EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Timeout trying to check CRL in Windows Phone 7

Also by EldoS: CallbackRegistry
A component to monitor and control Windows registry access and create virtual registry keys.
#29696
Posted: 06/05/2014 07:52:17
by Jochem Burger (Priority Standard support level)
Joined: 02/18/2014
Posts: 6

We are developing an app for Windows Phone 7 and Windows Phone 8 that verifies several certificates used in the SSL connections.
While testing it, we've encounter that in Windows Phone 7 we get this exception:

Code
Exception occured
assembly file version: 1.0.0.0
exception ocurred: 05/06/2014 10:43:08
Network.NetworkException: No response received from the server ---> SBSocket.EElSocketError: Connection timeout (error code is 96270)


After further investigation we've seen that if we set the checkCRL property to false from the certificate validator, it doesn't raise that exception any more.
This only happens in windows phone 7, as in WP8 seems to work fine (whether we disable the CRL check or not).
Could it be a bug from the library? Is there something else we could check?
Thanks in advance
#29697
Posted: 06/05/2014 08:01:16
by Vsevolod Ievgiienko (EldoS Corp.)

Thank you for contacting us.

What you can to is to increase timeout. This can be done inside TElX509CertificateValidator.OnBeforeCRLRetrieverUse event handler. You should check the type of its Retriever parameter and

1) if its TElLDAPCRLRetriever, then change its TElLDAPCRLRetriever.LDAPSClient.ReceiveTimeout property;
2) if its TElHTTPCRLRetriever then change TElHTTPCRLRetriever.HTTPClient.SocketTimeout property.
#29741
Posted: 06/10/2014 03:34:57
by Jochem Burger (Priority Standard support level)
Joined: 02/18/2014
Posts: 6

Hi Vsevolod,

I've tried your solution, increasing the timeout time to 60 seconds, but it still crashes throwing the same exception.
While debugging I've seen that in a Windows Phone 7 device it calls OnBeforeCRLRetrieverUse and then almost inmediatly OnCRLError (and the exception is thrown). However if I try it in a Windows Phone 8 device, it works fine, that is it calls OnBeforeCRLRetrieverUse and then OnCRLRetrieved and of course no exception.

Could it be a bug in the Library? It only happens in windows phone 7 devices, but we need to support both.

Thanks again.
#29742
Posted: 06/10/2014 03:46:47
by Vsevolod Ievgiienko (EldoS Corp.)

Is code for both targets the same? Its possible that you didn't initialize CRL retrievers for Windows Phone 7.
#29743
Posted: 06/10/2014 04:08:30
by Jochem Burger (Priority Standard support level)
Joined: 02/18/2014
Posts: 6

Yes the code is the same for both platforms
#29744
Posted: 06/10/2014 04:35:07
by Ken Ivanov (EldoS Corp.)

Hi Jochem,

The problem apparently has connectivity-related roots. Could you please check if your Windows 7 device can actually make HTTP requests to the outer world? Just create an instance of TElHTTPSClient in your code and check if Get() to some 'www.google.com' works out. Knowing the outcome of that we could decide on the direction of the investigation.

Ken
#29745
Posted: 06/10/2014 04:36:55
by Eugene Mayevski (EldoS Corp.)

To answer your question about a "bug" - there can be no "bug" as such because the compiled code is the same. There's something specific to WP7.

Let's try to re-check your requirements. What is the exact version of WP7 that you use - is it 7.0, 7.1/7.5, 7.8 ?


Sincerely yours
Eugene Mayevski
#29746
Posted: 06/10/2014 04:37:30
by Ken Ivanov (EldoS Corp.)

And a quick follow-up question - where exactly does the CRL in problem reside? Is it a web or a LDAP responder; if it's the former, is that an HTTP or HTTPS resource?
#29747
Posted: 06/10/2014 04:49:42
by Jochem Burger (Priority Standard support level)
Joined: 02/18/2014
Posts: 6

Thanks for all your help.

I've tried in 5-6 different devices with all WP7 versions from 7.0 to 7.8.
If I do a get request to google, as suggested above, I have no problems with it.
I's a HTTPS resource.

If I disable the CRL check, then it works just fine. In WP8 also works fine in different devices.
#29748
Posted: 06/10/2014 07:25:19
by Ken Ivanov (EldoS Corp.)

Thank you for the details. Could you catch a call stack of the exception for us please?
Also by EldoS: CallbackDisk
Create virtual disks backed by memory or custom location, expose disk images as disks and more.

Reply

Statistics

Topic viewed 1734 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!