TElOCSPServer.OnCertificateCheck event

Navigation

TElOCSPServer.OnCertificateCheck

This event is fired when certificate status must be checked.

Declaration

[C#]
    event TElCertificateOCSPCheckEvent OnCertificateCheck;
    delegate void TElCertificateOCSPCheckEvent(object Sender, byte[] HashAlgOID, byte[] IssuerNameHash, byte[] IssuerKeyHash, byte[] CertificateSerial, ref TElOCSPCertificateStatus CertStatus, ref TSBCRLReasonFlag Reason, ref DateTime RevocationTime, ref DateTime ThisUpdate, ref DateTime NextUpdate)

    TElOCSPCertificateStatus = short;
    TSBCRLReasonFlag = int;

[VB.NET]
    Event OnCertificateCheck As TElCertificateOCSPCheckEvent
    Delegate Sub TElCertificateOCSPCheckEvent(ByVal Sender As Object, ByVal HashAlgOID As Byte(), ByVal IssuerNameHash As Byte(), ByVal IssuerKeyHash As Byte(), ByVal CertificateSerial As Byte(), ByRef CertStatus As TElOCSPCertificateStatus, ByRef Reason As TSBCRLReasonFlag, ByRef RevocationTime As DateTime, ByRef ThisUpdate As DateTime, ByRef NextUpdate As DateTime)

    TElOCSPCertificateStatus As short;
    TSBCRLReasonFlag As Integer;

[Pascal]
property OnCertificateCheck : TElCertificateOCSPCheckEvent;
TElCertificateOCSPCheckEvent = procedure( Sender : TObject; HashAlgOID : ByteArray; IssuerNameHash : ByteArray; IssuerKeyHash : ByteArray; CertificateSerial : ByteArray; var CertStatus : TElOCSPCertificateStatus; var Reason : TSBCRLReasonFlag; var RevocationTime, ThisUpdate, NextUpdate : TDateTime) of object;

[VB6]
not implemented;

[ActiveX]
not implemented;

[DLL]
not implemented;

Parameters

HashAlgOID - OID of the hash algorithm, used to create IssuerNameHash and IssuerKeyHash
IssuerNameHash - hash of the IssuerName field of the certificate, being verified
IssuerKeyHash - hash of the public key of the certificate, which was used to sign the certificate being verified
CertificateSerial - serial of the certificate being verified
CertStatus - certificate status
Reason - reason of certificate revocation
RevocationTime - time when the certificate was revoked
ThisUpdate - time of the current status update
NextUpdate - time of the next status update

Possible values of certificate status:

[.NET] [Pascal] Description

csGood = 0 csGood Indicates a positive response to the status inquiry. At a minimum, this positive response indicates that the certificate is not revoked, but does not necessarily mean that the certificate was ever issued or that the time at which the response was produced is within the certificate's validity interval.

csRevoked = 1 csRevoked Indicates that the certificate has been revoked (either permanantly or temporarily (on hold))

csUnknown = 2 csUnknown Indicates that the responder doesn't know about the certificate being requested.

Declared in

[.NET] [Pascal]

Namespace: SBOCSPCommon
Assembly: SecureBlackbox Unit: SBOCSPCommon

Possible values of CRL reason flags:

[.NET] [Pascal] [ActiveX] Value

rfUnspecified SB_RF_UNSPECIFIED 1 (0x01)

rfKeyCompromise SB_RF_KEY_COMPROMISE 2 (0x02)

rfCACompromise SB_RF_CA_COMPROMISE 4 (0x04)

rfAffiliationChanged SB_RF_AFFILIATION_CHANGED 8 (0x08)

rfSuperseded SB_RF_SUPERSEDED 16 (0x16)

rfCessationOfOperation SB_RF_CESSATION_OF_OPERATION 32 (0x20)

rfCertificateHold SB_RF_CERTIFICATE_HOLD 64 (0x40)

rfObsolete1 SB_RF_OBSOLETE1 128 (0x80)

rfRemoveFromCRL SB_RF_REMOVEFROMCRL 256 (0x100)

rfPrivilegeWithdrawn SB_RF_PRIVILEGE_WITHDRAWN 512 (0x200)

rfAACompromize SB_RF_AACOMPROMIZE 1024 (0x400)

Declared in

[.NET] [Pascal]

Namespace: SBX509Ext
Assembly: SecureBlackbox Unit: SBX509Ext

Description

This event is fired for each certificate from the request. In response to this event you need to provide certificate status and other parameters necessary for the OCSP response.