Here are my 2 cents:
 
I've found a similar issue some time ago, as viewed in the following 
verification method I wrote:
 
Dim fails() as Object
Dim pk as iTextSharp.text.pdf.security.PdfPKCS7Dim af As 
iTextSharp.text.pdf.AcroFields
Dim sigNames As List(Of String)
'// Some code resumed for clarity...where I build the pk object and bla 
bla...af = reader.AcroFields()
sigNames = af.GetSignatureNames()
For Each name In sigNames
     pk = af.VerifySignature(name)
     certs = pk.SignCertificateChain
     crls = pk.CRLs
     '... more code resumed
     sigDate = pk.SignDate.ToUniversalTime // IF I DON'T USE .ToUniversalTime 
HERE, VERIFICATION USUALLY FAILS IN THE NEXT LINE
     fails = 
iTextSharp.text.pdf.security.CertificateVerification.VerifyCertificates(certs, 
ks, crls, sigDate)
Next

 
The VerifyCertificates makes the same date comparison that Jose wrote in his 
mail, the difference is that I don't change the iTextSharp methods, but instead 
I pass the time in UTC.
 
Hope this helps. Regads,
Alex

 

> Date: Wed, 24 Oct 2012 09:43:45 +0100
> From: pgpsoa...@gmail.com
> To: itext-questions@lists.sourceforge.net
> Subject: Re: [iText-questions] X509Certificate - NotBefore and NotAfter
> 
> What is the class? If it's a BC class you'll have to direct the
> question to them.
> 
> Paulo
> 
> On Tue, Oct 23, 2012 at 11:50 PM, José Santiago Bonilla Pazmiño
> <josebonillapazm...@gmail.com> wrote:
> > Hi, I am using iTextsharp, and found the following issue with signature
> > verification. According to the methods:
> >
> > /// <summary>
> > /// The time that this certificate is valid from.
> > /// </summary>
> > /// <returns>A DateTime object representing that time in the local time
> > zone.</returns>
> > public virtual DateTime NotBefore
> > {
> > get { return c.StartDate.ToDateTime(); }
> > }
> >
> > /// <summary>
> >         /// The time that this certificate is valid up to.
> >         /// </summary>
> >         /// <returns>A DateTime object representing that time in the local
> > time zone.</returns>
> >         public virtual DateTime NotAfter
> >         {
> > get { return c.EndDate.ToDateTime(); }
> >         }
> >
> > However, the time is returned in UTC. So, when verifying:
> >
> >          public virtual bool IsValid(
> > DateTime time)
> >         {
> >             return time.CompareTo(NotBefore) >= 0 &&
> > time.CompareTo(NotAfter) <= 0;
> >         }
> >
> > I pass "time" variable in local time, and validation fails because my
> > timezone is -5 UTC.
> >
> > I changed the line:
> >
> > return time.CompareTo(NotBefore) >= 0 && time.CompareTo(NotAfter) <= 0;
> >
> > To:
> >
> > DateTime timeUtc = time.ToUniversalTime();
> > return timeUtc.CompareTo(NotBefore) >= 0 && timeUtc.CompareTo(NotAfter) <=
> > 0;
> >
> > And validation is successful!
> >
> > ¿Is NotBefore and NotAfter supposed to return the time in UTC always?
> > or
> > ¿Should I assure NotBefore and NotAfter to always return in local time?
> >
> > Regards,
> >
> > Jose.
> >
> >
> >
> > --
> > Saludos cordiales,
> >
> >
> > José Bonilla
> > (+593) 95031497
> >
> > ------------------------------------------------------------------------------
> > Everyone hates slow websites. So do we.
> > Make your web apps faster with AppDynamics
> > Download AppDynamics Lite for free today:
> > http://p.sf.net/sfu/appdyn_sfd2d_oct
> > _______________________________________________
> > iText-questions mailing list
> > iText-questions@lists.sourceforge.net
> > https://lists.sourceforge.net/lists/listinfo/itext-questions
> >
> > iText(R) is a registered trademark of 1T3XT BVBA.
> > Many questions posted to this list can (and will) be answered with a
> > reference to the iText book: http://www.itextpdf.com/book/
> > Please check the keywords list before you ask for examples:
> > http://itextpdf.com/themes/keywords.php
> 
> ------------------------------------------------------------------------------
> Everyone hates slow websites. So do we.
> Make your web apps faster with AppDynamics
> Download AppDynamics Lite for free today:
> http://p.sf.net/sfu/appdyn_sfd2d_oct
> _______________________________________________
> iText-questions mailing list
> iText-questions@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/itext-questions
> 
> iText(R) is a registered trademark of 1T3XT BVBA.
> Many questions posted to this list can (and will) be answered with a 
> reference to the iText book: http://www.itextpdf.com/book/
> Please check the keywords list before you ask for examples: 
> http://itextpdf.com/themes/keywords.php

                                          
------------------------------------------------------------------------------
Everyone hates slow websites. So do we.
Make your web apps faster with AppDynamics
Download AppDynamics Lite for free today:
http://p.sf.net/sfu/appdyn_sfd2d_oct
_______________________________________________
iText-questions mailing list
iText-questions@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/itext-questions

iText(R) is a registered trademark of 1T3XT BVBA.
Many questions posted to this list can (and will) be answered with a reference 
to the iText book: http://www.itextpdf.com/book/
Please check the keywords list before you ask for examples: 
http://itextpdf.com/themes/keywords.php

Reply via email to