Click or drag to resize
SignDocVerificationParameters Class
Parameters for verifying a certificate chain. 
If you use null instead of a SignDocVerificationParameters object,
the following default values will be used (those are identical to
the default values for a freshly created
SignDocVerificationParameters object):

- CertificateChainVerificationPolicy: ccvp_accept_self_signed_with_rsa_bio
- CertificateRevocationVerificationPolicy: crvp_dont_check
- ComputeOfflineNextUpdate: -1 (that is, embedded CRLs and OCSP responses
    without nextUpdate will be indefinitely valid)
- Timeout: 10000
- UserAgent: "SignDoc"
- VerificationFlags: 0 (that is, revocation checking is disabled)
- VerificationModel: vm_minimal
-VerificationTime: empty(that is, current date and time)
.

However, for SignDocDocument.updateDSS() and SignDocDocument.updateDSS2(),
the following default values will be used if a null pointer is passed
(those are identical to the values set by setForUpdateDSS()) :

-CertificateChainVerificationPolicy : #ccvp_accept_self_signed_with_rsa_bio
-CertificateRevocationVerificationPolicy: #crvp_online
-ComputeOfflineNextUpdate: 0 (that is, embedded CRLs and OCSP responses
    without nextUpdate won't be valid)
-Timeout: 10000
-UserAgent : "SignDoc"
-VerificationFlags : 0
-VerificationModel : #vm_shell
-VerificationTime: empty(that is, current date and time)
.

To make the signature maximally meaningful, verification parameters
for SignDocDocument.addSignature() should include vf_check_revocation
in integer parameter "VerificationFlags".

If integer parameter "CertificateChainVerificationPolicy" is
ccvp_dont_verify, integer parameter
"CertificateRevocationVerificationPolicy" must be crvp_dont_check.
Inheritance Hierarchy
SystemObject
  de.softpro.signdocsdkSignDocVerificationParameters

Namespace:  de.softpro.signdocsdk
Assembly:  SPSignDoc_4.3_DotNetLib (in SPSignDoc_4.3_DotNetLib.dll) Version: 1.0.6773.37566
Syntax
C#
Copy
public sealed class SignDocVerificationParameters : IDisposable

The SignDocVerificationParameters type exposes the following members.

Constructors
  NameDescription
Public methodSignDocVerificationParameters
Constructor. See SignDocVerificationParameters for the default values.
Top
Methods
  NameDescription
Public methodclone
Public methoddestroy
Destroy this object, overwriting sensitive data. After calling this method, all methods of this object will throw.
Public methodDispose
Releases all resources used by the SignDocVerificationParameters
Public methodequals
Public methodgetErrorMessage
Get an error message for the last function call.
Public methodsetBlob
Set an blob parameter. 

Available blob parameters are:
- IntermediateCertificate       Add an intermediate certificate
                                   which might help building the
                                   certificate chain.
                                   The blob must contain
                                   a serialized X.509 certificate
                                   (DER or PEM).
- TrustedCertificate            Add a trusted root certificate.
                                   The blob must contain
                                   a serialized X.509 certificate
                                   (DER or PEM).
Public methodsetForUpdateDSS
Set suitable values for using this object with SignDocDocument.updateDSS() and SignDocDocument.updateDSS2().
Public methodsetInteger
Set an integer parameter. 
Available integer parameters are:
-  CertificateChainVerificationPolicy  Policy for simplified
                        verification of the certificate chain:
                        #ccvp_dont_verify, #ccvp_accept_self_signed,
                        #ccvp_accept_self_signed_with_bio, or
                        #ccvp_accept_self_signed_with_rsa_bio.
                        The default value is
                        #ccvp_accept_self_signed_with_rsa_bio.
                        This parameter is used by 
							SignDocDocument.renderPageAsImage(),
							SignDocDocument.updateDSS(),
							SignDocDocument.updateDSS2(),
                        SignDocVerificationResult.verifyCertificateSimplified(), and
                        SignDocVerificationResult.verifyTimeStampCertificateSimplified() only.
-  CertificateRevocationVerificationPolicy  Policy for simplified
                        verification of
                        the revocation status of the certificates:
                        #crvp_dont_check, #crvp_offline, or
                        #crvp_online.
                        The default value is #crvp_dont_check.
                        This parameter is used by 
							SignDocDocument.renderPageAsImage(),
							SignDocDocument.updateDSS(),
							SignDocDocument.updateDSS2(),
                        SignDocVerificationResult.verifyCertificateSimplified(), and
                        SignDocVerificationResult.verifyTimeStampCertificateSimplified() only.
-  ChainPolicy        Abbreviation for "CertificateChainVerificationPolicy".
-  ComputeOfflineNextUpdate    Number of hours embedded CRLs and OCSP responses
                        that do not have a nextUpdate value will be
                        assumed to be valid after their thisUpdate value.
                        That is, nextUpdate will be computed from
                        thisUpdate by adding the specified number of
                        hours.
                        The value -1 is special and means that those
                        CRLs and OCSP responses will be assumed to be
                        valid indefinitely.
                        The default value is -1.
                        See also flag #vf_enforce_next_update of
                        integer parameter "VerificationFlags".
-  Flags              Abbreviation for "VerificationFlags".
-  Model              Abbreviation for "VerificationModel".
-  RevocationPolicy   Abbreviation for "CertificateRevocationVerificationPolicy".
-  Timeout            The timeout (in millisconds) for HTTP
                        connections used for checking the revocation
                        state of certificates. This value is ignored
                        unless vf_check_revocation
                        is set for integer parameter "VerificationFlags".
                        The default value is 10000.
-  VerificationFlags  Flags modifying the verification. This is a
                        combination of these flags:
                        #vf_check_revocation, #vf_crl_first,
                        #vf_enforce_next_update, #vf_enforce_ocsp_signer,
                        #vf_ignore_no_revocation,
                        #vf_no_ocsp_nonce, #vf_offline, #vf_online,
                        #vf_use_crl_only, #vf_use_ocsp_only.
                        If you pass 0, the revocation state of the
                        certificates won't be checked.
                        The default value is 0.
                        SignDocDocument.renderPageAsImage(),
						SignDocDocument.updateDSS(),
						SignDocDocument.updateDSS2(),
                        SignDocVerificationResult.verifyCertificateSimplified(), and
                        SignDocVerificationResult.verifyTimeStampCertificateSimplified()
                        use integer parameter CertificateRevocationVerificationPolicy
                        instead of the vf_check_revocation flag.
                        #vf_offline should not be set for
                        SignDocDocument.addSignature().
-  VerificationModel  Model to be used for verifying the certificate
                        chain: #vm_minimal, #vm_chain, #vm_modified_shell,
                        or #vm_shell.
                        The default value is #vm_minimal.
                        SignDocDocument.addSignature() ignores this
                        parameter and uses #vm_chain if revocation
                        data is to be included in the signature.
Public methodsetString
Set a string parameter. 
Available string parameters are:
-  UserAgent             The value of the User-Agent header field
                           sent to CRL and OCSP servers. The default
                           value is "SignDoc".
-  VerificationTime      Empty (for the current date and time)
                           or a string in ISO 8601 format
                           ("yyyy-mm-ddThh:mm:ss", with optional timezone)
                           specifying the verification date and time.
                           The default value is empty.
                           Used only if integer parameter
                           "VerificationModel" is vm_shell.
                           This parameteter is not used by
                           SignDocDocument.addSignature();
                           that function always use the signing time
                           as verification time.
Top
See Also