1. Home
  2. Forum
  3. ASP.NET Core - EJ 2
  4. crl embedded inside document

crl embedded inside document

Is there a way to differentiate If the crl information is embedded inside the pdf document or not ... which is an indicator if the document is LTV enabled or not?




19 Replies
GK Gowthamraj Kumar Syncfusion Team April 18, 2022 01:16 PM UTC

Hi David,


Currently, we are analyzing on this requirement and we will update the further details on April 20th 2022.


Regards,

Gowthamraj K


GK Gowthamraj Kumar Syncfusion Team April 20, 2022 01:57 PM UTC

Hi David,


Currently, we have support to verify the CRL and OCSP information from signature certification and we don’t have support to identify whether the CRL and OCSP information is embedded inside the PDF document or not. We request you to share the CRL embed inside the PDF document on our end. It will help to analyze and provide you with a precious solution on our end. 


Regards,

Gowthamraj K


DA David May 5, 2022 01:04 PM UTC

i uploaded 2 files pdf one with ltv enable and has crl embeded  in document pdf but It only works on customer environment . and the other file without crl embeded 



the  two files the same but with different size because one embeded crl  and the other not embeded crl  


Attachment: 2pdf_files_one_has_ltv_and_the_other_one_without_ltv_66602e5b.zip

GK Gowthamraj Kumar Syncfusion Team May 6, 2022 01:10 PM UTC

Hi David,


We have considered this as a feature request with “Support to get the LTV information detail from PdfSignatureValidationResult“. We will implement this support and include this feature in our upcoming 2022 Volume 2 main release, which will be expected at end of June 2022 tentatively.


Please use the below feedback link to track the status of this feature.

https://www.syncfusion.com/feedback/31805/support-to-get-the-detail-of-the-signatures-validity-from


Regards,

Gowthamraj K


DA David May 9, 2022 09:57 AM UTC

Thanks for your previous reply (including LTV information in next release)

Kindly find this updated document which includes LTV and Timestamp embedded using code provided by syncfusion team in last reply in this ticket https://www.syncfusion.com/forums/172460/digital-signature-algorithm

We hope the next release allows us to get the following LTV information (Document is LTV enabled .... shown by adobe reader that OCSP/CRL is embedded & has a timestamp embedded)

Thanks to confirm.



Attachment: 2pdf_files_one_has_ltv_and_the_other_one_without_ltv_d96020ec.zip

IJ Irfana Jaffer Sadhik Syncfusion Team May 10, 2022 01:48 PM UTC

Hi David,


We have support to validate the digital signatures in an existing PDF document. Form that, we can able to get time stamp information from the digital signatures.


Please refer to the below UG documentation below,

https://help.syncfusion.com/file-formats/pdf/working-with-digitalsignature#digital-signature-validation


For example,


 

img1.jpg

 

If the signature embedded timestamp information

 

Please refer to the below code to get time stamp information from the digital signature.

 

PdfLoadedDocument loadedDocument = new PdfLoadedDocument(docStream);

 

            List<PdfSignatureValidationResult> results;

 

            bool isValid = loadedDocument.Form.Fields.ValidateSignatures(out results);

 

            if(results[0].TimeStampInformation !=null)

            {

                if(results[0].TimeStampInformation.IsDocumentTimeStamp)

                {

                    //A signature is a document timestamp signature

                }

                else

                {

                    //If the TimeStampInformation is not nullable, then it means digital signatures include an embedded timestamp 

                }

            }

            else

            {

                //Digital Signature does not have timestamp information

            }

img2.jpg

If the document is signed with timestamp alone

 

Please refer to the code to get document timestamp signature from the digital signature.

 

PdfLoadedDocument loadedDocument = new PdfLoadedDocument(docStream);

 

            List<PdfSignatureValidationResult> results;

 

            bool isValid = loadedDocument.Form.Fields.ValidateSignatures(out results);

 

            if(results[0].TimeStampInformation !=null)

            {

                if(results[0].TimeStampInformation.IsDocumentTimeStamp)

                {

                    //A signature is a document timestamp signature

                }

                else

                {

                    //If the TimeStampInformation is not nullable, then it means digital signatures include an embedded timestamp 

                }

            }

            else

            {

                //Digital Signature does not have timestamp information

            }

img3.jpg

If the signature does not have timestamp information,

 

Please refer to the code to identify the digital signature have timestamp information or not.

 

PdfLoadedDocument loadedDocument = new PdfLoadedDocument(docStream);

 

            List<PdfSignatureValidationResult> results;

 

            bool isValid = loadedDocument.Form.Fields.ValidateSignatures(out results);

 

            if(results[0].TimeStampInformation !=null)

            {

                if(results[0].TimeStampInformation.IsDocumentTimeStamp)

                {

                    //A signature is a document timestamp signature

                }

                else

                {

                    //If the TimeStampInformation is not nullable, then it means digital signatures include an embedded timestamp 

                }

            }

            else

            {

                //Digital Signature does not have timestamp information

            }



As we said earlier, we have considered this as a feature request with “Support to get the LTV, CRL & OCSP embed information detail from PdfSignatureValidationResult“. We will implement this support and include this feature in our upcoming 2022 Volume 2 main release, which will be expected at end of June 2022 tentatively.


Please use the below feedback link to track the status of this feature.

https://www.syncfusion.com/feedback/31805/support-to-get-the-detail-of-the-signatures-validity-from


Regards,

Irfana J.


DA David June 21, 2022 11:43 AM UTC

what is the new feature released yet and how to use it ? (check if document is LTV enabled or not)


GK Gowthamraj Kumar Syncfusion Team June 22, 2022 10:10 AM UTC

Hi David,


Currently, we are implementing and testing the feature “Support to get the LTV, CRL & OCSP embed information detail from PdfSignatureValidationResult”. We are planning to include this feature in our upcoming weekly NuGet release once our Volume 2 Main release is rolled out which we excepted on the end of June 2022 tentatively.

Note: Date and version update later.


Regards,

Gowthamraj K


GK Gowthamraj Kumar Syncfusion Team July 1, 2022 01:08 PM UTC

Hi David,


We have planned to include the feature Support to get the LTV, CRL & OCSP embed information detail from PdfSignatureValidationResult in our upcoming weekly NuGet release, which will be available on July 12th, 2022.


Regards,

Gowthamraj K


GK Gowthamraj Kumar Syncfusion Team July 12, 2022 12:36 PM UTC

Hi David,

We regret for the inconvenience caused. Due to complexities, we are working on this support to provide get LTV enabled/disabled from signature validation result and we will add this support in our upcoming weekly NuGet release on July 19, 2022 without any further delay.


Please use the below feedback link to track the status of this feature.

https://www.syncfusion.com/feedback/31805/support-to-get-the-detail-of-the-signatures-validity-from


Regards,

Gowthamraj K


GK Gowthamraj Kumar Syncfusion Team July 19, 2022 12:37 PM UTC

Hi David,


We have included the implementation for the “Support for LTV validation and getting CRL and OCSP embedded details from the digital signature” in our weekly NuGet release v20.2.0.39.


Kindly use the following link to download the NuGet package,
https://www.nuget.org/packages/Syncfusion.Pdf.Net.Core/20.2.0.39


Kindly use the following code snippet for reference.

PdfLoadedDocument document = new PdfLoadedDocument(fileStream);

PdfLoadedSignatureField signatureField = document.Form.Fields[0] as PdfLoadedSignatureField;

PdfSignatureValidationResult result = signatureField.ValidateSignature();

bool isLtvEnabled = result.LtvVerificationInfo.IsLtvEnabled;

bool isCrlEmbedded = result.LtvVerificationInfo.IsCrlEmbedded;

bool isOcspEmbedded = result.LtvVerificationInfo.IsOcspEmbedded;

document.Close(true);


Please let us know if you have any concerns on this 


Regards,

Gowthamraj K


DA David July 20, 2022 08:42 AM UTC

Thank you for the new features, we have tested them.

please check our below comments.

IsCrlEmbedded is working correctly (true when crl is embedded otherwise false)

IsOcspEmbedded is not working correctly (true when crl is embedded otherwise false) not ocsp

IsLtvEnabled is not working correctly (always false).

we found another property in PdfLoadedSignatureField non-public members" isLTVEnabled" that existed in previous releases and it is working fine with us.

we can access it using System.Reflection

Dim highlightedItemProperty As Reflection.PropertyInfo = SignatureField.Signature.GetType().GetProperties(Reflection.BindingFlags.NonPublic Or Reflection.BindingFlags.Instance).Single(Function(pi) pi.Name = "IsLTVEnabled")

Dim isLtvEnabledValReflection As String = highlightedItemProperty.GetValue(SignatureField.Signature, Nothing)
Check images below and check attached pdf files we have used .

test-signed_LTV_CRL_OCSP_False.pdf (LTV/CrlEmbedded/OcspEmbedded should be all false)

test-signed_LTV_CRL_True.pdf (LTV/CrlEmbedded should be true & OCSPEmbedded false)





Attachment: PDF_Files_a9b1d0e6.zip


IJ Irfana Jaffer Sadhik Syncfusion Team July 21, 2022 12:59 PM UTC

Hi David,


We have confirmed that the provided file “test-signed_LTV_CRL_True.pdf” contains OCSP embedded in it. So, the value retrieved in the API “IsOcspEmbedded” is as expected.


output.png


The internal API “IsLTVEnabled” in the Signature field only checks if the DSS entry is present and returns a Boolean. Whereas the public API “IsLtvEnabled” in LtvVerificationInfo verifies the OCSP and CRL byte data present in the DSS entry and returns the Boolean.


Currently we are analyzing the LTV returned false behavior for the file “test-signed_LTV_CRL_True.pdf”, We will provide further analysis details on July 25, 2022.


Regards,

Irfana J.



IJ Irfana Jaffer Sadhik Syncfusion Team July 22, 2022 02:15 PM UTC

Hi David,


We confirmed the issue “LTV information is not getting retrieved properly” as a defect in our product. We will include the fix for this issue in our weekly NuGet release, which will be available on August 2nd, 2022.


Please use the below feedback link to track the status of the reported bug.

LTV information is not getting retrieved properly in ASP.NET Core | Feedback Portal (syncfusion.com)


Note: If you require patch for the reported issue in any of our Essential Studio Main or SP release version, then kindly let us know the version, so that we can provide a patch in that version based on our SLA policy.


Please let us know if you need any further assistance in this.


Regards,

Irfana J.



DA David July 24, 2022 09:12 AM UTC

Thank you for this feedback , we are waiting for LTV fix,

regarding the  file “test-signed_LTV_CRL_True.pdf” yes we found that it  contains OCSP embedded in it on this Highlighted path 



IJ Irfana Jaffer Sadhik Syncfusion Team July 25, 2022 01:07 PM UTC

Hi David,


We confirmed the issue “LTV information is not getting retrieved properly” as a defect in our product. We will include the fix for this issue in our weekly NuGet release, which will be available on August 2nd, 2022.


Please use the below feedback link to track the status of the reported bug.

LTV information is not getting retrieved properly in ASP.NET Core | Feedback Portal (syncfusion.com)


Regards,

Irfana J.


GK Gowthamraj Kumar Syncfusion Team August 2, 2022 01:12 PM UTC

Hi David,


Since our 2022 volume 2 SP1 release is expected to be rolled out this week. So there will be no weekly release today. We will include the fix for this issue " LTV information is not getting retrieved properly " in our 2022 Volume 2 sp1 release which will be available on August 8th, 2022


Please use the below feedback link to track the status of the reported bug.

https://www.syncfusion.com/feedback/36541/ltv-information-is-not-getting-retrieved-properly


Note: If you require a patch for the reported issue in any of our Essential Studio Main or SP release versions, then kindly let us know the version, so that we can provide a patch in that version based on our SLA policy.


Please let us know if you need any further assistance in this.


Regards,

Gowthamraj K


GK Gowthamraj Kumar Syncfusion Team August 9, 2022 01:56 PM UTC

Hi David,


Since our 2022 volume 2 SP1 release is expected to be rolled out this week. We will include the fix for this issue " LTV information is not getting retrieved properly " in our upcoming weekly release which will be available on August 16th, 2022


Please use the below feedback link to track the status of the reported bug.

https://www.syncfusion.com/feedback/36541/ltv-information-is-not-getting-retrieved-properly


Please let us know if you need any further assistance in this.


Regards,

Gowthamraj K


GK Gowthamraj Kumar Syncfusion Team August 16, 2022 11:50 AM UTC

Hi David,


We have included the fix for this reported issue with “LTV information is not getting retrieved properly” in our Volume 2 sp1 2022 release (20.2.0.43). Please use the below link to download our latest Volume 2 sp1 release NuGet,    


NuGet:   https://www.nuget.org/packages/Syncfusion.Pdf.Net.Core/20.2.0.43


Please let us know if you have any concerns on this


Regards,

Gowthamraj K


Loader.
Up arrow icon