EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Public Key - Ver 4.x upgrade to v5.x

Also by EldoS: CallbackRegistry
A component to monitor and control Windows registry access and create virtual registry keys.
Posted: 03/27/2007 01:55:15
by Paul McIntyre (Standard support level)
Joined: 01/11/2007
Posts: 14

I am using the source code. Are you saying that it works with the source code? As I am unable to get it to do so.
Posted: 03/27/2007 07:13:00
by Eugene Mayevski (EldoS Corp.)

Please ignore my last post. We've mixed two questions - about the license key and about certificate behaviour.

Sincerely yours
Eugene Mayevski
Posted: 03/27/2007 07:14:56
by Ken Ivanov (EldoS Corp.)

We were able to successfully reproduce the issue with connection failure. It was caused by incorrect certificate validation process (actually, the validation process itself is OK, but the sample certificate is incorrectly loaded by TElX509Certificate class and this results in failure of validation process). Please replace the code of TElAuthorityKeyIdentifierExtension.SetValue() method with the following code to apply the fix:
procedure TElAuthorityKeyIdentifierExtension.SetValue(const Value: BufferType);
  Tag, SeqTag : TElASN1ConstrainedTag;
  CurrTagIndex : integer;
  Tag := TElASN1ConstrainedTag.Create;
    if Tag.LoadFromBuffer(@Value[1], Length(Value)) then
      if (Tag.Count = 1) and (Tag.GetField(0).CheckType(SB_ASN1_SEQUENCE, true)) then
        SeqTag := TElASN1ConstrainedTag(Tag.GetField(0));
        CurrTagIndex := 0;
        if (CurrTagIndex < SeqTag.Count) and (SeqTag.GetField(CurrTagIndex).CheckType($80, false)) then
          FKeyIdentifier := TElASN1SimpleTag(SeqTag.GetField(CurrTagIndex)).Content;
        else if (CurrTagIndex < SeqTag.Count) and (SeqTag.GetField(CurrTagIndex).CheckType($A0, true)) then
          if (TElASN1ConstrainedTag(SeqTag.GetField(CurrTagIndex)).Count > 0) and
            TElASN1ConstrainedTag(SeqTag.GetField(CurrTagIndex)).GetField(0).CheckType(SB_ASN1_OCTETSTRING, false) then
            FKeyIdentifier := TElASN1SimpleTag(TElASN1ConstrainedTag(SeqTag.GetField(CurrTagIndex)).GetField(0)).Content;
        if (CurrTagIndex < SeqTag.Count) and (SeqTag.GetField(CurrTagIndex).CheckType($A1, true)) then
          FAuthorityCertIssuer.LoadFromTag(TElASN1ConstrainedTag(SeqTag.GetField(CurrTagIndex)), true);
        if (CurrTagIndex < SeqTag.Count) and (SeqTag.GetField(CurrTagIndex).CheckType($82, false)) then
          FAuthorityCertSerial := RotateInteger(TElASN1SimpleTag(SeqTag.GetField(CurrTagIndex)).Content);

After the above changes the connection should be established correctly.
Posted: 03/27/2007 17:58:14
by Paul McIntyre (Standard support level)
Joined: 01/11/2007
Posts: 14

Thanks for the update, but it hasn't worked in my code or the (Indy10) CBServ or CbClient sample apps. Were you able to load it correctly through these sample apps?

Its is traversing through the updated SBX509Ext code above.

Any other suggestions?
Posted: 03/28/2007 00:17:41
by Ken Ivanov (EldoS Corp.)

Would you be so kind to provide us the following information:
a) what kind of errors are you getting now? Is it still a 'public key not available' exception or 75784 error? On which side (client or server) is the error returned?
b) a call stack that takes place when the error is returned.

Thank you in advance.
Posted: 03/29/2007 00:41:48
by Paul McIntyre (Standard support level)
Joined: 01/11/2007
Posts: 14

I am still receiving the Public Key not available on the Client Side.

Call stack from the CBClient application when exception raised...

:7c812a5b kernel32.RaiseException + 0x52
:00451322 TControl.Click + $6A
:00451725 TControl.DoMouseUp + $31
:00450aa7 TControl.Perform + $27
:00454816 TWinControl.IsControlMouseMsg + $A6
:004659b2 TCustomForm.WndProc + $536
:0045444b TWinControl.MainWndProc + $2F
:00424d56 StdWndProc + $16
:77d48734 USER32.GetDC + 0x6d
:77d48816 ; C:\WINDOWS\system32\USER32.dll
:77d489cd ; C:\WINDOWS\system32\USER32.dll
:77d496c7 USER32.DispatchMessageA + 0xf
:0046d45d TApplication.ProcessMessage + $101

Callstack from the CBServ

:7c812a5b kernel32.RaiseException + 0x52
:00424007 ThreadProc + $37
:0040514e ThreadWrapper + $2A
:7c80b683 ; C:\WINDOWS\system32\kernel32.dll

Let me know if you require any further information.
Posted: 03/29/2007 06:06:55
by Ken Ivanov (EldoS Corp.)

Such a call stack may appear only if there are some problems with the certificates being used. However, it should not appear if 'normal' certificates are used. So the issue looks very strange for us.

BTW, what exactly SecureBlackbox build are you using? Would you be so kind to try the 5.1.108 pre-release one and check if the issue also occurs with it?
Posted: 03/29/2007 23:01:20
by Paul McIntyre (Standard support level)
Joined: 01/11/2007
Posts: 14

I was using 5.0.107. I even received the error with the certificates provided with the samples, so I don't know where the issue was introduced with the Certificates (and as I said originally my certificates worked under V4.x).

I have upgraded to 5.0.108 and it has fixed the issue.

Thanks for your assistance with this.
Posted: 03/29/2007 23:48:37
by Ken Ivanov (EldoS Corp.)

Great, thank you for letting us know.
Also by EldoS: Rethync
The cross-platform framework that simplifies synchronizing data between mobile and desktop applications and servers and cloud storages



Topic viewed 9450 times

Number of guests: 1, registered members: 0, in total hidden: 0


Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!