EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Timestamp errors 83970 and 8204

Also by EldoS: CallbackRegistry
A component to monitor and control Windows registry access and create virtual registry keys.
#29067
Posted: 04/01/2014 14:39:51
by Qualisoft CQPD (Standard support level)
Joined: 03/13/2007
Posts: 55

First of all, thanks to Eugene and Ken for the support in the last days.

That's a Tricky one: In the Samples of SBB, i'm using the TinySigner (PDF), in VB.Net (VS 2010) to sign a PDF File using a TimeStamp server. In fact, it's a page in a web server who redirects to a TimeStamp Server. And all works fine.

So, I copied the code to my project, made some minor ajustments in it and... error. When I try to reach tha page that makes the redirect, the error is 8204 (Invalid Signature, I guess). When i try to reach the TimeStamp Server directly I got the 83970 error (TSP No Reply, I guess).

With the same certificate, with the same file, on TinySigner... All runs good, no errors, signed sucessfully, in both cenarios.

I tried to implement (Thanks to Ken) OnHTTPError and OnHTTPRedirects Handles to find out, but without success until now. What can possibily wrong? I'm sending an attachment with the errors trace, and i'll send some code in a reply here.

Thank you in advance,

Luigi.


[ Download ]
#29068
Posted: 04/01/2014 14:42:25
by Qualisoft CQPD (Standard support level)
Joined: 03/13/2007
Posts: 55

The code:

Code
                    Dim regKey As RegistryKey
                    regKey = Registry.LocalMachine.OpenSubKey("Software\QUALISOFT\DESKSIGNERPDF", True)
                    If bTSPHabilitado = True Then
                        If Conf_Retornar_TSP_habilitado() = True Then


                            TSPClient = New TElHTTPTSPClient

                            PublicKeyHandler.IgnoreTimestampFailure = False

                            HTTPClient = New TElHTTPSClient

                            'Erro TimeStamp
                            AddHandler TSPClient.OnHTTPError, AddressOf HandleHTTPError
                            AddHandler HTTPClient.OnRedirection, AddressOf HandleHTTPRedirection

                            bTSP = True

                            TSPClient.URL = Trim(Conf_Retornar_URLTSP()) & IIf(Conf_Retornar_PORTATSP() > 0, ":" & Trim(Conf_Retornar_PORTATSP()), "")
                            TSPClient.HashAlgorithm = SBConstants.Unit.SB_ALGORITHM_DGST_SHA1


                            Dim proxySRV As String
                            Dim proxyPORTA As String
                            Dim proxyUSU As String
                            Dim proxySENHA As String


                            proxySRV = DeCritografaPROXYSETTINGS(regKey.GetValue("SRVPROXY", ""))
                            If proxySRV.Length() > 0 Then
                                proxyPORTA = DeCritografaPROXYSETTINGS(regKey.GetValue("PORTAPROXY", ""))
                                proxyUSU = DeCritografaPROXYSETTINGS(regKey.GetValue("USUPROXY", ""))
                                proxySENHA = DeCritografaPROXYSETTINGS(regKey.GetValue("SENHAPROXY", ""))

                                HTTPClient.HTTPProxyHost = proxySRV
                                HTTPClient.HTTPProxyPassword = proxySENHA
                                HTTPClient.HTTPProxyUsername = proxyUSU
                                HTTPClient.HTTPProxyPort = Val(proxyPORTA)
                                HTTPClient.UseHTTPProxy = True
                            Else
                                HTTPClient.UseHTTPProxy = False
                            End If

                            HTTPClient.SSLEnabled = True

                            TSPClient.HTTPClient = HTTPClient
                            PublicKeyHandler.TSPClient = TSPClient
                        End If
                    Else
                        bTSP = False
                    End If
                    regKey.Close()

                    Success = True

                Finally

                    Document.Close(Success)

                End Try
            Finally
                F.Close()
            End Try


The error ocurrs in the F.Close() line.
#29069
Posted: 04/01/2014 14:43:37
by Eugene Mayevski (EldoS Corp.)

Most likely you didn't initialize CRL and OCSP retrievers, which could lead to impossibility to collect revocation information or to validate server certificates. Please search the source code of the sample for "Initialize" and you'll understand what to do.


Sincerely yours
Eugene Mayevski
#29070
Posted: 04/01/2014 15:08:37
by Qualisoft CQPD (Standard support level)
Joined: 03/13/2007
Posts: 55

Hi Eugene, thank you again for the support.

Didi you mean in the "TinySigner" code? Because I just find in here the Initialize Component for the Windows Form and for de SecureBlackBox.PDF:

Code
       'This call is required by the Windows Form Designer.
        InitializeComponent()


And

Code
        ' Both initialization function *must* be called before using PDFBlackbox:
        SBPDF.Unit.Initialize()
        SBPDFSecurity.Unit.Initialize()


Nothing more. I may step out something here.
#29071
Posted: 04/01/2014 15:43:32
by Eugene Mayevski (EldoS Corp.)

I've mislead you a bit. Those calls are Register*** , but they are also not present in the sample. So I am afraid your only option is to find the differences with the sample - it can happen that your components (such as TElHTTPTSPClient and TElHTTPClient) are not linked together and TElHTTPTSPClient can't retrieve the timestamp.


Sincerely yours
Eugene Mayevski
#29072
Posted: 04/01/2014 15:57:27
by Qualisoft CQPD (Standard support level)
Joined: 03/13/2007
Posts: 55

Thank you again, Eugene.

What do you mean with "Not linked together"? Maybe I've made the wrong reference, something like this?
#29073
Posted: 04/01/2014 16:02:43
by Eugene Mayevski (EldoS Corp.)

Nope, they are (TSPClient.HTTPClient = HTTPClient in your code). No other ideas, maybe tomorrow. But surely there's something missing...


Sincerely yours
Eugene Mayevski
#29074
Posted: 04/01/2014 16:30:04
by Qualisoft CQPD (Standard support level)
Joined: 03/13/2007
Posts: 55

Eugene,

I Think i'd found it. The line:

Code
HTTPClient.SSLEnabled = True


I don't know why some server without HTTPS everything works, but in my server don't. I think that's it.

I will make some more tests, and let you know about it.

Thank you.
#29076
Posted: 04/02/2014 01:03:09
by Eugene Mayevski (EldoS Corp.)

SSLEnabled property should not affect component behavior unless your server's URL doesn't contain a protocol. If you specify server URL without a protocol (no http:// or https://) and port, then the component doesn't know how to connect (with or without SSL).


Sincerely yours
Eugene Mayevski
#29108
Posted: 04/03/2014 10:03:20
by Qualisoft CQPD (Standard support level)
Joined: 03/13/2007
Posts: 55

Hi Eugene,

You are right. I don't know why started to work, but now all had stopped again. Again, works with TinyServer, and doesn't work in my application.

The difference now is the error: 8219 (RSA key has failed). What now? Any ideias?

Thank you again.
Also by EldoS: Callback File System
Create virtual file systems and disks, expose and manage remote data as if they were files on the local disk.

Reply

Statistics

Topic viewed 2894 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!