Discuss this help topic in SecureBlackbox Forum

TElOCSPServer.OnCertificateCheck

TElOCSPServer     


Filter: C#/Java  VB.NET  Pascal  C++  PHP  


This event is fired when certificate status must be checked.

Declaration

[C#/Java]
    event TElCertificateOCSPCheckEvent OnCertificateCheck;
    delegate void TElCertificateOCSPCheckEvent(object Sender, byte[] HashAlgOID, byte[] IssuerNameHash, byte[] IssuerKeyHash, byte[] CertificateSerial, ref TElOCSPCertificateStatus CertStatus, ref TSBCRLReasonFlags Reason, ref DateTime RevocationTime, ref DateTime ThisUpdate, ref DateTime NextUpdate);
    TElOCSPCertificateStatus = short;
    TSBCRLReasonFlags = int;
    
    TSBCRLReasonFlags represents a bit mask which contains zero or more bit flags as defined by TSBCRLReasonFlag.

[VB.NET]
    Event OnCertificateCheck As TElCertificateOCSPCheckEvent
    Delegate Sub TElCertificateOCSPCheckEvent(ByVal Sender As Object, ByVal HashAlgOID As Byte(), ByVal IssuerNameHash As Byte(), ByVal IssuerKeyHash As Byte(), ByVal CertificateSerial As Byte(), ByRef CertStatus As TElOCSPCertificateStatus, ByRef Reason As TSBCRLReasonFlags, ByRef RevocationTime As DateTime, ByRef ThisUpdate As DateTime, ByRef NextUpdate As DateTime)
    TElOCSPCertificateStatus As SmallInt
    TSBCRLReasonFlags As Integer
    
    TSBCRLReasonFlags represents a bit mask which contains zero or more bit flags as defined by TSBCRLReasonFlag.

[Pascal]
    property OnCertificateCheck : TElCertificateOCSPCheckEvent;
    TElCertificateOCSPCheckEvent = procedure( Sender : TObject; HashAlgOID : ByteArray; IssuerNameHash : ByteArray; IssuerKeyHash : ByteArray; CertificateSerial : ByteArray; var CertStatus : TElOCSPCertificateStatus; var Reason : TSBCRLReasonFlags; var RevocationTime, ThisUpdate, NextUpdate : TDateTime) of object;
    TSBCRLReasonFlags = set of TSBCRLReasonFlag;

[C++]
    void get_OnCertificateCheck(TSBCertificateOCSPCheckEvent &pMethodOutResult, void * &pDataOutResult);
    void set_OnCertificateCheck(TSBCertificateOCSPCheckEvent pMethodValue, void * pDataValue);
    typedef void (SB_CALLBACK *TSBCertificateOCSPCheckEvent)(void * _ObjectData, TObjectHandle Sender, const uint8_t pHashAlgOID[], int32_t szHashAlgOID, const uint8_t pIssuerNameHash[], int32_t szIssuerNameHash, const uint8_t pIssuerKeyHash[], int32_t szIssuerKeyHash, const uint8_t pCertificateSerial[], int32_t szCertificateSerial, TElOCSPCertificateStatusRaw &CertStatus, TSBCRLReasonFlagRaw &Reason, int64_t &RevocationTime, int64_t &ThisUpdate, int64_t &NextUpdate);

[PHP]
    TSBCertificateOCSPCheckEvent|callable|NULL get_OnCertificateCheck()
    void set_OnCertificateCheck(TSBCertificateOCSPCheckEvent|callable|NULL $Value)
    callable TSBCertificateOCSPCheckEvent(TObject $Sender, string $HashAlgOID, string $IssuerNameHash, string $IssuerKeyHash, string $CertificateSerial, integer &$CertStatus, integer &$Reason, DateTime &$RevocationTime, DateTime &$ThisUpdate, DateTime &$NextUpdate)

Parameters

  • HashAlgOID - OID of the hash algorithm, used to create IssuerNameHash and IssuerKeyHash
  • IssuerNameHash - hash of the IssuerName field of the certificate, being verified
  • IssuerKeyHash - hash of the public key of the certificate, which was used to sign the certificate being verified
  • CertificateSerial - serial of the certificate being verified
  • CertStatus - certificate status
  • Reason - reason of certificate revocation
  • RevocationTime - time when the certificate was revoked
  • ThisUpdate - time of the current status update
  • NextUpdate - time of the next status update
  • pHashAlgOID -
  • szHashAlgOID - the length of pcHashAlgOID.
  • pIssuerNameHash -
  • szIssuerNameHash - the length of pcIssuerNameHash.
  • pIssuerKeyHash -
  • szIssuerKeyHash - the length of pcIssuerKeyHash.
  • pCertificateSerial -
  • szCertificateSerial - the length of pcCertificateSerial.

Possible values of certificate status:


Possible values of CRL reason flags:


Description

    This event is fired for each certificate from the request. In response to this event you need to provide certificate status and other parameters necessary for the OCSP response.

Discuss this help topic in SecureBlackbox Forum