Regards
#12481
Posted: 02/18/2010 06:47:23
by Ken Ivanov (EldoS Corp.)

The standard declares a signature as following:
Quote
struct {
SignatureAndHashAlgorithm algorithm;
SignerIdentity identity;
opaque signature_value<0..2^16-1>;
} Signature;

Entities like "signature, hash algorithm" pair or "opaque signature value" (i.e. direct cryptographic parameters references) are only used on the lowest possible level of digital signing task. The only specification that fills this level is PKCS#1. All other signature standards (PKCS#7, CMS, CAdES) work on higher level and deal with more abstract terms. Actually, a reference to TLS SignatureAlgorithm Registry confirms this.

The only requirement for certificate extension setup is that it must be performed before Generate() method is called. In particular, it can be performed at the following location:
Code
Cert.SubjectRDN.set_OIDs(5, SBUtils.Unit.SB_CERT_OID_COMMON_NAME);
Cert.SubjectRDN.set_Values(5, SBUtils.Unit.BytesOfString(edtCommonName.Text));
Cert.ValidFrom = dtpFrom.Value;
Cert.ValidTo = dtpTo.Value;
... <------ here


Extensions can be set up in the above way for both self-signed and CA-signed certificates.
#12482
Posted: 02/18/2010 07:12:25
by neil young (Standard support level)
Joined: 11/05/2007
Posts: 96

Yes, thanks. Found that already. To be continued...

Thanks so far. That was very helpful (as ever).
Regards

Reply

Statistics

Topic viewed 3493 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!