Re: How to get KeyUsage field given .NET X509Certificate instance?
From: Michel Gallant (neutron_at_istar.ca)
Date: 07/29/03
- Next message: Shel Blauman [MSFT]: "Re: System.Security.Principal.WindowsImpersonation"
- Previous message: Joe Kaplan \(MVP - ADSI\): "Re: How to get KeyUsage field given .NET X509Certificate instance?"
- In reply to: Joe Kaplan \(MVP - ADSI\): "Re: How to get KeyUsage field given .NET X509Certificate instance?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 29 Jul 2003 13:44:03 -0400
Note however that the KeyUsage extension (OID 2.5.29.15) seems to
rarely used in *issued* certs. It is commonly found in CA root certs however.
It is more common to find ExtendedKeyUsage (OID 2.5.29.37) extension in issued certs
(Personal, Code-signing etc..).
A quick way to learn hands-on about the various extensions is to run
the excellent CAPICOM 2 vbs samples (also the .NET storesh.cs sample is very cool!).
- Mitch
"Joe Kaplan (MVP - ADSI)" <joseph.e.kaplan@removethis.accenture.com> wrote in message
news:%23YH19ieVDHA.572@TK2MSFTNGP11.phx.gbl...
> Thanks a lot. You guys rock.
>
> Joe K.
>
> "Michel Gallant" <neutron@istar.ca> wrote in message
> news:e4YfFgdVDHA.3088@tk2msftngp13.phx.gbl...
> > Hi Joe,
> >
> > CAPICOM has some utilities methods. Here is a simple
> > script approach, which first converts a byte array (body) to
> > a BSTR and then you can proceed. Similar approaches work
> > for .NET
> > - Mitch Gallant
> >
> > -------------
> > set oUtils = CreateObject("CAPICOM.Utilities")
> > set oCert = CreateObject("CAPICOM.Certificate")
> > ... get byte array 'body' from somewhere
> > certStr = oUtils.ByteArrayToBinaryString(body)
> > oCert.Import(certStr)
> > oCert.Display()
> > ---------------
> >
> > "Joe Kaplan (MVP - ADSI)" <joseph.e.kaplan@removethis.accenture.com> wrote
> in message
> > news:%23GwG2hZVDHA.3376@tk2msftngp13.phx.gbl...
> > > Thanks. Import looks promising, but it takes a string and it isn't
> clear to
> > > me what format that should be from the documentation. Base64? Pretty
> > > vague...
> > >
> > >
> >
>
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/security/security/certificate_import.asp?frame=true
> > >
> > > I'll check out your library as it sounds very promising.
> > >
> > > Joe K.
> > >
> > > "Pieter Philippaerts" <Pieter@nospam.mentalis.org> wrote in message
> > > news:%23Hy8xQVVDHA.3376@tk2msftngp13.phx.gbl...
> > > > "Joe Kaplan (MVP - ADSI)" <joseph.e.kaplan@removethis.accenture.com>
> wrote
> > > > > I'm trying to figure out a good way to get key usage information
> > > > > (such as what is returned from the CAPICOM KeyUsage
> > > > > object) if I have an instance of a .NET X509Certificate class.
> > > >
> > > > The .NET X509Certificate class does not have too many options, so you
> > > might
> > > > want to consider switching to some other library that offers more
> options.
> > > > CAPICOM is one choice, but for a non-COM way check out the Certificate
> > > > Services library at
> http://www.mentalis.org/soft/projects/certificates/ It
> > > > has a Certificate class that works like the .NET X509Certificate class
> but
> > > > it has more options, including a method called GetIntendedKeyUsage
> that
> > > > returns what you're looking for.
> > > >
> > > > > I guess I'm not sure how to instantiate a CAPICOM Certificate
> > > > > object given a byte[]. Any ideas?
> > > >
> > > > Have you looked at Certificate.Import ?
> > > >
> > > > Regards,
> > > > Pieter Philippaerts
> > > > Managed SSL/TLS: http://www.mentalis.org/go.php?sl
> > > >
> > > >
> > >
> > >
> >
> >
>
>
- Next message: Shel Blauman [MSFT]: "Re: System.Security.Principal.WindowsImpersonation"
- Previous message: Joe Kaplan \(MVP - ADSI\): "Re: How to get KeyUsage field given .NET X509Certificate instance?"
- In reply to: Joe Kaplan \(MVP - ADSI\): "Re: How to get KeyUsage field given .NET X509Certificate instance?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
