EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Verifying a CMS timestamp with TElMessageVerifier

Also by EldoS: Solid File System
A virtual file system that offers a feature-rich storage for application documents and data with built-in compression and encryption.
Posted: 03/19/2013 05:45:04
by Vsevolod Ievgiienko (EldoS Corp.)

There is a property .IgnoreBadSignature which defaults to true. Should I set that to false before calling .ParseCMS ?

This property triggers TSP server certificate validation if its set to 'false'.

Certificate validation of TElClientTSPInfo.Certificates probably works...

This property is used to retrieve certificates received from server. Note, that certificates are present only if they were requested using TSPClient.IncludeCertificates.
Posted: 03/19/2013 06:48:50
by Frank Munsberg (Standard support level)
Joined: 06/04/2009
Posts: 47

OK, I tried setting the .IgnoreBadSignatures to false and ParseCMS still worked.
All of the timestamps do have certificates inside. This is most likely specified in our national "SigG" signature law.

For validation I'll have a look at the TElX509CertificateValidator later but being able to check the hashes on the fly is one big step forward already.
Without SBB the process was really really cumbersome.



Topic viewed 2119 times

Number of guests: 1, registered members: 0, in total hidden: 0


Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!