EldoS | Feel safer!

Software components for data protection, secure storage and transfer

How to create a detached PAdES LTV Signature

Also by EldoS: CallbackProcess
A component to control process creation and termination in Windows and .NET applications.
Posted: 07/13/2011 11:20:54
by Ken Ivanov (EldoS Corp.)

You have to perform several checks to establish the validity of the signature:

1) Check the correctness of the TSA's digital signature. This can be done with TElSignedCMSMessage and TElX509CertificateValidator classes. This step ensures you that the timestamp information (namely, the hash of the document and the time token itself) has not been tampered with, and that the certificate of the TSA was valid at the moment of signing. Load the timestamp into TElSignedCMSMessage object (do not pass any data for now, as the data that is validated on this step is included to the signature BLOB), then set up the properties of the relevant TElCMSSignature object, and call its Validate() method.

2) Check that the hash carried in the timestamp corresponds to the timestamped document. Load the signature into TElClientTSPInfo object and check that its HashAlgorithm and HashedData properties correspond to the actual digest of the document to be validated.
Posted: 07/14/2011 02:43:23
by Milan Kovarik (Basic support level)
Joined: 07/13/2011
Posts: 9

Thank you for helping me to solve it all




Topic viewed 4016 times

Number of guests: 1, registered members: 0, in total hidden: 0


Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!