TElCustomCertStorage.Validate method

Navigation

TElCustomCertStorage.Validate

Validate given certificate

Declaration

[C#]
TSBCertificateValidity Validate(TElX509Certificate Certificate, ref TSBCertificateValidityReason Reason, DateTime ValidityMoment /*= 0*/);
TSBCertificateValidity Validate(TElX509Certificate Certificate, ref TSBCertificateValidityReason Reason, bool CheckCACertDates, DateTime ValidityMoment /*= 0*/);

[VB.NET]
Function Validate(ByVal Certificate As TElX509Certificate, ByRef Reason As TSBCertificateValidityReason, ByVal ValidityMoment As DateTime) As TSBCertificateValidity
Function Validate(ByVal Certificate As TElX509Certificate, ByRef Reason As TSBCertificateValidityReason, ByVal CheckCACertDates As Boolean, ByVal ValidityMoment As DateTime) As TSBCertificateValidity

[Pascal]
function Validate(Certificate : TElX509Certificate; var Reason : TSBCertificateValidityReason; ValidityMoment : TDateTime = 0) : TSBCertificateValidity;
function Validate(Certificate : TElX509Certificate; var Reason : TSBCertificateValidityReason; CheckCACertDates : boolean; ValidityMoment : TDateTime = 0) : TSBCertificateValidity;

[VB6]
Sub IElCustomCertStorageX.Validate(Certificate As IElCertificateX, Validity As TxSBCertificateValidity, Reason As TxSBCertificateValidityReason)

[ActiveX]
HRESULT _stdcall IElCustomCertStorageX.Validate([in] IElCertificateX * Certificate, [out] TxSBCertificateValidity * Validity, [out] TxSBCertificateValidityReason * Reason);

[DLL]
not applicable;

Parameters

Certificate - Certificate object, initialized by LoadFromBuffer method
Validity - (out) certificate validity
Reason - (out) certificate validity parameters.
ValidityMoment - Time to check validity period against. Default value of 0 means "check current moment"
CheckCACertDates - When this parameter is False, time specified in ValidityMoment is checked against validity period of the certificate being validated only.
When CheckCACertDates is True, validity periods of all certificates in the chain are questioned.
Default value is False.

Values

[.NET] [Pascal] [ActiveX] [DLL] Description

SBX509.Unit.vrBadData=1 vrBadData SB_CERT_VALIDITY_REASON_BAD_DATA = 1 Invalid certificate format or certificate is corrupted

SBX509.Unit.vrRevoked=2 vrRevoked SB_CERT_VALIDITY_REASON_REVOKED = 2 Certificate is revoked by Issuer

SBX509.Unit.vrNotYetValid=4 vrNotYetValid SB_CERT_VALIDITY_REASON_NOT_YET_VALID = 4 Certificate is not valid yet

SBX509.Unit.vrExpired=8 vrExpired SB_CERT_VALIDITY_REASON_EXPIRED = 8 Certificate is expired

SBX509.Unit.vrInvalidSignature=16 vrInvalidSignature SB_CERT_VALIDITY_REASON_INVALID_SIGNATURE = 16 Certificate contains invalid digital signature, it could be corrupted

SBX509.Unit.vrUnknownCA=32 vrUnknownCA SB_CERT_VALIDITY_REASON_UNKNOWN_CA = 32 Issuer (CA) certificate was not found.

SBX509.Unit.vrCAUnauthorized=64 vrCAUnauthorized SB_CERT_VALIDITY_REASON_CA_UNAUTHORIZED = 64 Issuer (CA) certificate was found but it's key usage fields don't allow use of this certificate for signing other certificates.

SBX509.Unit.vrCRLNotVerified=128 vrCRLNotVerified SB_CERT_VALIDITY_REASON_CRL_NOT_VERIFIED = 128 Certificate Revocation List for this certificate could not be retrieved and/or validated.

SBX509.Unit.vrOCSPNotVerified=256 vrOCSPNotVerified SB_CERT_VALIDITY_REASON_OCSP_NOT_VERIFIED = 256 OCSP response for this certificate could not be retrieved and/or validated.

SBX509.Unit.vrIdentityMismatch=512 vrIdentityMismatch SB_CERT_VALIDITY_REASON_IDENTITY_MISMATCH = 512 Provided certificate doesn't include the specified name and / or IP address. Either the remote side in TLS or sender in S/MIME is misconfigured, or the certificate is misused by the remote side or sender, or authenticity of the remote side or sender is forged.

SBX509.Unit.vrNoKeyUsage=1024 vrNoKeyUsage SB_CERT_VALIDITY_REASON_NO_KEY_USAGE = 1024 Provided certificate may not be used for chosen activity (identifying TLS server or client or S/MIME message sender)

SBX509.Unit.vrBlocked=2048 vrBlocked SB_CERT_VALIDITY_REASON_BLOCKED = 2048 Provided certificate has been found in the list of blocked certificates

Declared in

[.NET] [Pascal]

Namespace: SBX509
Assembly: SecureBlackbox Unit: SBX509

Return value

[.NET] [Pascal] [ActiveX] [DLL] Description

cvOk = 0 cvOk SB_CERT_VALIDITY_OK = 1 certificate was validated successfully and is valid

cvSelfSigned = 1 cvSelfSigned SB_CERT_VALIDITY_SELF_SIGNED = 2 certificate is self signed

cvInvalid = 2 cvInvalid SB_CERT_VALIDITY_INVALID = 4 certificate is invalid

cvStorageError = 3 cvStorageError SB_CERT_VALIDITY_STORAGE_ERROR = 8 certificate was not validated due to certificate storage error

cvChainUnvalidated = 4 cvChainUnvalidated SB_CERT_VALIDITY_CHAIN_UNVALIDATED = 16 certificate chain was not validated because while the certificate itself is valid, one or more of CA Certificates in the chain have validation problems.

Declared in

[.NET] [Pascal]

Namespace: SBX509
Assembly: SecureBlackbox Unit: SBX509

Description

This method uses CRL property for certificate validation when this property is specified.
Do not use this method directly. Use the same method of the derived classes TElWinCertStorage, TElMemoryCertStorage and TElFileCertStorage .