Oops --> still there in itextsharp-all-5.3.5 package !
Our TSA provider use HashSha256 not HashSha1 !
TEST CODE:
----------
//
// We trying to find the BUGs
//
#region Revised pk.IsRevocationValid()
System.Console.Out.WriteLine("Start test of IsRevocationValid() in
PdfPKCS7.cs");
X509Certificate[] cs = pk.SignCertificateChain;
SingleResp sr = ocsp.Responses[0];
CertificateID cid = sr.GetCertID();
X509Certificate sigcer = pk.SigningCertificate;
X509Certificate isscer = cs[1];
// Oops here is one !
CertificateID tis = new
CertificateID(/*CertificateID.HashSha1*/cid.HashAlgOid, isscer,
sigcer.SerialNumber);
revOK = tis.Equals(cid);
System.Console.Out.WriteLine("MatchesIssuer " +
cid.MatchesIssuer(isscer).ToString());
System.Console.Out.WriteLine("Certificate count in chain " +
cs.Length.ToString());
System.Console.Out.WriteLine("HashAlgOid cid: " + cid.HashAlgOid + "
tis: " + tis.HashAlgOid);
System.Console.Out.WriteLine("SerialNumber cid: " + cid.SerialNumber +
" tis: " + tis.SerialNumber);
System.Console.Out.WriteLine("CRL URL " + CertificateUtil.GetCRLURL(isscer));
System.Console.Out.WriteLine("OCSP URL " +
CertificateUtil.GetOCSPURL(isscer));
System.Console.Out.WriteLine("EQUALS " + revOK);
System.Console.Out.WriteLine("End test of IsRevocationValid() in
PdfPKCS7.cs");
#endregion
RESULT:
-------
Start test of IsRevocationValid() in PdfPKCS7.cs
MatchesIssuer True
Certificate count in chain 3
HashAlgOid cid: 2.16.840.1.101.3.4.2.1 tis: 2.16.840.1.101.3.4.2.1
SerialNumber cid: 736 tis: 736
CRL URL http://teszt.e-szigno.hu/TRootCA2008.crl
OCSP URL http://teszt.e-szigno.hu/testroot2008ocsp
EQUALS True
End test of IsRevocationValid() in PdfPKCS7.cs
Idézet (aszo...@szomor.hu):
> Dear Developers,
>
> I reported to you a little bug in IsRevocationValid method of
> PdfPKCS7.cs many times, why you did not repair it ?
> This little bug still is there in itextsharp-all-5.3.3 package, please
> repair it into next version.
>
> BAD LINE 1103: CertificateID tis = new
> CertificateID(CertificateID.HashSha1, isscer, sigcer.SerialNumber);
> GOOD LINE 1103: CertificateID tis = new CertificateID(cid.HashAlgOid,
> isscer, sigcer.SerialNumber);
>
> Thanks a lot,
> Attila.
>
>
>
> ------------------------------------------------------------------------------
> Master HTML5, CSS3, ASP.NET, MVC, AJAX, Knockout.js, Web API and
> much more. Get web development skills now with LearnDevNow -
> 350+ hours of step-by-step video tutorials by Microsoft MVPs and experts.
> SALE $99.99 this month only -- learn more at:
> http://p.sf.net/sfu/learnmore_122812
> _______________________________________________
> iText-questions mailing list
> iText-questions@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/itext-questions
>
> iText(R) is a registered trademark of 1T3XT BVBA.
> Many questions posted to this list can (and will) be answered with a
> reference to the iText book: http://www.itextpdf.com/book/
> Please check the keywords list before you ask for examples:
> http://itextpdf.com/themes/keywords.php
>
------------------------------------------------------------------------------
Master HTML5, CSS3, ASP.NET, MVC, AJAX, Knockout.js, Web API and
much more. Get web development skills now with LearnDevNow -
350+ hours of step-by-step video tutorials by Microsoft MVPs and experts.
SALE $99.99 this month only -- learn more at:
http://p.sf.net/sfu/learnmore_122812
_______________________________________________
iText-questions mailing list
iText-questions@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/itext-questions
iText(R) is a registered trademark of 1T3XT BVBA.
Many questions posted to this list can (and will) be answered with a reference
to the iText book: http://www.itextpdf.com/book/
Please check the keywords list before you ask for examples:
http://itextpdf.com/themes/keywords.php
