EldoS | Feel safer!

Software components for data protection, secure storage and transfer

XAdESVerifier.AddCompleteRevocationRefs

Also by EldoS: BizCrypto
Components for BizTalk® and SQL Server® Integration Services that let you securely store and transfer information in your business automation solutions.
#25430
Posted: 06/25/2013 05:16:12
by Kees de Wit (Standard support level)
Joined: 06/13/2013
Posts: 17

Hello,

I want to use the XAdESVerifier.AddCompleteRevocationRefs() method in .NET to add the revocation refs to my XAdES signature.

Do you have an example of how I create and fill the CRL storage and the array of OCSP responses. I can't find any example of it. Thanks in advance.
#25431
Posted: 06/25/2013 05:25:12
by Vsevolod Ievgiienko (EldoS Corp.)

Thank you for contacting us.

This can be done next way:

Code
TElCertificateRevocationList crl1 = new TElCertificateRevocationList(); // a single CRL
crl1.LoadFromStream(...); // e.g. can be loaded from a stream

TElMemoryCRLStorage crls = new TElMemoryCRLStorage();
crls.Add(crl1);
...

TElOCSPResponse ocsp = new TElOCSPResponse(); // a single OCSP response
ocsp.Load(...); // e.g. can be loaded from a buffer

ArrayList ocsps = new ArrayList();
ocsps.Add(ocsp1);
...

TElXAdESVerifier xades = new TElXAdESVerifier();
xades.AddCompleteRevocationRefs(crls, ocsps);
...
#25435
Posted: 06/25/2013 06:07:00
by Dmytro Bogatskyy (EldoS Corp.)

Please take a look at Samples\C#\XMLBlackbox\AdvancedSigner sample.
#25437
Posted: 06/25/2013 06:16:15
by Kees de Wit (Standard support level)
Joined: 06/13/2013
Posts: 17

Quote
Dmytro Bogatskyy wrote:
Please take a look at Samples\C#\XMLBlackbox\AdvancedSigner sample.


Yes I already saw that, but the thing is, there are two options:

Code
if (XAdESUpgradeOptionsForm.Instance.InsertCompleteValidationData)
{
    XAdESVerifier.AddCompleteCertificateRefs(CustomValidationDataForm.Instance.Certificates);
    XAdESVerifier.AddCompleteRevocationRefs(CustomValidationDataForm.Instance.CRLs, CustomValidationDataForm.Instance.OCSPResponses);
}
else
{
    CertificateValidatorLogForm.Instance.ClearLog();
    XAdESVerifier.OnBeforeCertificateValidate -= new TSBXAdESBeforeCertificateValidateEvent(HandleBeforeCertificateValidate);
    XAdESVerifier.OnBeforeCertificateValidate += new TSBXAdESBeforeCertificateValidateEvent(HandleBeforeCertificateValidate);

    TSBXAdESValidity Validity = XAdESVerifier.AddValidationDataRefs();
    if ((Validity != TSBXAdESValidity.xsvValid) && !XAdESVerifier.IgnoreChainValidationErrors)
    {
        if (MessageBox.Show("Failed to add validation data references\r\nShow detailed log?", "", MessageBoxButtons.YesNo, MessageBoxIcon.Error) == DialogResult.Yes)
CertificateValidatorLogForm.Instance.ShowDialog();

        break;
    }
}


What is the difference between "AddCompleteCertificateRefs()/AddCompleteRevocationRefs()" and "AddValidationDataRefs()" ?

How to obtain the CRL and OCSP for an instance of TElX509Certificate?
#25440
Posted: 06/25/2013 06:38:48
by Dmytro Bogatskyy (EldoS Corp.)

AddValidationDataRefs method automatically collects revocation info and internally call AddCompleteCertificateRefs method for collected certificates and AddCompleteRevocationRefs method for collected CRLs and OCSP responses
Also by EldoS: CallbackDisk
Create virtual disks backed by memory or custom location, expose disk images as disks and more.

Reply

Statistics

Topic viewed 878 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!