CertExtensionValue Property

The raw value of this certificate extension.

Syntax

ANSI (Cross Platform)
int GetCertExtensionValue(int iCertExtensionIndex, char* &lpCertExtensionValue, int &lenCertExtensionValue);

Unicode (Windows)
INT GetCertExtensionValue(INT iCertExtensionIndex, LPSTR &lpCertExtensionValue, INT &lenCertExtensionValue);
- (NSString*)certExtensionValue:(int)certExtensionIndex;

- (NSData*)certExtensionValueB:(int)certExtensionIndex;
#define PID_CERTMGR_CERTEXTENSIONVALUE 27

IPWORKSSFTP_EXTERNAL void* IPWORKSSFTP_CALL IPWorksSFTP_CertMgr_Get(void *lpObj, int propid, int arridx, int *lpcbVal, int64 *lpllVal);

IPWORKSSFTP_EXTERNAL int IPWORKSSFTP_CALL IPWorksSFTP_CertMgr_CheckIndex(void *lpObj, int propid, int arridx);

Default Value

""

Remarks

The raw value of this certificate extension. This value is encoded according to the extension's ASN.1 specification and should contain everything following the OID. Below is an example for clarity.

The example will

  • Add a sequence of basicConstraints indicating the holder of this certificate may not act as a CA.
  • Add a sequence of cRLDistributionPoints for where to get CRLs.

Certmgr mgr = new Certmgr();
mgr.Cert = new Certificate(CertStoreTypes.cstPFXFile, @"C:\signingcert.pfx", "password", "*");
mgr.CertExtensions.Clear();
mgr.Config("CertUsageFlags=0xA0"); //Key Encryption and Digital Signatures
mgr.Config("CertExtendedKeyUsage=1.3.6.1.5.5.7.3.1,1.3.6.1.5.5.7.3.2"); //Server and Client authentication (respectively)
mgr.Config("CertValidityTime=10000");

Netcode nc = new Netcode();
nc.Format = NetcodeFormats.fmtHex;

// Set basicConstraints to be an end-entity.
// Below is the hex-encoded value broken down.
// 30     // Tag = sequence
// 03     // Length
//   01   // Tag = boolean
//   01   // Length
//     00 // False (not a CA)

// Convert hex string to byte[]
nc.EncodedData = "3003010100";
nc.Decode();

string oid = "2.5.29.19"; // basicConstraints
byte[] value = nc.DecodedDataB;
bool critical = false;
CertExtension basicConstraints = new CertExtension(oid, value, critical);
mgr.CertExtensions.Add(basicConstraints);

// Add one point: http://www.nsoftware.com/dummy/MyCA.crl
// Below is the hex-encoded value broken down.
// 30                    // Tag = sequence
// 2F                    // Length
//   30                  // Tag = DistributionPoint
//   2D                  // Length
//     A0                // Tag = DistributionPointName
//     2B                // Length
//       A0              // Tag = GeneralNames
//       29              // Length
//         86            // Tag = GeneralName
//         27            // Length
//           687474703A2F2F7777772E6E736F6674776172652E636F6D2F64756D6D792F4D7943412E63726C // URL

// Convert hex string to byte[]
nc.EncodedData = "302F302DA02BA0298627687474703A2F2F7777772E6E736F6674776172652E636F6D2F64756D6D792F4D7943412E63726C";
nc.Decode();

oid = "2.5.29.31"; // cRLDistributionPoints
value = nc.DecodedDataB;
critical = false;
CertExtension crlDistributionPoints = new CertExtension(oid, value, critical);
mgr.CertExtensions.Add(crlDistributionPoints);

mgr.IssueCertificate("CN=www.petsbymatilda.com", 123);
Console.WriteLine(mgr.Cert.Encoded);

The CertExtensionIndex parameter specifies the index of the item in the array. The size of the array is controlled by the CertExtensionCount property.

This property is read-only and not available at design time.

Data Type

Binary String

Copyright (c) 2022 /n software inc. - All rights reserved.
IPWorks SFTP 2020 C++ Edition - Version 20.0 [Build 8162]