EldoS | Feel safer!

Software components for data protection, secure storage and transfer


Posted: 06/25/2013 05:16:12
by Kees de Wit (Standard support level)
Joined: 06/13/2013
Posts: 17


I want to use the XAdESVerifier.AddCompleteRevocationRefs() method in .NET to add the revocation refs to my XAdES signature.

Do you have an example of how I create and fill the CRL storage and the array of OCSP responses. I can't find any example of it. Thanks in advance.
Posted: 06/25/2013 05:25:12
by Vsevolod Ievgiienko (Team)

Thank you for contacting us.

This can be done next way:

TElCertificateRevocationList crl1 = new TElCertificateRevocationList(); // a single CRL
crl1.LoadFromStream(...); // e.g. can be loaded from a stream

TElMemoryCRLStorage crls = new TElMemoryCRLStorage();

TElOCSPResponse ocsp = new TElOCSPResponse(); // a single OCSP response
ocsp.Load(...); // e.g. can be loaded from a buffer

ArrayList ocsps = new ArrayList();

TElXAdESVerifier xades = new TElXAdESVerifier();
xades.AddCompleteRevocationRefs(crls, ocsps);
Posted: 06/25/2013 06:07:00
by Dmytro Bogatskyy (Team)

Please take a look at Samples\C#\XMLBlackbox\AdvancedSigner sample.
Posted: 06/25/2013 06:16:15
by Kees de Wit (Standard support level)
Joined: 06/13/2013
Posts: 17

Dmytro Bogatskyy wrote:
Please take a look at Samples\C#\XMLBlackbox\AdvancedSigner sample.

Yes I already saw that, but the thing is, there are two options:

if (XAdESUpgradeOptionsForm.Instance.InsertCompleteValidationData)
    XAdESVerifier.AddCompleteRevocationRefs(CustomValidationDataForm.Instance.CRLs, CustomValidationDataForm.Instance.OCSPResponses);
    XAdESVerifier.OnBeforeCertificateValidate -= new TSBXAdESBeforeCertificateValidateEvent(HandleBeforeCertificateValidate);
    XAdESVerifier.OnBeforeCertificateValidate += new TSBXAdESBeforeCertificateValidateEvent(HandleBeforeCertificateValidate);

    TSBXAdESValidity Validity = XAdESVerifier.AddValidationDataRefs();
    if ((Validity != TSBXAdESValidity.xsvValid) && !XAdESVerifier.IgnoreChainValidationErrors)
        if (MessageBox.Show("Failed to add validation data references\r\nShow detailed log?", "", MessageBoxButtons.YesNo, MessageBoxIcon.Error) == DialogResult.Yes)


What is the difference between "AddCompleteCertificateRefs()/AddCompleteRevocationRefs()" and "AddValidationDataRefs()" ?

How to obtain the CRL and OCSP for an instance of TElX509Certificate?
Posted: 06/25/2013 06:38:48
by Dmytro Bogatskyy (Team)

AddValidationDataRefs method automatically collects revocation info and internally call AddCompleteCertificateRefs method for collected certificates and AddCompleteRevocationRefs method for collected CRLs and OCSP responses



Topic viewed 988 times

Number of guests: 1, registered members: 0, in total hidden: 0


Back to top

As of July 15, 2016 EldoS business operates as a division of /n software, inc. For more information, please read the announcement.

Got it!