Devart Forums

Discussion forums for open issues and questions concerning database tools, data access components and developer tools from Devart
https://forums.devart.com/

X509 certificate problems

https://forums.devart.com/viewtopic.php?f=27&t=34338

Page 1 of 1

X509 certificate problems

Posted: Sat 24 Sep 2016 18:26
by w1ngnut
Hi,

I think there is something broken when it comes to decoding X509 certificates with sbridge in C++.
I can't pull the values for KeyUsage from the certificate.
I've tried to get the KeyUsage like this...

Code: Select all

TScCertKeyUsageExtension *ux = new TScCertKeyUsageExtension(ext->Oid->Value,false,ext->RawData);  
TTypeInfo *ti = __delphirtti(TScKeyUsageFlag);
TScKeyUsageFlag *flag = new TScKeyUsageFlag();
for(int I = GetTypeData(ti)->MinValue; I <= GetTypeData(ti)->MaxValue; I++)
   {
    if(ux->KeyUsages.Contains(flag[I]))  // << gets to here but always evaluates false?
	{
	dText = dText + GetEnumName(ti,I);  // this works when the if statement is negated
	}
}
Am I missing something here?
ux->KeyUsages is returning 0 so it will never evaluate as true???
The help is no help whatsoever and I've had to read through the source files to find out what is going on...
Obtuse and terse are understatements when it comes to the help - and NO support for C++?
Unimpressed as always!
CBuilder XE4 - SB 6.3.5

Re: X509 certificate problems

Posted: Thu 29 Sep 2016 12:59
by ViktorV
This behavior is related to C++ Builder specificity, not to SecureBridge. We will try to avoid this restriction in one of the next SecureBridge releases.

Re: X509 certificate problems

Posted: Fri 30 Sep 2016 11:23
by w1ngnut
This behavior is related to C++ Builder specificity, not to SecureBridge. We will try to avoid this restriction in one of the next SecureBridge releases.
So much for the claim of C++ support in the advertising and not much use to me if I have to use another library just to be able to parse X509 certificates.

I'll find an alternate solution.

Re: X509 certificate problems

Posted: Tue 04 Oct 2016 09:51
by ViktorV
Thank you for being interested in our products.
We will continue investigation of the behavior of SecureBridge and inform you as soon as we get any results, but we can't tell any timeframe at the moment.

Re: X509 certificate problems

Posted: Tue 04 Oct 2016 16:50
by w1ngnut
Typical.....

But another question - why does the SSHClient require a username to be entered before it will connect?
I would have expected to be prompted to accept the server key before the need for a username to be entered not as soon as I try to connect?
Is this another bug or something wrong with the C++ implementation?

Re: X509 certificate problems

Posted: Wed 05 Oct 2016 14:20
by ViktorV
If you mean setting the TScSSHClient.User property, then post to server and username check occur exclusively after server key check and confirmation, and not on setting the property.
If you mean anything else, please provide more details on your question.

Re: X509 certificate problems

Posted: Wed 23 Nov 2016 15:03
by ViktorV
The new build of SecureBridge 7.2.3 where we improved SecureBridge work for C++ Builder is already available for download.
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/