EldoS | Feel safer!

Software components for data protection, secure storage and transfer

How to create a detached PAdES LTV Signature

Posted: 07/13/2011 11:20:54
by Ken Ivanov (Team)

You have to perform several checks to establish the validity of the signature:

1) Check the correctness of the TSA's digital signature. This can be done with TElSignedCMSMessage and TElX509CertificateValidator classes. This step ensures you that the timestamp information (namely, the hash of the document and the time token itself) has not been tampered with, and that the certificate of the TSA was valid at the moment of signing. Load the timestamp into TElSignedCMSMessage object (do not pass any data for now, as the data that is validated on this step is included to the signature BLOB), then set up the properties of the relevant TElCMSSignature object, and call its Validate() method.

2) Check that the hash carried in the timestamp corresponds to the timestamped document. Load the signature into TElClientTSPInfo object and check that its HashAlgorithm and HashedData properties correspond to the actual digest of the document to be validated.
Posted: 07/14/2011 02:43:23
by Milan Kovarik (Basic support level)
Joined: 07/13/2011
Posts: 9

Thank you for helping me to solve it all




Topic viewed 4420 times

Number of guests: 1, registered members: 0, in total hidden: 0


Back to top

As of July 15, 2016 EldoS business operates as a division of /n software, inc. For more information, please read the announcement.

Got it!