EldoS | Feel safer!

Software components for data protection, secure storage and transfer

XAdESVerifier.AddCompleteRevocationRefs

Also by EldoS: Solid File System
A virtual file system that offers a feature-rich storage for application documents and data with built-in compression and encryption.
#25430
Posted: 06/25/2013 05:16:12
by Kees de Wit (Standard support level)
Joined: 06/13/2013
Posts: 17

Hello,

I want to use the XAdESVerifier.AddCompleteRevocationRefs() method in .NET to add the revocation refs to my XAdES signature.

Do you have an example of how I create and fill the CRL storage and the array of OCSP responses. I can't find any example of it. Thanks in advance.
#25431
Posted: 06/25/2013 05:25:12
by Vsevolod Ievgiienko (EldoS Corp.)

Thank you for contacting us.

This can be done next way:

Code
TElCertificateRevocationList crl1 = new TElCertificateRevocationList(); // a single CRL
crl1.LoadFromStream(...); // e.g. can be loaded from a stream

TElMemoryCRLStorage crls = new TElMemoryCRLStorage();
crls.Add(crl1);
...

TElOCSPResponse ocsp = new TElOCSPResponse(); // a single OCSP response
ocsp.Load(...); // e.g. can be loaded from a buffer

ArrayList ocsps = new ArrayList();
ocsps.Add(ocsp1);
...

TElXAdESVerifier xades = new TElXAdESVerifier();
xades.AddCompleteRevocationRefs(crls, ocsps);
...
#25435
Posted: 06/25/2013 06:07:00
by Dmytro Bogatskyy (EldoS Corp.)

Please take a look at Samples\C#\XMLBlackbox\AdvancedSigner sample.
#25437
Posted: 06/25/2013 06:16:15
by Kees de Wit (Standard support level)
Joined: 06/13/2013
Posts: 17

Quote
Dmytro Bogatskyy wrote:
Please take a look at Samples\C#\XMLBlackbox\AdvancedSigner sample.


Yes I already saw that, but the thing is, there are two options:

Code
if (XAdESUpgradeOptionsForm.Instance.InsertCompleteValidationData)
{
    XAdESVerifier.AddCompleteCertificateRefs(CustomValidationDataForm.Instance.Certificates);
    XAdESVerifier.AddCompleteRevocationRefs(CustomValidationDataForm.Instance.CRLs, CustomValidationDataForm.Instance.OCSPResponses);
}
else
{
    CertificateValidatorLogForm.Instance.ClearLog();
    XAdESVerifier.OnBeforeCertificateValidate -= new TSBXAdESBeforeCertificateValidateEvent(HandleBeforeCertificateValidate);
    XAdESVerifier.OnBeforeCertificateValidate += new TSBXAdESBeforeCertificateValidateEvent(HandleBeforeCertificateValidate);

    TSBXAdESValidity Validity = XAdESVerifier.AddValidationDataRefs();
    if ((Validity != TSBXAdESValidity.xsvValid) && !XAdESVerifier.IgnoreChainValidationErrors)
    {
        if (MessageBox.Show("Failed to add validation data references\r\nShow detailed log?", "", MessageBoxButtons.YesNo, MessageBoxIcon.Error) == DialogResult.Yes)
CertificateValidatorLogForm.Instance.ShowDialog();

        break;
    }
}


What is the difference between "AddCompleteCertificateRefs()/AddCompleteRevocationRefs()" and "AddValidationDataRefs()" ?

How to obtain the CRL and OCSP for an instance of TElX509Certificate?
#25440
Posted: 06/25/2013 06:38:48
by Dmytro Bogatskyy (EldoS Corp.)

AddValidationDataRefs method automatically collects revocation info and internally call AddCompleteCertificateRefs method for collected certificates and AddCompleteRevocationRefs method for collected CRLs and OCSP responses
Also by EldoS: CallbackFilter
A component to monitor and control disk activity, track file and directory operations (create, read, write, rename etc.), alter file data, encrypt files, create virtual files.

Reply

Statistics

Topic viewed 874 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!