EldoS | Feel safer!

Software components for data protection, secure storage and transfer

How to: get CRL location from x509 certificate using SecureBlackBox

Also by EldoS: CallbackRegistry
A component to monitor and control Windows registry access and create virtual registry keys.
#74
Posted: 04/28/2006 01:42:18
by Oleg Kolesnikov (Basic support level)
Joined: 04/28/2006
Posts: 9

Dear Eugene,
can you (or somebody) drovide few lines of code (C# preferably) that will extract a CRL location from x509 certificate?
Thank you,
Oleg.
#78
Posted: 04/28/2006 02:35:56
by Eugene Mayevski (EldoS Corp.)

Something like this:

Code
if (((Cert.Extensions.Included & ceCRLDistributionPoints) == ceCRLDistributionPoints) && (Cert.Extensions.CRLDistributionPoints.DistributionPoints.Count > 0))
{
  string URI = Cert.Extensions.CRLDistributionPoints.DistributionPoints[...].CRLIssuer.UniformResourceIdentifier;
}


Sincerely yours
Eugene Mayevski
#80
Posted: 04/28/2006 03:13:23
by Oleg Kolesnikov (Basic support level)
Joined: 04/28/2006
Posts: 9

Great!
It almost works except that it cannot be found where the ceCRLDistributionPoints value is defined. UniformResourceIdentifier remains unknown as well. We have version 3.3.0.61 - should be update?
#83
Posted: 04/28/2006 03:39:55
by Eugene Mayevski (EldoS Corp.)

ceCRLDistributionPoints is defined in SBX509Ext.pas. UniformResourceIdentifier is part of ElRelativeDistinguishedName class.


Sincerely yours
Eugene Mayevski
#86
Posted: 04/28/2006 04:24:07
by Ken Ivanov (EldoS Corp.)

Quote
UniformResourceIdentifier is part of ElRelativeDistinguishedName class.

Correction: UniformResourceIdentifier is a part of ElGeneralName class.
#87
Posted: 04/28/2006 04:31:24
by Oleg Kolesnikov (Basic support level)
Joined: 04/28/2006
Posts: 9

Quote
Innokentiy Ivanov wrote:
Correction: UniformResourceIdentifier is a part of ElGeneralName class.

Yes, I fount it in the help . The problem is that compiler (C#.Net) tells me:
error CS0117: 'SBX509Ext.TElGeneralNames' does not contain a definition for 'UniformResourceIdentifier'.
What do I miss?
#89
Posted: 04/28/2006 04:45:15
by Ken Ivanov (EldoS Corp.)

Yes, because TElGeneralNames is a collection of TElGeneralName objects. Please use the following syntax (simplified):
Code
Cert.Extensions.CRLDistributionPoints.get_DistributionPoints(0).CRLIssuer.get_Names(0).UniformResourceIdentifier

#90
Posted: 04/28/2006 05:43:27
by Oleg Kolesnikov (Basic support level)
Joined: 04/28/2006
Posts: 9

Quote
Innokentiy Ivanov wrote:
Yes, because TElGeneralNames is a collection of TElGeneralName objects. Please use the following syntax (simplified):
Cert.Extensions.CRLDistributionPoints.get_DistributionPoints(0).CRLIssuer.get_Names(0).UniformResourceIdentifier


Thanks - I fount get_DistributionPoints but didn't mentioned get_Names. It compiles now.

However, one problem remains: definition for ceCRLDistributionPoints is not found. Eugene wrote that it is in the SBX509Ext.pas but I do not see this SBX509Ext.pas in the objects browser as well. Any clue?
#91
Posted: 04/28/2006 05:56:34
by Ken Ivanov (EldoS Corp.)

Quote
Eugene wrote that it is in the SBX509Ext.pas but I do not see this SBX509Ext.pas in the objects browser as well.

He was right -- but his words concern VCL edition. For .NET edition please use the following reference:
SBX509Ext.Unit.ceCRLDistributionPoints
#92
Posted: 04/28/2006 06:56:13
by Oleg Kolesnikov (Basic support level)
Joined: 04/28/2006
Posts: 9

Quote
Innokentiy Ivanov wrote:
He was right -- but his words concern VCL edition. For .NET edition please use the following reference:
SBX509Ext.Unit.ceCRLDistributionPoints


Excellent! This works.
I tried to see how it works - there some strange results that I found. oTElDistPoint.CRLIssuer.Count always contains 0, for any certificate there no elements it gives. From the other hand oTElDistPoint.Name.get_Names( iNameIndex ) seems to contain corrrect points. Is it normal?
Also by EldoS: Callback File System
Create virtual file systems and disks, expose and manage remote data as if they were files on the local disk.

Reply

Statistics

Topic viewed 10039 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!