We use cookies to give you the best experience on our website. If you continue to browse, then you agree to our privacy policy and cookie policy. Image for the cookie policy date

Digital Signature get IsOCSPEmbedded and IsCRLEmbedded per each element in certificate chain

i need to get these two properties per each certificate in certificate chain , as one certificate may be ocspembedded and another one may be crlembedded in the same signature , and if you can provide another property to describe the issue/error if IsLTVEnabed = false 



25 Replies

IJ Irfana Jaffer Sadhik Syncfusion Team February 14, 2023 11:29 AM UTC

Currently, we are analyzing your requirement. We will provide the details shortly.



MK Moorthy Karunanithi Syncfusion Team February 16, 2023 03:13 PM UTC

Thank you for your patience,


Only if the OCSP and CRL response information must be embedded into the signature-signed data or DSS information will the IsOcspEmbedded and IsCrlEmbedded be enabled. The IsLtvEnabled property will be enabled when the CRL and OCSP embedded response must be in a GOOD status and not revoked.


As of now, we don’t have support to get the OCSP and CRL certificates on our end. We have logged a feature request called “Support to get OCSP and CRL certificates and validity from signature validation results”. Also, we don’t have any immediate plan to implement this feature and we will implement this support in any of our upcoming releases. We usually have an interval of at least three months between releases, at the planning stage for every release cycle, we review all open features. We will let you know when this feature is implemented.


Please use the below feedback link to track the status of the feature.

https://www.syncfusion.com/feedback/41225/support-to-get-ocsp-and-crl-certificates-and-validity-from-signature-validation



JA Jacobs February 16, 2023 03:25 PM UTC

Thanks Moorthy, but this request was not about the OCSP/CRL issuing certificates , it's about the two properties  IsOcspEmbedded and IsCrlEmbedded which appear on the signature as a whole not per each certificate in signature certificate chain .... However the IsLtvEnabled is for sure on signature as a whole when all certificates in signature certificate chain have ocsp or crl embedded & valid , if one of them is not embedded , the signature is not LTV.

Waiting for your reply.



IJ Irfana Jaffer Sadhik Syncfusion Team February 17, 2023 01:20 PM UTC

Thanks for the update,

 

If either an OCSP or CRL is embedded and valid, the IsLtvEnabled should be enabled.




JA Jacobs February 17, 2023 01:46 PM UTC

Yes either ocsp or crl embedded.... but it has to be on all certificates in chain to be ltv.

Say i have a usb token that has 2 levels over it and the root.... the 3 signer and the upper 2 levels must all have embedded ocsp or crl.

So i hope you expand these two properties to be per each certificate in certificate chain to be more accurate.



IJ Irfana Jaffer Sadhik Syncfusion Team February 20, 2023 12:48 PM UTC

Currently, we don't have any workaround for your requirement to get the effective date, next update & issuer fields from an embedded CRL. We will implement this support and include this feature in our upcoming 2023 Volume 2 main release, which will be expected at end of June 2022 tentatively.



JA Jacobs replied to Irfana Jaffer Sadhik February 20, 2023 01:18 PM UTC

Thanks, I think you meant for the other request in the below link as they are related.

https://www.syncfusion.com/forums/180535/digital-signature-read-embedded-crl-fields-in-a-pdf-signature



IJ Irfana Jaffer Sadhik Syncfusion Team February 21, 2023 05:06 AM UTC

Sorry for the inconvenience caused,


Thank you for the update. 


We are currently validating the behavior for LTV with a revocation chain for signature validation. We will provide further details on February 22, 2023.




SN Santhiya Narayanan Syncfusion Team February 22, 2023 02:59 PM UTC

We confirmed the issue “IsLTVEnabed returned incorrect results while verifying signature validation” as a defect in our product and defect and we will include the fix into our upcoming weekly NuGet release, which will be available on March 7th, 2023.


Please use the below feedback link to track the status of the reported bug.

https://www.syncfusion.com/feedback/41427/isltvenabed-returned-incorrect-results-while-verifying-signature-validation

Note: If you require a patch for the reported issue in any of our Essential Studio Main or SP release version, then kindly let us know the version, so that we can provide a patch in that version based on our SLA policy.

Disclaimer: “Inclusion of this solution in the weekly release may change due to other factors including but not limited to QA checks and works reprioritization.”



JA Jacobs replied to Santhiya Narayanan February 22, 2023 05:19 PM UTC

Thanks Santhiya,

If you can provide me a patch before March 7th,that would be great ... i am using version v20.4.0.51



IJ Irfana Jaffer Sadhik Syncfusion Team February 23, 2023 07:07 AM UTC

We will share a custom NuGet package for the fix as the weekly release version mentioned “20.4.0.51”. It is expected to be available on March 1st, 2023.



JA Jacobs replied to Irfana Jaffer Sadhik February 26, 2023 05:10 PM UTC

Great ... Thanks



IJ Irfana Jaffer Sadhik Syncfusion Team March 2, 2023 02:02 PM UTC

We have created a custom NuGet package, version "20.4.0.51", to address the IsLtvEnabled issue for previously reported documents. This package was shared with you in ticket 180445 on March 1st, 2023, and its public release is expected to be available on March 7th, 2023 with the next weekly release.


NUGET Package: https://www.dropbox.com/s/cc5gp227q90vvwi/syncfusion.pdf.winforms.20.4.0.51.nupkg?dl=0


In reference to Ticket 108445, we have received another document from you. Our development team is currently looking into the issue and will provide updates on March 6th, 2023.



IJ Irfana Jaffer Sadhik Syncfusion Team March 6, 2023 01:03 PM UTC

In reference to Ticket 108445, we have received another document from you. Our development team is currently looking into the issue and will provide updates on March 6th, 2023.

 

We have created a custom NuGet package, version “20.4.0.51”, to address the IsLTVEnabled issue. Please try this package and let us know the result. Once we have your confirmation, we will move forward and include the fix in the public release.

NUGET Package: https://www.dropbox.com/s/cc5gp227q90vvwi/syncfusion.pdf.winforms.20.4.0.51.nupkg?dl=0

 



IJ Irfana Jaffer Sadhik Syncfusion Team March 14, 2023 12:22 PM UTC

We have included the fix for the reported issue “IsLTVEnabed returned incorrect results while verifying signature validation” in our latest weekly NuGet release (v20.4.0.54).


Please use the below link to download our latest weekly NuGet,    

https://www.nuget.org/packages/Syncfusion.Pdf.WinForms/20.4.0.54



JA Jacobs replied to Irfana Jaffer Sadhik March 23, 2023 10:51 AM UTC

Thanks ... Confirmed that IsLTVEnabed is now working fine in latest weekly NuGet release (v20.4.0.54).


Will i be expecting adding 

"Support to get IsOCSPEmbedded and IsCRLEmbedded properties per each element in certificate chain" 

along with both related requests

"Support to get OCSP and CRL certificates and validity from signature validation results"

"Support to get CRL embedded issuer details, effective and next updates details"


https://www.syncfusion.com/forums/180535/digital-signature-read-embedded-crl-fields-in-a-pdf-signature?reply=SFpJbs

in upcoming 2023 Volume 2 main release?



IJ Irfana Jaffer Sadhik Syncfusion Team March 24, 2023 06:59 AM UTC

Support to get OCSP and CRL certificates and validity from signature validation results

Support to get CRL embedded issuer details, effective and next updates details

Support to get IsOCSPEmbedded and IsCRLEmbedded properties per each element in certificate chain

Yes, we have considered and planned to include all three requirements in our upcoming 2023 Volume 2 main release. Once the feature is available, we will inform you.



JA Jacobs March 24, 2023 07:05 AM UTC

Great ... thanks 🙏😊



JA Jacobs July 5, 2023 08:32 AM UTC

Hello Ifrana,


Long time 😊 ... Hope you are doing great.


I checked the new Syncfusion major release 2023 Volume 2 and it contains new SignerCertificates which contains all requested properties .


Thanks alot for your team efforts 🙏... I really appreciate it.


Can you please add same for TimeStamp embedded in Signature ?

see screen shot and file attached.




Attachment: test_tswithcrlembedded_bc75fbde.zip


IJ Irfana Jaffer Sadhik Syncfusion Team July 6, 2023 06:25 AM UTC

We're delighted to hear that the provided support has met your requirements. We will analyze the requested requirement for the timestamp embedded on the signature as well and will provide further details on July 10th, 2023.



IJ Irfana Jaffer Sadhik Syncfusion Team July 12, 2023 05:13 AM UTC

We have logged a feature request “Support to get revocation certificates and validity from signature embedded timestamp” in our database. We have considered and planned to implement this requirement in our upcoming 2023 Volume 3 main release. Once the feature is available, we will inform you.


Please use the below feedback link to track the status of the feature.

https://www.syncfusion.com/feedback/45142/support-to-get-revocation-certificates-and-validity-from-signature-embedded




JA Jacobs July 12, 2023 05:18 AM UTC

Thanks alot Irfana for your usual support

But is there any way to include it sooner in the weekly release 🙏



IJ Irfana Jaffer Sadhik Syncfusion Team July 13, 2023 01:02 PM UTC

Thank you for the update.


We will consider your requirement and have planned to include it in our upcoming release, 2023 Volume 2- SP1. This release is expected to be available by the end of July 2023.



JA Jacobs July 18, 2023 01:24 PM UTC

Thanks Irfana


I really appreciate your support.



IJ Irfana Jaffer Sadhik Syncfusion Team July 28, 2023 05:42 AM UTC

Thank you for patience,


In our latest release, 2023 Volume 2 SP1, we have added support for obtaining the timestamp embedded signer's information.


To retrieve the timestamp embedded signer details, you can use the following code example:

//Loads an existing document.

PdfLoadedDocument document = new PdfLoadedDocument("Input.pdf");

//Gets the signature field.

PdfLoadedSignatureField signatureField = document.Form.Fields[0] as PdfLoadedSignatureField;

//Validates signature and gets the validation result.

PdfSignatureValidationResult result = signatureField.ValidateSignature();

//Gets signer certificates

PdfSignerCertificate[] certifcate = result.TimeStampInformation.SignerCertificates;

//Close the document.

document.Close(true);

 


We are glad to announce that our Essential Studio 2023 Volume 2 Service Pack release v22.2.5 is rolled out and is available for download under the following link.

Essential Studio 2023 Volume 2 Service Pack Release v22.2.5 is available for download | Announcements Forums | Syncfusion

We thank you for your support and appreciate your patience in waiting for this release. Please get in touch with us if you would require any further assistance.


Loader.
Up arrow icon