1

I'm using itextSharp in C# to sign a pdf. I have created a method but after the pdf is signed, it isn't ltv enabled. I searched and found the code snippet below which adds ltv enable to pdf but I don't know how I'm supposed to create the variables ocsp, and crl. What I'm really confused about is the type of information this variables should contain for example should ocsp be a string url or signature name etc? The documentation for these variable on the itextsupport site is very poor and I can't understand what I'm required to provide. Please any help on how to create these two variables ocsp and crl (with an example and a brief explanation), will be greatly appreciated. 

using (FileStream fos = new FileStream(@"d:\test.pdf", FileMode.Create))
            {
                PdfReader r = new PdfReader(signedDocument);
                PdfStamper stp = new PdfStamper(r, fos, '\0', true);
                LtvVerification v = stp.LtvVerification;
                AcroFields fields = stp.AcroFields;
                List<String> names = fields.GetSignatureNames();
                String sigName = names[names.Count - 1];
                PdfPKCS7 pkcs7 = fields.VerifySignature(sigName);
                if (pkcs7.IsTsp)
                {
                    v.AddVerification(sigName, ocsp, crl,
                            LtvVerification.CertificateOption.SIGNING_CERTIFICATE,
                            LtvVerification.Level.OCSP_CRL,
                            LtvVerification.CertificateInclusion.YES);
                }
                else
                {
                    foreach (string name in names)
                    {
                        v.AddVerification(name, ocsp, crl,
                                LtvVerification.CertificateOption.WHOLE_CHAIN,
                                LtvVerification.Level.OCSP_CRL,
                                LtvVerification.CertificateInclusion.NO);
                    }
                }

                stp.Close();
                r.Close();
            }
Jean Claude
  • 21
  • 3
  • I can't really help you but have you noticed/tried the implementations of those interfaces offered by iTextSharp (OcspClientBouncyCastle, CrlClientOffline, CrlClientOnline)? –  Sep 14 '18 at 20:35
  • *"What I'm really confused about is the type of information this variables should contain"* - Visual Studio quite clearly shows you the types (or more exactly: interfaces) expected in those parameters, and as @elgonzo has said, there are implementations of those interfaces in itextsharp. That been said, you aim at "ltv enabled" signatures, and your code probably won't create them even if you have appropriate ocsp and crl parameters. – mkl Sep 15 '18 at 06:09
  • 1
    [This answer](https://stackoverflow.com/a/51481392/1729265) focuses on LTV enabling using iText 5 for Java and [this answer](https://stackoverflow.com/a/51675015/1729265) on LTV enabling using iText 7 for Java. You merely have to port the variant applicable to your use case. – mkl Sep 15 '18 at 06:13

1 Answers1

0

You can use the chain:

IList<ICrlClient> crlList = new List<ICrlClient>(); crlList.Add(new CrlClientOnline(chain.ToArray()));

or hard coded url:

ICrlClient crlClient = new CrlClientOnline("https://crl.cacert.org/revoke.crl");

Tom Carter
  • 2,938
  • 1
  • 27
  • 42
Nora alshareef
  • 11
  • 3