EldoS | Feel safer!

Software components for data protection, secure storage and transfer

TElPDFPublicKeySecurityHandler get signer certificate

Also by EldoS: Solid File System
A virtual file system that offers a feature-rich storage for application documents and data with built-in compression and encryption.
#22326
Posted: 11/02/2012 04:15:44
by Adi Vasi (Basic support level)
Joined: 09/27/2012
Posts: 19

Hi all,

I want to extract the signer certificate from a PDF signature.I tried to use a TElPDFPublicKeySecurityHandler object but how can I know what is the signer certificate from the Certificates attribute of TElPDFPublicKeySecurityHandler object?

here is the sample

Code
TElPDFPublicKeySecurityHandler han = (TElPDFPublicKeySecurityHandler)sig.Handler;
TElX509Certificate Cert=han.Certificates.get_Certificates(what index?);//!!!


Thanks,
Vasi.
#22327
Posted: 11/02/2012 04:26:01
by Vsevolod Ievgiienko (Team)

Thank you for contacting us.

TElPDFPublicKeySecurityHandler.CertIDs can be used to get identifiers of certificates which were used to sign the document: http://www.eldos.com/documentation/sb...rtids.html

You can find corresponding certificate using <Issuer, SerialNumber> pair retrieved by this property.
#22328
Posted: 11/02/2012 04:28:03
by Ken Ivanov (Team)

Vasi,

1) Get signer's certificate ID via GetCertIDs()/CertIDCount properties;

2) Use TElCertificateLookup object to perform a search over the contents of the Certificates storage using Issuer and SerialNumber properties of the certificate identifier as criteria.
#22329
Posted: 11/02/2012 05:29:23
by Adi Vasi (Basic support level)
Joined: 09/27/2012
Posts: 19

Hi,
Thanks for your answers.But how can I know what is the signer certificate?

the sample code:
Code
for (j = 0; j < han.CertIDCount; j++)
{

CertID = han.get_CertIDs(j);

Lookup.Criteria = 0;
Lookup.Options = 0;

if (CertID.IssuerType == TSBPKCS7IssuerType.itSubjectKeyIdentifier)
{
                     Lookup.SubjectKeyIdentifier = CertID.SubjectKeyIdentifier;
Lookup.Criteria = SBCustomCertStorage.Unit.lcSubjectKeyIdentifier;
}
else
{
                     Lookup.IssuerRDN.Assign(CertID.Issuer);
Lookup.SerialNumber = CertID.SerialNumber;
Lookup.Criteria = SBCustomCertStorage.Unit.lcIssuer | SBCustomCertStorage.Unit.lcSerialNumber;
}
idx = han.Certificates.FindFirst(Lookup);
if (idx != -1)
TElX509Certificate cert = han.Certificates.get_Certificates(idx);
///when to stop???
}


Thanks.
#22330
Posted: 11/02/2012 05:42:02
by Ken Ivanov (Team)

GetCertIDs() only returns the signing certificate, it doesn't contain references to any other certificates.
#22332
Posted: 11/02/2012 08:15:47
by Adi Vasi (Basic support level)
Joined: 09/27/2012
Posts: 19

Hi,

Thanks for the answer.
I have a problem: han.CertIDCount return 0.I've looked in the sample examples, in ...\SecureBlackbox.NET\Samples\C#\PDFBlackbox\Signer project. I've signed a pdf file usin this sample project and it seems that the handler.CertIDCount of the signature is also 0. and hadler.Certificate contains 1 certificate, the signer certificate.Can CertID be set?

sample code:

Code
if (han.CertIDCount > 0)
   TElPKCS7Issuer CertID = han.get_CertIDs(0);
else...


Thanks,
Vasi.
#22333
Posted: 11/02/2012 08:30:15
by Ken Ivanov (Team)

CertIDs property is only populated after a signature has been validated - so please validate the signature before checking this property.
#22334
Posted: 11/02/2012 09:35:13
by Adi Vasi (Basic support level)
Joined: 09/27/2012
Posts: 19

Hi,

Thanks for the answer.

All the best,
Vasi
Also by EldoS: CallbackFilter
A component to monitor and control disk activity, track file and directory operations (create, read, write, rename etc.), alter file data, encrypt files, create virtual files.

Reply

Statistics

Topic viewed 1212 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS business operates as a division of /n software, inc. For more information, please read the announcement.

Got it!