PDFVerify Component

Properties   Methods   Events   Config Settings   Errors  

The PDFVerify component verifies PDF signatures.

Syntax

TispPDFVerify

Remarks

The PDFVerify component verifies electronic signatures over PDF documents. Basic Adobe and PAdES signatures are supported.

PDFVerify validates each signature from two perspectives: the integrity and validity of the signature itself (i.e., its correspondence to the document data it covers), and the validity and trustworthiness of the signing certificate chain. These two signature aspects are generally independent of each other - the signature may be valid but the chain may not be trusted, or the chain may be trusted but the integrity of the signature may be violated. Under normal circumstances, both the signature and the chain must be valid for the signature to be considered good.

Preparing the Validation

To initiate the validation, first provide the signed PDF document as a file (InputFile), byte array (InputData), or stream (SetInputStream). Then adjust any chain validation parameters as necessary (please see the Chain Validation Setup section for more details) and call the Verify method.

For every signature in the document, PDFVerify will fire the SignatureInfo event, allowing you to specify whether you want the component to validate the signature, the chain, or both.

Once SignatureInfo returns, PDFVerify proceeds to the signature validation routine in accordance with the provided settings.

Validation Results

Upon completion of the validation, the SignatureProcessed event is fired, and the validation results are published here as well as in the following properties of the associated PDFSignature object:

• contains the outcome of the signature validation: valid, corrupted, the signing certificate was missing, or failed.
• contains the primary result of the chain validation routine: valid, valid but untrusted, invalid, or undefined.
• provides the details of the factors that contributed to the chain validation result, such as an outdated certificate, a missing CRL, or a missing CA certificate.

Other information about the signature can be accessed via the Signatures property.

Checking Signature Coverage

The PDF format uses incremental updates to introduce changes to the document. This implies that a signature may not cover the whole document, but rather a certain revision of it. Strictly speaking, every signature in a PDF document, apart from potentially the last one, covers just some part of the document. In most cases, that part matches the revision of the document that existed before all the subsequent signatures were added.

Because of these specifics of the PDF format, it is crucially important to understand which part of the document is covered by a specific signature. Use the property of the associated PDFSignature object to establish the scope of a signature. The revision of the document covered by that specific signature ranges from byte 0 to . Alternatively, you can use the GetSignedVersion method to extract the signed revision to a file.

Chain Validation Setup

Chain validation is a sophisticated, multi-faceted procedure that involves a lot of variables. Depending on the configuration of your operating environment, the specifics of the PKI framework being used, and the validation policy you need to follow, you may want to adjust your chain validation parameters to best fit your requirements. A summary of these parameters is given below.

Note that these parameters apply to the Sign and Update methods in PDFSign as well as the Verify method in PDFVerify, as all three methods execute the chain validation procedure (if it is enabled).

Validation Policy

The ValidationPolicy property dictates how thoroughly the chain will be validated. It includes options to control which checks the component will perform, allowing you to tailor the validation process to meet your specific security needs. For example, if it is not essential to check each certificate's revocation status, set this property to vpFullNoRevocation.

Revocation

The revocation aspect of chain validation is controlled by the RevocationCheck property, which allows you to choose between and prioritize revocation origins. Note that OCSP sources are often preferred to CRL endpoints because of their real-time capability and the smaller size of the responses they produce.

Trust

The trust aspect of chain validation is controlled by the TrustSources property, which allows you to specify the locations in which the component will search for trust anchors. Local system stores, your own trusted root certificates (via the TrustedCerts property), and Trusted Lists (via the TrustedLists property) are all supported.

Offline Mode

The OfflineMode property provides the ability to sign or verify the document without contacting online sources. If this property is enabled, the component will only use KnownCerts, TrustedCerts, data structures within the document itself, and revocation and Trusted List data that it previously saved to its internal cache when looking for missing validation material.

Property List

---

The following is the full list of the properties of the component with short descriptions. Click on the links for further details.

Method List

---

The following is the full list of the methods of the component with short descriptions. Click on the links for further details.

Event List

---

The following is the full list of the events fired by the component with short descriptions. Click on the links for further details.

Config Settings

---

The following is a list of config settings for the component with short descriptions. Click on the links for further details.

AttachmentCount Property (PDFVerify Component)

The number of records in the Attachment arrays.

Syntax

__property int AttachmentCount = { read=FAttachmentCount, write=FSetAttachmentCount };

Default Value

0

Remarks

This property controls the size of the following arrays:

• AttachmentContentType
• AttachmentCreationDate
• AttachmentData
• AttachmentDescription
• AttachmentFileName
• AttachmentModificationDate
• AttachmentName
• AttachmentSize

The array indices start at 0 and end at AttachmentCount - 1.

This property is not available at design time.

Data Type

Integer

AttachmentContentType Property (PDFVerify Component)

The content type of the attachment.

Syntax

__property String AttachmentContentType[int AttachmentIndex] = { read=FAttachmentContentType, write=FSetAttachmentContentType };

Default Value

""

Remarks

The content type of the attachment.

The AttachmentIndex parameter specifies the index of the item in the array. The size of the array is controlled by the AttachmentCount property.

This property is not available at design time.

Data Type

String

AttachmentCreationDate Property (PDFVerify Component)

The creation date of the attachment.

Syntax

__property String AttachmentCreationDate[int AttachmentIndex] = { read=FAttachmentCreationDate, write=FSetAttachmentCreationDate };

Default Value

""

Remarks

The creation date of the attachment.

The AttachmentIndex parameter specifies the index of the item in the array. The size of the array is controlled by the AttachmentCount property.

This property is not available at design time.

Data Type

String

AttachmentData Property (PDFVerify Component)

The raw data of the attachment.

Syntax

__property String AttachmentData[int AttachmentIndex] = { read=FAttachmentData, write=FSetAttachmentData };
__property DynamicArray<Byte> AttachmentDataB[int AttachmentIndex] = { read=FAttachmentDataB, write=FSetAttachmentDataB };

Default Value

""

Remarks

The raw data of the attachment.

If AttachmentOutputStream is not set to a valid stream, the component will write to this property when an empty string is passed to the SaveAttachment method.

The AttachmentIndex parameter specifies the index of the item in the array. The size of the array is controlled by the AttachmentCount property.

This property is not available at design time.

Data Type

Byte Array

AttachmentDescription Property (PDFVerify Component)

A textual description of the attachment.

Syntax

__property String AttachmentDescription[int AttachmentIndex] = { read=FAttachmentDescription, write=FSetAttachmentDescription };

Default Value

""

Remarks

A textual description of the attachment.

The AttachmentIndex parameter specifies the index of the item in the array. The size of the array is controlled by the AttachmentCount property.

This property is not available at design time.

Data Type

String

AttachmentFileName Property (PDFVerify Component)

The path and filename of the attachment.

Syntax

__property String AttachmentFileName[int AttachmentIndex] = { read=FAttachmentFileName, write=FSetAttachmentFileName };

Default Value

""

Remarks

The path and filename of the attachment.

The AttachmentIndex parameter specifies the index of the item in the array. The size of the array is controlled by the AttachmentCount property.

This property is not available at design time.

Data Type

String

AttachmentModificationDate Property (PDFVerify Component)

The date and time of the file's last modification.

Syntax

__property String AttachmentModificationDate[int AttachmentIndex] = { read=FAttachmentModificationDate, write=FSetAttachmentModificationDate };

Default Value

""

Remarks

The date and time of the file's last modification.

The AttachmentIndex parameter specifies the index of the item in the array. The size of the array is controlled by the AttachmentCount property.

This property is not available at design time.

Data Type

String

AttachmentName Property (PDFVerify Component)

The name of the attachment.

Syntax

__property String AttachmentName[int AttachmentIndex] = { read=FAttachmentName, write=FSetAttachmentName };

Default Value

""

Remarks

The name of the attachment.

The AttachmentIndex parameter specifies the index of the item in the array. The size of the array is controlled by the AttachmentCount property.

This property is not available at design time.

Data Type

String

AttachmentSize Property (PDFVerify Component)

The attachment's size in bytes.

Syntax

__property __int64 AttachmentSize[int AttachmentIndex] = { read=FAttachmentSize };

Default Value

0

Remarks

The attachment's size in bytes.

The AttachmentIndex parameter specifies the index of the item in the array. The size of the array is controlled by the AttachmentCount property.

This property is read-only and not available at design time.

Data Type

Long64

BlockedCertCount Property (PDFVerify Component)

The number of records in the BlockedCert arrays.

Syntax

__property int BlockedCertCount = { read=FBlockedCertCount, write=FSetBlockedCertCount };

Default Value

0

Remarks

This property controls the size of the following arrays:

• BlockedCertEffectiveDate
• BlockedCertEncoded
• BlockedCertExpirationDate
• BlockedCertExtendedKeyUsage
• BlockedCertFingerprint
• BlockedCertFingerprintSHA1
• BlockedCertFingerprintSHA256
• BlockedCertIssuer
• BlockedCertPrivateKey
• BlockedCertPrivateKeyAvailable
• BlockedCertPrivateKeyContainer
• BlockedCertPublicKey
• BlockedCertPublicKeyAlgorithm
• BlockedCertPublicKeyLength
• BlockedCertSerialNumber
• BlockedCertSignatureAlgorithm
• BlockedCertStore
• BlockedCertStorePassword
• BlockedCertStoreType
• BlockedCertSubject
• BlockedCertSubjectAltNames
• BlockedCertThumbprintMD5
• BlockedCertThumbprintSHA1
• BlockedCertThumbprintSHA256
• BlockedCertUsage
• BlockedCertUsageFlags
• BlockedCertVersion

The array indices start at 0 and end at BlockedCertCount - 1.

This property is not available at design time.

Data Type

Integer

BlockedCertEffectiveDate Property (PDFVerify Component)

The date on which this certificate becomes valid.

Syntax

__property String BlockedCertEffectiveDate[int BlockedCertIndex] = { read=FBlockedCertEffectiveDate };

Default Value

""

Remarks

The date on which this certificate becomes valid. Before this date, it is not valid. The date is localized to the system's time zone. The following example illustrates the format of an encoded date:

23-Jan-2000 15:00:00.

The BlockedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the BlockedCertCount property.

This property is read-only and not available at design time.

Data Type

String

BlockedCertExpirationDate Property (PDFVerify Component)

The date on which the certificate expires.

Syntax

__property String BlockedCertExpirationDate[int BlockedCertIndex] = { read=FBlockedCertExpirationDate };

Default Value

""

Remarks

The date on which the certificate expires. After this date, the certificate will no longer be valid. The date is localized to the system's time zone. The following example illustrates the format of an encoded date:

23-Jan-2001 15:00:00.

The BlockedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the BlockedCertCount property.

This property is read-only and not available at design time.

Data Type

String

BlockedCertExtendedKeyUsage Property (PDFVerify Component)

A comma-delimited list of extended key usage identifiers.

Syntax

__property String BlockedCertExtendedKeyUsage[int BlockedCertIndex] = { read=FBlockedCertExtendedKeyUsage };

Default Value

""

Remarks

A comma-delimited list of extended key usage identifiers. These are the same as ASN.1 object identifiers (OIDs).

The BlockedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the BlockedCertCount property.

This property is read-only and not available at design time.

Data Type

String

BlockedCertFingerprint Property (PDFVerify Component)

The hex-encoded, 16-byte MD5 fingerprint of the certificate.

Syntax

__property String BlockedCertFingerprint[int BlockedCertIndex] = { read=FBlockedCertFingerprint };

Default Value

""

Remarks

The hex-encoded, 16-byte MD5 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.

The following example illustrates the format: bc:2a:72:af:fe:58:17:43:7a:5f:ba:5a:7c:90:f7:02

The BlockedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the BlockedCertCount property.

This property is read-only and not available at design time.

Data Type

String

BlockedCertFingerprintSHA1 Property (PDFVerify Component)

The hex-encoded, 20-byte SHA-1 fingerprint of the certificate.

Syntax

__property String BlockedCertFingerprintSHA1[int BlockedCertIndex] = { read=FBlockedCertFingerprintSHA1 };

Default Value

""

Remarks

The hex-encoded, 20-byte SHA-1 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.

The following example illustrates the format: 30:7b:fa:38:65:83:ff:da:b4:4e:07:3f:17:b8:a4:ed:80:be:ff:84

The BlockedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the BlockedCertCount property.

This property is read-only and not available at design time.

Data Type

String

BlockedCertFingerprintSHA256 Property (PDFVerify Component)

The hex-encoded, 32-byte SHA-256 fingerprint of the certificate.

Syntax

__property String BlockedCertFingerprintSHA256[int BlockedCertIndex] = { read=FBlockedCertFingerprintSHA256 };

Default Value

""

Remarks

The hex-encoded, 32-byte SHA-256 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.

The following example illustrates the format: 6a:80:5c:33:a9:43:ea:b0:96:12:8a:64:96:30:ef:4a:8a:96:86:ce:f4:c7:be:10:24:8e:2b:60:9e:f3:59:53

The BlockedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the BlockedCertCount property.

This property is read-only and not available at design time.

Data Type

String

BlockedCertIssuer Property (PDFVerify Component)

The issuer of the certificate.

Syntax

__property String BlockedCertIssuer[int BlockedCertIndex] = { read=FBlockedCertIssuer };

Default Value

""

Remarks

The issuer of the certificate. This property contains a string representation of the name of the issuing authority for the certificate.

The BlockedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the BlockedCertCount property.

This property is read-only and not available at design time.

Data Type

String

BlockedCertPrivateKey Property (PDFVerify Component)

The private key of the certificate (if available).

Syntax

__property String BlockedCertPrivateKey[int BlockedCertIndex] = { read=FBlockedCertPrivateKey };

Default Value

""

Remarks

The private key of the certificate (if available). The key is provided as PEM/Base64-encoded data.

Note: The BlockedCertPrivateKey may be available but not exportable. In this case, BlockedCertPrivateKey returns an empty string.

The BlockedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the BlockedCertCount property.

This property is read-only and not available at design time.

Data Type

String

BlockedCertPrivateKeyAvailable Property (PDFVerify Component)

Whether a PrivateKey is available for the selected certificate.

Syntax

__property bool BlockedCertPrivateKeyAvailable[int BlockedCertIndex] = { read=FBlockedCertPrivateKeyAvailable };

Default Value

false

Remarks

Whether a BlockedCertPrivateKey is available for the selected certificate. If BlockedCertPrivateKeyAvailable is True, the certificate may be used for authentication purposes (e.g., server authentication).

The BlockedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the BlockedCertCount property.

This property is read-only and not available at design time.

Data Type

Boolean

BlockedCertPrivateKeyContainer Property (PDFVerify Component)

The name of the PrivateKey container for the certificate (if available).

Syntax

__property String BlockedCertPrivateKeyContainer[int BlockedCertIndex] = { read=FBlockedCertPrivateKeyContainer };

Default Value

""

Remarks

The name of the BlockedCertPrivateKey container for the certificate (if available). This functionality is available only on Windows platforms.

The BlockedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the BlockedCertCount property.

This property is read-only and not available at design time.

Data Type

String

BlockedCertPublicKey Property (PDFVerify Component)

The public key of the certificate.

Syntax

__property String BlockedCertPublicKey[int BlockedCertIndex] = { read=FBlockedCertPublicKey };

Default Value

""

Remarks

The public key of the certificate. The key is provided as PEM/Base64-encoded data.

The BlockedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the BlockedCertCount property.

This property is read-only and not available at design time.

Data Type

String

BlockedCertPublicKeyAlgorithm Property (PDFVerify Component)

The textual description of the certificate's public key algorithm.

Syntax

__property String BlockedCertPublicKeyAlgorithm[int BlockedCertIndex] = { read=FBlockedCertPublicKeyAlgorithm };

Default Value

""

Remarks

The textual description of the certificate's public key algorithm. The property contains either the name of the algorithm (e.g., "RSA" or "RSA_DH") or an object identifier (OID) string representing the algorithm.

The BlockedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the BlockedCertCount property.

This property is read-only and not available at design time.

Data Type

String

BlockedCertPublicKeyLength Property (PDFVerify Component)

The length of the certificate's public key (in bits).

Syntax

__property int BlockedCertPublicKeyLength[int BlockedCertIndex] = { read=FBlockedCertPublicKeyLength };

Default Value

0

Remarks

The length of the certificate's public key (in bits). Common values are 512, 1024, and 2048.

The BlockedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the BlockedCertCount property.

This property is read-only and not available at design time.

Data Type

Integer

BlockedCertSerialNumber Property (PDFVerify Component)

The serial number of the certificate encoded as a string.

Syntax

__property String BlockedCertSerialNumber[int BlockedCertIndex] = { read=FBlockedCertSerialNumber };

Default Value

""

Remarks

The serial number of the certificate encoded as a string. The number is encoded as a series of hexadecimal digits, with each pair representing a byte of the serial number.

The BlockedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the BlockedCertCount property.

This property is read-only and not available at design time.

Data Type

String

BlockedCertSignatureAlgorithm Property (PDFVerify Component)

The text description of the certificate's signature algorithm.

Syntax

__property String BlockedCertSignatureAlgorithm[int BlockedCertIndex] = { read=FBlockedCertSignatureAlgorithm };

Default Value

""

Remarks

The text description of the certificate's signature algorithm. The property contains either the name of the algorithm (e.g., "RSA" or "RSA_MD5RSA") or an object identifier (OID) string representing the algorithm.

The BlockedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the BlockedCertCount property.

This property is read-only and not available at design time.

Data Type

String

BlockedCertStore Property (PDFVerify Component)

The name of the certificate store for the client certificate.

Syntax

__property String BlockedCertStore[int BlockedCertIndex] = { read=FBlockedCertStore, write=FSetBlockedCertStore };
__property DynamicArray<Byte> BlockedCertStoreB[int BlockedCertIndex] = { read=FBlockedCertStoreB, write=FSetBlockedCertStoreB };

Default Value

"MY"

Remarks

The name of the certificate store for the client certificate.

The BlockedCertStoreType property denotes the type of the certificate store specified by BlockedCertStore. If the store is password-protected, specify the password in BlockedCertStorePassword.

BlockedCertStore is used in conjunction with the BlockedCertSubject property to specify client certificates. If BlockedCertStore has a value, and BlockedCertSubject or BlockedCertEncoded is set, a search for a certificate is initiated. Please see the BlockedCertSubject property for details.

Designations of certificate stores are platform dependent.

The following designations are the most common User and Machine certificate stores in Windows:

When the certificate store type is cstPFXFile, this property must be set to the name of the file. When the type is cstPFXBlob, the property must be set to the binary contents of a PFX file (i.e., PKCS#12 certificate store).

The BlockedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the BlockedCertCount property.

This property is not available at design time.

Data Type

Byte Array

BlockedCertStorePassword Property (PDFVerify Component)

If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.

Syntax

__property String BlockedCertStorePassword[int BlockedCertIndex] = { read=FBlockedCertStorePassword, write=FSetBlockedCertStorePassword };

Default Value

""

Remarks

If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.

The BlockedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the BlockedCertCount property.

This property is not available at design time.

Data Type

String

BlockedCertStoreType Property (PDFVerify Component)

The type of certificate store for this certificate.

Syntax

__property TispPDFVerifyBlockedCertStoreTypes BlockedCertStoreType[int BlockedCertIndex] = { read=FBlockedCertStoreType, write=FSetBlockedCertStoreType };

enum TispPDFVerifyBlockedCertStoreTypes {
  cstUser=0,
  cstMachine=1,
  cstPFXFile=2,
  cstPFXBlob=3,
  cstJKSFile=4,
  cstJKSBlob=5,
  cstPEMKeyFile=6,
  cstPEMKeyBlob=7,
  cstPublicKeyFile=8,
  cstPublicKeyBlob=9,
  cstSSHPublicKeyBlob=10,
  cstP7BFile=11,
  cstP7BBlob=12,
  cstSSHPublicKeyFile=13,
  cstPPKFile=14,
  cstPPKBlob=15,
  cstXMLFile=16,
  cstXMLBlob=17,
  cstJWKFile=18,
  cstJWKBlob=19,
  cstSecurityKey=20,
  cstBCFKSFile=21,
  cstBCFKSBlob=22,
  cstPKCS11=23,
  cstAuto=99
};

Default Value

cstUser

Remarks

The type of certificate store for this certificate.

The component supports both public and private keys in a variety of formats. When the cstAuto value is used, the component will automatically determine the type. This property can take one of the following values:

The BlockedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the BlockedCertCount property.

This property is not available at design time.

Data Type

Integer

BlockedCertSubjectAltNames Property (PDFVerify Component)

Comma-separated lists of alternative subject names for the certificate.

Syntax

__property String BlockedCertSubjectAltNames[int BlockedCertIndex] = { read=FBlockedCertSubjectAltNames };

Default Value

""

Remarks

Comma-separated lists of alternative subject names for the certificate.

The BlockedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the BlockedCertCount property.

This property is read-only and not available at design time.

Data Type

String

BlockedCertThumbprintMD5 Property (PDFVerify Component)

The MD5 hash of the certificate.

Syntax

__property String BlockedCertThumbprintMD5[int BlockedCertIndex] = { read=FBlockedCertThumbprintMD5 };

Default Value

""

Remarks

The MD5 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.

The BlockedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the BlockedCertCount property.

This property is read-only and not available at design time.

Data Type

String

BlockedCertThumbprintSHA1 Property (PDFVerify Component)

The SHA-1 hash of the certificate.

Syntax

__property String BlockedCertThumbprintSHA1[int BlockedCertIndex] = { read=FBlockedCertThumbprintSHA1 };

Default Value

""

Remarks

The SHA-1 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.

The BlockedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the BlockedCertCount property.

This property is read-only and not available at design time.

Data Type

String

BlockedCertThumbprintSHA256 Property (PDFVerify Component)

The SHA-256 hash of the certificate.

Syntax

__property String BlockedCertThumbprintSHA256[int BlockedCertIndex] = { read=FBlockedCertThumbprintSHA256 };

Default Value

""

Remarks

The SHA-256 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.

The BlockedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the BlockedCertCount property.

This property is read-only and not available at design time.

Data Type

String

BlockedCertUsage Property (PDFVerify Component)

The text description of UsageFlags .

Syntax

__property String BlockedCertUsage[int BlockedCertIndex] = { read=FBlockedCertUsage };

Default Value

""

Remarks

The text description of BlockedCertUsageFlags.

This value will be one or more of the following strings and will be separated by commas:

• Digital Signature
• Non-Repudiation
• Key Encipherment
• Data Encipherment
• Key Agreement
• Certificate Signing
• CRL Signing
• Encipher Only

If the provider is OpenSSL, the value is a comma-separated list of X.509 certificate extension names.

The BlockedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the BlockedCertCount property.

This property is read-only and not available at design time.

Data Type

String

BlockedCertUsageFlags Property (PDFVerify Component)

The flags that show intended use for the certificate.

Syntax

__property int BlockedCertUsageFlags[int BlockedCertIndex] = { read=FBlockedCertUsageFlags };

Default Value

0

Remarks

The flags that show intended use for the certificate. The value of BlockedCertUsageFlags is a combination of the following flags:

Please see the BlockedCertUsage property for a text representation of BlockedCertUsageFlags.

This functionality currently is not available when the provider is OpenSSL.

The BlockedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the BlockedCertCount property.

This property is read-only and not available at design time.

Data Type

Integer

BlockedCertVersion Property (PDFVerify Component)

The certificate's version number.

Syntax

__property String BlockedCertVersion[int BlockedCertIndex] = { read=FBlockedCertVersion };

Default Value

""

Remarks

The certificate's version number. The possible values are the strings "V1", "V2", and "V3".

The BlockedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the BlockedCertCount property.

This property is read-only and not available at design time.

Data Type

String

BlockedCertSubject Property (PDFVerify Component)

The subject of the certificate used for client authentication.

Syntax

__property String BlockedCertSubject[int BlockedCertIndex] = { read=FBlockedCertSubject, write=FSetBlockedCertSubject };

Default Value

""

Remarks

The subject of the certificate used for client authentication.

This property must be set after all other certificate properties are set. When this property is set, a search is performed in the current certificate store to locate a certificate with a matching subject.

If a matching certificate is found, the property is set to the full subject of the matching certificate.

If an exact match is not found, the store is searched for subjects containing the value of the property.

If a match is still not found, the property is set to an empty string, and no certificate is selected.

The special value "*" picks a random certificate in the certificate store.

The certificate subject is a comma-separated list of distinguished name fields and values. For instance, "CN=www.server.com, OU=test, C=US, E=support@nsoftware.com". Common fields and their meanings are as follows:

If a field value contains a comma, it must be quoted.

The BlockedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the BlockedCertCount property.

This property is not available at design time.

Data Type

String

BlockedCertEncoded Property (PDFVerify Component)

The certificate (PEM/Base64 encoded).

Syntax

__property String BlockedCertEncoded[int BlockedCertIndex] = { read=FBlockedCertEncoded, write=FSetBlockedCertEncoded };
__property DynamicArray<Byte> BlockedCertEncodedB[int BlockedCertIndex] = { read=FBlockedCertEncodedB, write=FSetBlockedCertEncodedB };

Default Value

""

Remarks

The certificate (PEM/Base64 encoded). This property is used to assign a specific certificate. The BlockedCertStore and BlockedCertSubject properties also may be used to specify a certificate.

When BlockedCertEncoded is set, a search is initiated in the current BlockedCertStore for the private key of the certificate. If the key is found, BlockedCertSubject is updated to reflect the full subject of the selected certificate; otherwise, BlockedCertSubject is set to an empty string.

The BlockedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the BlockedCertCount property.

This property is not available at design time.

Data Type

Byte Array

DecryptionCertEffectiveDate Property (PDFVerify Component)

The date on which this certificate becomes valid.

Syntax

__property String DecryptionCertEffectiveDate = { read=FDecryptionCertEffectiveDate };

Default Value

""

Remarks

The date on which this certificate becomes valid. Before this date, it is not valid. The date is localized to the system's time zone. The following example illustrates the format of an encoded date:

23-Jan-2000 15:00:00.

This property is read-only and not available at design time.

Data Type

String

DecryptionCertExpirationDate Property (PDFVerify Component)

The date on which the certificate expires.

Syntax

__property String DecryptionCertExpirationDate = { read=FDecryptionCertExpirationDate };

Default Value

""

Remarks

The date on which the certificate expires. After this date, the certificate will no longer be valid. The date is localized to the system's time zone. The following example illustrates the format of an encoded date:

23-Jan-2001 15:00:00.

This property is read-only and not available at design time.

Data Type

String

DecryptionCertExtendedKeyUsage Property (PDFVerify Component)

A comma-delimited list of extended key usage identifiers.

Syntax

__property String DecryptionCertExtendedKeyUsage = { read=FDecryptionCertExtendedKeyUsage };

Default Value

""

Remarks

A comma-delimited list of extended key usage identifiers. These are the same as ASN.1 object identifiers (OIDs).

This property is read-only and not available at design time.

Data Type

String

DecryptionCertFingerprint Property (PDFVerify Component)

The hex-encoded, 16-byte MD5 fingerprint of the certificate.

Syntax

__property String DecryptionCertFingerprint = { read=FDecryptionCertFingerprint };

Default Value

""

Remarks

The hex-encoded, 16-byte MD5 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.

The following example illustrates the format: bc:2a:72:af:fe:58:17:43:7a:5f:ba:5a:7c:90:f7:02

This property is read-only and not available at design time.

Data Type

String

DecryptionCertFingerprintSHA1 Property (PDFVerify Component)

The hex-encoded, 20-byte SHA-1 fingerprint of the certificate.

Syntax

__property String DecryptionCertFingerprintSHA1 = { read=FDecryptionCertFingerprintSHA1 };

Default Value

""

Remarks

The hex-encoded, 20-byte SHA-1 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.

The following example illustrates the format: 30:7b:fa:38:65:83:ff:da:b4:4e:07:3f:17:b8:a4:ed:80:be:ff:84

This property is read-only and not available at design time.

Data Type

String

DecryptionCertFingerprintSHA256 Property (PDFVerify Component)

The hex-encoded, 32-byte SHA-256 fingerprint of the certificate.

Syntax

__property String DecryptionCertFingerprintSHA256 = { read=FDecryptionCertFingerprintSHA256 };

Default Value

""

Remarks

The hex-encoded, 32-byte SHA-256 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.

The following example illustrates the format: 6a:80:5c:33:a9:43:ea:b0:96:12:8a:64:96:30:ef:4a:8a:96:86:ce:f4:c7:be:10:24:8e:2b:60:9e:f3:59:53

This property is read-only and not available at design time.

Data Type

String

DecryptionCertIssuer Property (PDFVerify Component)

The issuer of the certificate.

Syntax

__property String DecryptionCertIssuer = { read=FDecryptionCertIssuer };

Default Value

""

Remarks

The issuer of the certificate. This property contains a string representation of the name of the issuing authority for the certificate.

This property is read-only and not available at design time.

Data Type

String

DecryptionCertPrivateKey Property (PDFVerify Component)

The private key of the certificate (if available).

Syntax

__property String DecryptionCertPrivateKey = { read=FDecryptionCertPrivateKey };

Default Value

""

Remarks

The private key of the certificate (if available). The key is provided as PEM/Base64-encoded data.

Note: The DecryptionCertPrivateKey may be available but not exportable. In this case, DecryptionCertPrivateKey returns an empty string.

This property is read-only and not available at design time.

Data Type

String

DecryptionCertPrivateKeyAvailable Property (PDFVerify Component)

Whether a PrivateKey is available for the selected certificate.

Syntax

__property bool DecryptionCertPrivateKeyAvailable = { read=FDecryptionCertPrivateKeyAvailable };

Default Value

false

Remarks

Whether a DecryptionCertPrivateKey is available for the selected certificate. If DecryptionCertPrivateKeyAvailable is True, the certificate may be used for authentication purposes (e.g., server authentication).

This property is read-only and not available at design time.

Data Type

Boolean

DecryptionCertPrivateKeyContainer Property (PDFVerify Component)

The name of the PrivateKey container for the certificate (if available).

Syntax

__property String DecryptionCertPrivateKeyContainer = { read=FDecryptionCertPrivateKeyContainer };

Default Value

""

Remarks

The name of the DecryptionCertPrivateKey container for the certificate (if available). This functionality is available only on Windows platforms.

This property is read-only and not available at design time.

Data Type

String

DecryptionCertPublicKey Property (PDFVerify Component)

The public key of the certificate.

Syntax

__property String DecryptionCertPublicKey = { read=FDecryptionCertPublicKey };

Default Value

""

Remarks

The public key of the certificate. The key is provided as PEM/Base64-encoded data.

This property is read-only and not available at design time.

Data Type

String

DecryptionCertPublicKeyAlgorithm Property (PDFVerify Component)

The textual description of the certificate's public key algorithm.

Syntax

__property String DecryptionCertPublicKeyAlgorithm = { read=FDecryptionCertPublicKeyAlgorithm };

Default Value

""

Remarks

The textual description of the certificate's public key algorithm. The property contains either the name of the algorithm (e.g., "RSA" or "RSA_DH") or an object identifier (OID) string representing the algorithm.

This property is read-only and not available at design time.

Data Type

String

DecryptionCertPublicKeyLength Property (PDFVerify Component)

The length of the certificate's public key (in bits).

Syntax

__property int DecryptionCertPublicKeyLength = { read=FDecryptionCertPublicKeyLength };

Default Value

0

Remarks

The length of the certificate's public key (in bits). Common values are 512, 1024, and 2048.

This property is read-only and not available at design time.

Data Type

Integer

DecryptionCertSerialNumber Property (PDFVerify Component)

The serial number of the certificate encoded as a string.

Syntax

__property String DecryptionCertSerialNumber = { read=FDecryptionCertSerialNumber };

Default Value

""

Remarks

The serial number of the certificate encoded as a string. The number is encoded as a series of hexadecimal digits, with each pair representing a byte of the serial number.

This property is read-only and not available at design time.

Data Type

String

DecryptionCertSignatureAlgorithm Property (PDFVerify Component)

The text description of the certificate's signature algorithm.

Syntax

__property String DecryptionCertSignatureAlgorithm = { read=FDecryptionCertSignatureAlgorithm };

Default Value

""

Remarks

The text description of the certificate's signature algorithm. The property contains either the name of the algorithm (e.g., "RSA" or "RSA_MD5RSA") or an object identifier (OID) string representing the algorithm.

This property is read-only and not available at design time.

Data Type

String

DecryptionCertStore Property (PDFVerify Component)

The name of the certificate store for the client certificate.

Syntax

__property String DecryptionCertStore = { read=FDecryptionCertStore, write=FSetDecryptionCertStore };
__property DynamicArray<Byte> DecryptionCertStoreB = { read=FDecryptionCertStoreB, write=FSetDecryptionCertStoreB };

Default Value

"MY"

Remarks

The name of the certificate store for the client certificate.

The DecryptionCertStoreType property denotes the type of the certificate store specified by DecryptionCertStore. If the store is password-protected, specify the password in DecryptionCertStorePassword.

DecryptionCertStore is used in conjunction with the DecryptionCertSubject property to specify client certificates. If DecryptionCertStore has a value, and DecryptionCertSubject or DecryptionCertEncoded is set, a search for a certificate is initiated. Please see the DecryptionCertSubject property for details.

Designations of certificate stores are platform dependent.

The following designations are the most common User and Machine certificate stores in Windows:

When the certificate store type is cstPFXFile, this property must be set to the name of the file. When the type is cstPFXBlob, the property must be set to the binary contents of a PFX file (i.e., PKCS#12 certificate store).

This property is not available at design time.

Data Type

Byte Array

DecryptionCertStorePassword Property (PDFVerify Component)

If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.

Syntax

__property String DecryptionCertStorePassword = { read=FDecryptionCertStorePassword, write=FSetDecryptionCertStorePassword };

Default Value

""

Remarks

If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.

This property is not available at design time.

Data Type

String

DecryptionCertStoreType Property (PDFVerify Component)

The type of certificate store for this certificate.

Syntax

__property TispPDFVerifyDecryptionCertStoreTypes DecryptionCertStoreType = { read=FDecryptionCertStoreType, write=FSetDecryptionCertStoreType };

enum TispPDFVerifyDecryptionCertStoreTypes {
  cstUser=0,
  cstMachine=1,
  cstPFXFile=2,
  cstPFXBlob=3,
  cstJKSFile=4,
  cstJKSBlob=5,
  cstPEMKeyFile=6,
  cstPEMKeyBlob=7,
  cstPublicKeyFile=8,
  cstPublicKeyBlob=9,
  cstSSHPublicKeyBlob=10,
  cstP7BFile=11,
  cstP7BBlob=12,
  cstSSHPublicKeyFile=13,
  cstPPKFile=14,
  cstPPKBlob=15,
  cstXMLFile=16,
  cstXMLBlob=17,
  cstJWKFile=18,
  cstJWKBlob=19,
  cstSecurityKey=20,
  cstBCFKSFile=21,
  cstBCFKSBlob=22,
  cstPKCS11=23,
  cstAuto=99
};

Default Value

cstUser

Remarks

The type of certificate store for this certificate.

The component supports both public and private keys in a variety of formats. When the cstAuto value is used, the component will automatically determine the type. This property can take one of the following values:

This property is not available at design time.

Data Type

Integer

DecryptionCertSubjectAltNames Property (PDFVerify Component)

Comma-separated lists of alternative subject names for the certificate.

Syntax

__property String DecryptionCertSubjectAltNames = { read=FDecryptionCertSubjectAltNames };

Default Value

""

Remarks

Comma-separated lists of alternative subject names for the certificate.

This property is read-only and not available at design time.

Data Type

String

DecryptionCertThumbprintMD5 Property (PDFVerify Component)

The MD5 hash of the certificate.

Syntax

__property String DecryptionCertThumbprintMD5 = { read=FDecryptionCertThumbprintMD5 };

Default Value

""

Remarks

The MD5 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.

This property is read-only and not available at design time.

Data Type

String

DecryptionCertThumbprintSHA1 Property (PDFVerify Component)

The SHA-1 hash of the certificate.

Syntax

__property String DecryptionCertThumbprintSHA1 = { read=FDecryptionCertThumbprintSHA1 };

Default Value

""

Remarks

The SHA-1 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.

This property is read-only and not available at design time.

Data Type

String

DecryptionCertThumbprintSHA256 Property (PDFVerify Component)

The SHA-256 hash of the certificate.

Syntax

__property String DecryptionCertThumbprintSHA256 = { read=FDecryptionCertThumbprintSHA256 };

Default Value

""

Remarks

The SHA-256 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.

This property is read-only and not available at design time.

Data Type

String

DecryptionCertUsage Property (PDFVerify Component)

The text description of UsageFlags .

Syntax

__property String DecryptionCertUsage = { read=FDecryptionCertUsage };

Default Value

""

Remarks

The text description of DecryptionCertUsageFlags.

This value will be one or more of the following strings and will be separated by commas:

• Digital Signature
• Non-Repudiation
• Key Encipherment
• Data Encipherment
• Key Agreement
• Certificate Signing
• CRL Signing
• Encipher Only

If the provider is OpenSSL, the value is a comma-separated list of X.509 certificate extension names.

This property is read-only and not available at design time.

Data Type

String

DecryptionCertUsageFlags Property (PDFVerify Component)

The flags that show intended use for the certificate.

Syntax

__property int DecryptionCertUsageFlags = { read=FDecryptionCertUsageFlags };

Default Value

0

Remarks

The flags that show intended use for the certificate. The value of DecryptionCertUsageFlags is a combination of the following flags:

Please see the DecryptionCertUsage property for a text representation of DecryptionCertUsageFlags.

This functionality currently is not available when the provider is OpenSSL.

This property is read-only and not available at design time.

Data Type

Integer

DecryptionCertVersion Property (PDFVerify Component)

The certificate's version number.

Syntax

__property String DecryptionCertVersion = { read=FDecryptionCertVersion };

Default Value

""

Remarks

The certificate's version number. The possible values are the strings "V1", "V2", and "V3".

This property is read-only and not available at design time.

Data Type

String

DecryptionCertSubject Property (PDFVerify Component)

The subject of the certificate used for client authentication.

Syntax

__property String DecryptionCertSubject = { read=FDecryptionCertSubject, write=FSetDecryptionCertSubject };

Default Value

""

Remarks

The subject of the certificate used for client authentication.

This property must be set after all other certificate properties are set. When this property is set, a search is performed in the current certificate store to locate a certificate with a matching subject.

If a matching certificate is found, the property is set to the full subject of the matching certificate.

If an exact match is not found, the store is searched for subjects containing the value of the property.

If a match is still not found, the property is set to an empty string, and no certificate is selected.

The special value "*" picks a random certificate in the certificate store.

The certificate subject is a comma-separated list of distinguished name fields and values. For instance, "CN=www.server.com, OU=test, C=US, E=support@nsoftware.com". Common fields and their meanings are as follows:

If a field value contains a comma, it must be quoted.

This property is not available at design time.

Data Type

String

DecryptionCertEncoded Property (PDFVerify Component)

The certificate (PEM/Base64 encoded).

Syntax

__property String DecryptionCertEncoded = { read=FDecryptionCertEncoded, write=FSetDecryptionCertEncoded };
__property DynamicArray<Byte> DecryptionCertEncodedB = { read=FDecryptionCertEncodedB, write=FSetDecryptionCertEncodedB };

Default Value

""

Remarks

The certificate (PEM/Base64 encoded). This property is used to assign a specific certificate. The DecryptionCertStore and DecryptionCertSubject properties also may be used to specify a certificate.

When DecryptionCertEncoded is set, a search is initiated in the current DecryptionCertStore for the private key of the certificate. If the key is found, DecryptionCertSubject is updated to reflect the full subject of the selected certificate; otherwise, DecryptionCertSubject is set to an empty string.

This property is not available at design time.

Data Type

Byte Array

DocumentCertCount Property (PDFVerify Component)

The number of records in the DocumentCert arrays.

Syntax

__property int DocumentCertCount = { read=FDocumentCertCount };

Default Value

0

Remarks

This property controls the size of the following arrays:

• DocumentCertEffectiveDate
• DocumentCertEncoded
• DocumentCertExpirationDate
• DocumentCertExtendedKeyUsage
• DocumentCertFingerprint
• DocumentCertFingerprintSHA1
• DocumentCertFingerprintSHA256
• DocumentCertIssuer
• DocumentCertPrivateKey
• DocumentCertPrivateKeyAvailable
• DocumentCertPrivateKeyContainer
• DocumentCertPublicKey
• DocumentCertPublicKeyAlgorithm
• DocumentCertPublicKeyLength
• DocumentCertSerialNumber
• DocumentCertSignatureAlgorithm
• DocumentCertStore
• DocumentCertStorePassword
• DocumentCertStoreType
• DocumentCertSubject
• DocumentCertSubjectAltNames
• DocumentCertThumbprintMD5
• DocumentCertThumbprintSHA1
• DocumentCertThumbprintSHA256
• DocumentCertUsage
• DocumentCertUsageFlags
• DocumentCertVersion

The array indices start at 0 and end at DocumentCertCount - 1.

This property is read-only and not available at design time.

Data Type

Integer

DocumentCertEffectiveDate Property (PDFVerify Component)

The date on which this certificate becomes valid.

Syntax

__property String DocumentCertEffectiveDate[int DocumentCertIndex] = { read=FDocumentCertEffectiveDate };

Default Value

""

Remarks

The date on which this certificate becomes valid. Before this date, it is not valid. The date is localized to the system's time zone. The following example illustrates the format of an encoded date:

23-Jan-2000 15:00:00.

The DocumentCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the DocumentCertCount property.

This property is read-only and not available at design time.

Data Type

String

DocumentCertExpirationDate Property (PDFVerify Component)

The date on which the certificate expires.

Syntax

__property String DocumentCertExpirationDate[int DocumentCertIndex] = { read=FDocumentCertExpirationDate };

Default Value

""

Remarks

The date on which the certificate expires. After this date, the certificate will no longer be valid. The date is localized to the system's time zone. The following example illustrates the format of an encoded date:

23-Jan-2001 15:00:00.

The DocumentCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the DocumentCertCount property.

This property is read-only and not available at design time.

Data Type

String

DocumentCertExtendedKeyUsage Property (PDFVerify Component)

A comma-delimited list of extended key usage identifiers.

Syntax

__property String DocumentCertExtendedKeyUsage[int DocumentCertIndex] = { read=FDocumentCertExtendedKeyUsage };

Default Value

""

Remarks

A comma-delimited list of extended key usage identifiers. These are the same as ASN.1 object identifiers (OIDs).

The DocumentCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the DocumentCertCount property.

This property is read-only and not available at design time.

Data Type

String

DocumentCertFingerprint Property (PDFVerify Component)

The hex-encoded, 16-byte MD5 fingerprint of the certificate.

Syntax

__property String DocumentCertFingerprint[int DocumentCertIndex] = { read=FDocumentCertFingerprint };

Default Value

""

Remarks

The hex-encoded, 16-byte MD5 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.

The following example illustrates the format: bc:2a:72:af:fe:58:17:43:7a:5f:ba:5a:7c:90:f7:02

The DocumentCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the DocumentCertCount property.

This property is read-only and not available at design time.

Data Type

String

DocumentCertFingerprintSHA1 Property (PDFVerify Component)

The hex-encoded, 20-byte SHA-1 fingerprint of the certificate.

Syntax

__property String DocumentCertFingerprintSHA1[int DocumentCertIndex] = { read=FDocumentCertFingerprintSHA1 };

Default Value

""

Remarks

The hex-encoded, 20-byte SHA-1 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.

The following example illustrates the format: 30:7b:fa:38:65:83:ff:da:b4:4e:07:3f:17:b8:a4:ed:80:be:ff:84

The DocumentCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the DocumentCertCount property.

This property is read-only and not available at design time.

Data Type

String

DocumentCertFingerprintSHA256 Property (PDFVerify Component)

The hex-encoded, 32-byte SHA-256 fingerprint of the certificate.

Syntax

__property String DocumentCertFingerprintSHA256[int DocumentCertIndex] = { read=FDocumentCertFingerprintSHA256 };

Default Value

""

Remarks

The hex-encoded, 32-byte SHA-256 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.

The following example illustrates the format: 6a:80:5c:33:a9:43:ea:b0:96:12:8a:64:96:30:ef:4a:8a:96:86:ce:f4:c7:be:10:24:8e:2b:60:9e:f3:59:53

The DocumentCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the DocumentCertCount property.

This property is read-only and not available at design time.

Data Type

String

DocumentCertIssuer Property (PDFVerify Component)

The issuer of the certificate.

Syntax

__property String DocumentCertIssuer[int DocumentCertIndex] = { read=FDocumentCertIssuer };

Default Value

""

Remarks

The issuer of the certificate. This property contains a string representation of the name of the issuing authority for the certificate.

The DocumentCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the DocumentCertCount property.

This property is read-only and not available at design time.

Data Type

String

DocumentCertPrivateKey Property (PDFVerify Component)

The private key of the certificate (if available).

Syntax

__property String DocumentCertPrivateKey[int DocumentCertIndex] = { read=FDocumentCertPrivateKey };

Default Value

""

Remarks

The private key of the certificate (if available). The key is provided as PEM/Base64-encoded data.

Note: The DocumentCertPrivateKey may be available but not exportable. In this case, DocumentCertPrivateKey returns an empty string.

The DocumentCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the DocumentCertCount property.

This property is read-only and not available at design time.

Data Type

String

DocumentCertPrivateKeyAvailable Property (PDFVerify Component)

Whether a PrivateKey is available for the selected certificate.

Syntax

__property bool DocumentCertPrivateKeyAvailable[int DocumentCertIndex] = { read=FDocumentCertPrivateKeyAvailable };

Default Value

false

Remarks

Whether a DocumentCertPrivateKey is available for the selected certificate. If DocumentCertPrivateKeyAvailable is True, the certificate may be used for authentication purposes (e.g., server authentication).

The DocumentCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the DocumentCertCount property.

This property is read-only and not available at design time.

Data Type

Boolean

DocumentCertPrivateKeyContainer Property (PDFVerify Component)

The name of the PrivateKey container for the certificate (if available).

Syntax

__property String DocumentCertPrivateKeyContainer[int DocumentCertIndex] = { read=FDocumentCertPrivateKeyContainer };

Default Value

""

Remarks

The name of the DocumentCertPrivateKey container for the certificate (if available). This functionality is available only on Windows platforms.

The DocumentCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the DocumentCertCount property.

This property is read-only and not available at design time.

Data Type

String

DocumentCertPublicKey Property (PDFVerify Component)

The public key of the certificate.

Syntax

__property String DocumentCertPublicKey[int DocumentCertIndex] = { read=FDocumentCertPublicKey };

Default Value

""

Remarks

The public key of the certificate. The key is provided as PEM/Base64-encoded data.

The DocumentCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the DocumentCertCount property.

This property is read-only and not available at design time.

Data Type

String

DocumentCertPublicKeyAlgorithm Property (PDFVerify Component)

The textual description of the certificate's public key algorithm.

Syntax

__property String DocumentCertPublicKeyAlgorithm[int DocumentCertIndex] = { read=FDocumentCertPublicKeyAlgorithm };

Default Value

""

Remarks

The textual description of the certificate's public key algorithm. The property contains either the name of the algorithm (e.g., "RSA" or "RSA_DH") or an object identifier (OID) string representing the algorithm.

The DocumentCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the DocumentCertCount property.

This property is read-only and not available at design time.

Data Type

String

DocumentCertPublicKeyLength Property (PDFVerify Component)

The length of the certificate's public key (in bits).

Syntax

__property int DocumentCertPublicKeyLength[int DocumentCertIndex] = { read=FDocumentCertPublicKeyLength };

Default Value

0

Remarks

The length of the certificate's public key (in bits). Common values are 512, 1024, and 2048.

The DocumentCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the DocumentCertCount property.

This property is read-only and not available at design time.

Data Type

Integer

DocumentCertSerialNumber Property (PDFVerify Component)

The serial number of the certificate encoded as a string.

Syntax

__property String DocumentCertSerialNumber[int DocumentCertIndex] = { read=FDocumentCertSerialNumber };

Default Value

""

Remarks

The serial number of the certificate encoded as a string. The number is encoded as a series of hexadecimal digits, with each pair representing a byte of the serial number.

The DocumentCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the DocumentCertCount property.

This property is read-only and not available at design time.

Data Type

String

DocumentCertSignatureAlgorithm Property (PDFVerify Component)

The text description of the certificate's signature algorithm.

Syntax

__property String DocumentCertSignatureAlgorithm[int DocumentCertIndex] = { read=FDocumentCertSignatureAlgorithm };

Default Value

""

Remarks

The text description of the certificate's signature algorithm. The property contains either the name of the algorithm (e.g., "RSA" or "RSA_MD5RSA") or an object identifier (OID) string representing the algorithm.

The DocumentCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the DocumentCertCount property.

This property is read-only and not available at design time.

Data Type

String

DocumentCertStore Property (PDFVerify Component)

The name of the certificate store for the client certificate.

Syntax

__property String DocumentCertStore[int DocumentCertIndex] = { read=FDocumentCertStore };
__property DynamicArray<Byte> DocumentCertStoreB[int DocumentCertIndex] = { read=FDocumentCertStoreB };

Default Value

"MY"

Remarks

The name of the certificate store for the client certificate.

The DocumentCertStoreType property denotes the type of the certificate store specified by DocumentCertStore. If the store is password-protected, specify the password in DocumentCertStorePassword.

DocumentCertStore is used in conjunction with the DocumentCertSubject property to specify client certificates. If DocumentCertStore has a value, and DocumentCertSubject or DocumentCertEncoded is set, a search for a certificate is initiated. Please see the DocumentCertSubject property for details.

Designations of certificate stores are platform dependent.

The following designations are the most common User and Machine certificate stores in Windows:

When the certificate store type is cstPFXFile, this property must be set to the name of the file. When the type is cstPFXBlob, the property must be set to the binary contents of a PFX file (i.e., PKCS#12 certificate store).

The DocumentCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the DocumentCertCount property.

This property is read-only and not available at design time.

Data Type

Byte Array

DocumentCertStorePassword Property (PDFVerify Component)

If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.

Syntax

__property String DocumentCertStorePassword[int DocumentCertIndex] = { read=FDocumentCertStorePassword };

Default Value

""

Remarks

If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.

The DocumentCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the DocumentCertCount property.

This property is read-only and not available at design time.

Data Type

String

DocumentCertStoreType Property (PDFVerify Component)

The type of certificate store for this certificate.

Syntax

__property TispPDFVerifyDocumentCertStoreTypes DocumentCertStoreType[int DocumentCertIndex] = { read=FDocumentCertStoreType };

enum TispPDFVerifyDocumentCertStoreTypes {
  cstUser=0,
  cstMachine=1,
  cstPFXFile=2,
  cstPFXBlob=3,
  cstJKSFile=4,
  cstJKSBlob=5,
  cstPEMKeyFile=6,
  cstPEMKeyBlob=7,
  cstPublicKeyFile=8,
  cstPublicKeyBlob=9,
  cstSSHPublicKeyBlob=10,
  cstP7BFile=11,
  cstP7BBlob=12,
  cstSSHPublicKeyFile=13,
  cstPPKFile=14,
  cstPPKBlob=15,
  cstXMLFile=16,
  cstXMLBlob=17,
  cstJWKFile=18,
  cstJWKBlob=19,
  cstSecurityKey=20,
  cstBCFKSFile=21,
  cstBCFKSBlob=22,
  cstPKCS11=23,
  cstAuto=99
};

Default Value

cstUser

Remarks

The type of certificate store for this certificate.

The component supports both public and private keys in a variety of formats. When the cstAuto value is used, the component will automatically determine the type. This property can take one of the following values:

The DocumentCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the DocumentCertCount property.

This property is read-only and not available at design time.

Data Type

Integer

DocumentCertSubjectAltNames Property (PDFVerify Component)

Comma-separated lists of alternative subject names for the certificate.

Syntax

__property String DocumentCertSubjectAltNames[int DocumentCertIndex] = { read=FDocumentCertSubjectAltNames };

Default Value

""

Remarks

Comma-separated lists of alternative subject names for the certificate.

The DocumentCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the DocumentCertCount property.

This property is read-only and not available at design time.

Data Type

String

DocumentCertThumbprintMD5 Property (PDFVerify Component)

The MD5 hash of the certificate.

Syntax

__property String DocumentCertThumbprintMD5[int DocumentCertIndex] = { read=FDocumentCertThumbprintMD5 };

Default Value

""

Remarks

The MD5 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.

The DocumentCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the DocumentCertCount property.

This property is read-only and not available at design time.

Data Type

String

DocumentCertThumbprintSHA1 Property (PDFVerify Component)

The SHA-1 hash of the certificate.

Syntax

__property String DocumentCertThumbprintSHA1[int DocumentCertIndex] = { read=FDocumentCertThumbprintSHA1 };

Default Value

""

Remarks

The SHA-1 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.

The DocumentCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the DocumentCertCount property.

This property is read-only and not available at design time.

Data Type

String

DocumentCertThumbprintSHA256 Property (PDFVerify Component)

The SHA-256 hash of the certificate.

Syntax

__property String DocumentCertThumbprintSHA256[int DocumentCertIndex] = { read=FDocumentCertThumbprintSHA256 };

Default Value

""

Remarks

The SHA-256 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.

The DocumentCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the DocumentCertCount property.

This property is read-only and not available at design time.

Data Type

String

DocumentCertUsage Property (PDFVerify Component)

The text description of UsageFlags .

Syntax

__property String DocumentCertUsage[int DocumentCertIndex] = { read=FDocumentCertUsage };

Default Value

""

Remarks

The text description of DocumentCertUsageFlags.

This value will be one or more of the following strings and will be separated by commas:

• Digital Signature
• Non-Repudiation
• Key Encipherment
• Data Encipherment
• Key Agreement
• Certificate Signing
• CRL Signing
• Encipher Only

If the provider is OpenSSL, the value is a comma-separated list of X.509 certificate extension names.

The DocumentCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the DocumentCertCount property.

This property is read-only and not available at design time.

Data Type

String

DocumentCertUsageFlags Property (PDFVerify Component)

The flags that show intended use for the certificate.

Syntax

__property int DocumentCertUsageFlags[int DocumentCertIndex] = { read=FDocumentCertUsageFlags };

Default Value

0

Remarks

The flags that show intended use for the certificate. The value of DocumentCertUsageFlags is a combination of the following flags:

Please see the DocumentCertUsage property for a text representation of DocumentCertUsageFlags.

This functionality currently is not available when the provider is OpenSSL.

The DocumentCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the DocumentCertCount property.

This property is read-only and not available at design time.

Data Type

Integer

DocumentCertVersion Property (PDFVerify Component)

The certificate's version number.

Syntax

__property String DocumentCertVersion[int DocumentCertIndex] = { read=FDocumentCertVersion };

Default Value

""

Remarks

The certificate's version number. The possible values are the strings "V1", "V2", and "V3".

The DocumentCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the DocumentCertCount property.

This property is read-only and not available at design time.

Data Type

String

DocumentCertSubject Property (PDFVerify Component)

The subject of the certificate used for client authentication.

Syntax

__property String DocumentCertSubject[int DocumentCertIndex] = { read=FDocumentCertSubject };

Default Value

""

Remarks

The subject of the certificate used for client authentication.

This property must be set after all other certificate properties are set. When this property is set, a search is performed in the current certificate store to locate a certificate with a matching subject.

If a matching certificate is found, the property is set to the full subject of the matching certificate.

If an exact match is not found, the store is searched for subjects containing the value of the property.

If a match is still not found, the property is set to an empty string, and no certificate is selected.

The special value "*" picks a random certificate in the certificate store.

The certificate subject is a comma-separated list of distinguished name fields and values. For instance, "CN=www.server.com, OU=test, C=US, E=support@nsoftware.com". Common fields and their meanings are as follows:

If a field value contains a comma, it must be quoted.

The DocumentCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the DocumentCertCount property.

This property is read-only and not available at design time.

Data Type

String

DocumentCertEncoded Property (PDFVerify Component)

The certificate (PEM/Base64 encoded).

Syntax

__property String DocumentCertEncoded[int DocumentCertIndex] = { read=FDocumentCertEncoded };
__property DynamicArray<Byte> DocumentCertEncodedB[int DocumentCertIndex] = { read=FDocumentCertEncodedB };

Default Value

""

Remarks

The certificate (PEM/Base64 encoded). This property is used to assign a specific certificate. The DocumentCertStore and DocumentCertSubject properties also may be used to specify a certificate.

When DocumentCertEncoded is set, a search is initiated in the current DocumentCertStore for the private key of the certificate. If the key is found, DocumentCertSubject is updated to reflect the full subject of the selected certificate; otherwise, DocumentCertSubject is set to an empty string.

The DocumentCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the DocumentCertCount property.

This property is read-only and not available at design time.

Data Type

Byte Array

FirewallAutoDetect Property (PDFVerify Component)

Whether to automatically detect and use firewall system settings, if available.

Syntax

__property bool FirewallAutoDetect = { read=FFirewallAutoDetect, write=FSetFirewallAutoDetect };

Default Value

False

Remarks

Whether to automatically detect and use firewall system settings, if available.

Data Type

Boolean

FirewallType Property (PDFVerify Component)

The type of firewall to connect through.

Syntax

__property TispPDFVerifyFirewallTypes FirewallType = { read=FFirewallType, write=FSetFirewallType };

enum TispPDFVerifyFirewallTypes {
  fwNone=0,
  fwTunnel=1,
  fwSOCKS4=2,
  fwSOCKS5=3,
  fwSOCKS4A=10
};

Default Value

fwNone

Remarks

The type of firewall to connect through. The applicable values are as follows:

Data Type

Integer

FirewallHost Property (PDFVerify Component)

The name or IP address of the firewall (optional).

Syntax

__property String FirewallHost = { read=FFirewallHost, write=FSetFirewallHost };

Default Value

""

Remarks

The name or IP address of the firewall (optional). If a FirewallHost is given, the requested connections will be authenticated through the specified firewall when connecting.

If this property is set to a Domain Name, a DNS request is initiated. Upon successful termination of the request, this property is set to the corresponding address. If the search is not successful, the component raises an exception.

Data Type

String

FirewallPassword Property (PDFVerify Component)

A password if authentication is to be used when connecting through the firewall.

Syntax

__property String FirewallPassword = { read=FFirewallPassword, write=FSetFirewallPassword };

Default Value

""

Remarks

A password if authentication is to be used when connecting through the firewall. If FirewallHost is specified, the FirewallUser and FirewallPassword properties are used to connect and authenticate to the given firewall. If the authentication fails, the component raises an exception.

Data Type

String

FirewallPort Property (PDFVerify Component)

The Transmission Control Protocol (TCP) port for the firewall Host .

Syntax

__property int FirewallPort = { read=FFirewallPort, write=FSetFirewallPort };

Default Value

0

Remarks

The Transmission Control Protocol (TCP) port for the firewall FirewallHost. See the description of the FirewallHost property for details.

Note: This property is set automatically when FirewallType is set to a valid value. See the description of the FirewallType property for details.

Data Type

Integer

FirewallUser Property (PDFVerify Component)

A username if authentication is to be used when connecting through a firewall.

Syntax

__property String FirewallUser = { read=FFirewallUser, write=FSetFirewallUser };

Default Value

""

Remarks

A username if authentication is to be used when connecting through a firewall. If FirewallHost is specified, this property and the FirewallPassword property are used to connect and authenticate to the given Firewall. If the authentication fails, the component raises an exception.

Data Type

String

InputData Property (PDFVerify Component)

A byte array containing the PDF document to process.

Syntax

__property DynamicArray InputData = { read=FInputData, write=FSetInputData };

Remarks

This property is used to assign a byte array containing the PDF document to be processed.

This property is not available at design time.

Data Type

Byte Array

InputFile Property (PDFVerify Component)

The PDF file to process.

Syntax

__property String InputFile = { read=FInputFile, write=FSetInputFile };

Default Value

""

Remarks

This property is used to provide a path to the PDF document to be processed.

Data Type

String

KnownCertCount Property (PDFVerify Component)

The number of records in the KnownCert arrays.

Syntax

__property int KnownCertCount = { read=FKnownCertCount, write=FSetKnownCertCount };

Default Value

0

Remarks

This property controls the size of the following arrays:

• KnownCertEffectiveDate
• KnownCertEncoded
• KnownCertExpirationDate
• KnownCertExtendedKeyUsage
• KnownCertFingerprint
• KnownCertFingerprintSHA1
• KnownCertFingerprintSHA256
• KnownCertIssuer
• KnownCertPrivateKey
• KnownCertPrivateKeyAvailable
• KnownCertPrivateKeyContainer
• KnownCertPublicKey
• KnownCertPublicKeyAlgorithm
• KnownCertPublicKeyLength
• KnownCertSerialNumber
• KnownCertSignatureAlgorithm
• KnownCertStore
• KnownCertStorePassword
• KnownCertStoreType
• KnownCertSubject
• KnownCertSubjectAltNames
• KnownCertThumbprintMD5
• KnownCertThumbprintSHA1
• KnownCertThumbprintSHA256
• KnownCertUsage
• KnownCertUsageFlags
• KnownCertVersion

The array indices start at 0 and end at KnownCertCount - 1.

This property is not available at design time.

Data Type

Integer

KnownCertEffectiveDate Property (PDFVerify Component)

The date on which this certificate becomes valid.

Syntax

__property String KnownCertEffectiveDate[int KnownCertIndex] = { read=FKnownCertEffectiveDate };

Default Value

""

Remarks

The date on which this certificate becomes valid. Before this date, it is not valid. The date is localized to the system's time zone. The following example illustrates the format of an encoded date:

23-Jan-2000 15:00:00.

The KnownCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the KnownCertCount property.

This property is read-only and not available at design time.

Data Type

String

KnownCertExpirationDate Property (PDFVerify Component)

The date on which the certificate expires.

Syntax

__property String KnownCertExpirationDate[int KnownCertIndex] = { read=FKnownCertExpirationDate };

Default Value

""

Remarks

The date on which the certificate expires. After this date, the certificate will no longer be valid. The date is localized to the system's time zone. The following example illustrates the format of an encoded date:

23-Jan-2001 15:00:00.

The KnownCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the KnownCertCount property.

This property is read-only and not available at design time.

Data Type

String

KnownCertExtendedKeyUsage Property (PDFVerify Component)

A comma-delimited list of extended key usage identifiers.

Syntax

__property String KnownCertExtendedKeyUsage[int KnownCertIndex] = { read=FKnownCertExtendedKeyUsage };

Default Value

""

Remarks

A comma-delimited list of extended key usage identifiers. These are the same as ASN.1 object identifiers (OIDs).

The KnownCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the KnownCertCount property.

This property is read-only and not available at design time.

Data Type

String

KnownCertFingerprint Property (PDFVerify Component)

The hex-encoded, 16-byte MD5 fingerprint of the certificate.

Syntax

__property String KnownCertFingerprint[int KnownCertIndex] = { read=FKnownCertFingerprint };

Default Value

""

Remarks

The hex-encoded, 16-byte MD5 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.

The following example illustrates the format: bc:2a:72:af:fe:58:17:43:7a:5f:ba:5a:7c:90:f7:02

The KnownCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the KnownCertCount property.

This property is read-only and not available at design time.

Data Type

String

KnownCertFingerprintSHA1 Property (PDFVerify Component)

The hex-encoded, 20-byte SHA-1 fingerprint of the certificate.

Syntax

__property String KnownCertFingerprintSHA1[int KnownCertIndex] = { read=FKnownCertFingerprintSHA1 };

Default Value

""

Remarks

The hex-encoded, 20-byte SHA-1 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.

The following example illustrates the format: 30:7b:fa:38:65:83:ff:da:b4:4e:07:3f:17:b8:a4:ed:80:be:ff:84

The KnownCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the KnownCertCount property.

This property is read-only and not available at design time.

Data Type

String

KnownCertFingerprintSHA256 Property (PDFVerify Component)

The hex-encoded, 32-byte SHA-256 fingerprint of the certificate.

Syntax

__property String KnownCertFingerprintSHA256[int KnownCertIndex] = { read=FKnownCertFingerprintSHA256 };

Default Value

""

Remarks

The hex-encoded, 32-byte SHA-256 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.

The following example illustrates the format: 6a:80:5c:33:a9:43:ea:b0:96:12:8a:64:96:30:ef:4a:8a:96:86:ce:f4:c7:be:10:24:8e:2b:60:9e:f3:59:53

The KnownCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the KnownCertCount property.

This property is read-only and not available at design time.

Data Type

String

KnownCertIssuer Property (PDFVerify Component)

The issuer of the certificate.

Syntax

__property String KnownCertIssuer[int KnownCertIndex] = { read=FKnownCertIssuer };

Default Value

""

Remarks

The issuer of the certificate. This property contains a string representation of the name of the issuing authority for the certificate.

The KnownCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the KnownCertCount property.

This property is read-only and not available at design time.

Data Type

String

KnownCertPrivateKey Property (PDFVerify Component)

The private key of the certificate (if available).

Syntax

__property String KnownCertPrivateKey[int KnownCertIndex] = { read=FKnownCertPrivateKey };

Default Value

""

Remarks

The private key of the certificate (if available). The key is provided as PEM/Base64-encoded data.

Note: The KnownCertPrivateKey may be available but not exportable. In this case, KnownCertPrivateKey returns an empty string.

The KnownCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the KnownCertCount property.

This property is read-only and not available at design time.

Data Type

String

KnownCertPrivateKeyAvailable Property (PDFVerify Component)

Whether a PrivateKey is available for the selected certificate.

Syntax

__property bool KnownCertPrivateKeyAvailable[int KnownCertIndex] = { read=FKnownCertPrivateKeyAvailable };

Default Value

false

Remarks

Whether a KnownCertPrivateKey is available for the selected certificate. If KnownCertPrivateKeyAvailable is True, the certificate may be used for authentication purposes (e.g., server authentication).

The KnownCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the KnownCertCount property.

This property is read-only and not available at design time.

Data Type

Boolean

KnownCertPrivateKeyContainer Property (PDFVerify Component)

The name of the PrivateKey container for the certificate (if available).

Syntax

__property String KnownCertPrivateKeyContainer[int KnownCertIndex] = { read=FKnownCertPrivateKeyContainer };

Default Value

""

Remarks

The name of the KnownCertPrivateKey container for the certificate (if available). This functionality is available only on Windows platforms.

The KnownCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the KnownCertCount property.

This property is read-only and not available at design time.

Data Type

String

KnownCertPublicKey Property (PDFVerify Component)

The public key of the certificate.

Syntax

__property String KnownCertPublicKey[int KnownCertIndex] = { read=FKnownCertPublicKey };

Default Value

""

Remarks

The public key of the certificate. The key is provided as PEM/Base64-encoded data.

The KnownCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the KnownCertCount property.

This property is read-only and not available at design time.

Data Type

String

KnownCertPublicKeyAlgorithm Property (PDFVerify Component)

The textual description of the certificate's public key algorithm.

Syntax

__property String KnownCertPublicKeyAlgorithm[int KnownCertIndex] = { read=FKnownCertPublicKeyAlgorithm };

Default Value

""

Remarks

The textual description of the certificate's public key algorithm. The property contains either the name of the algorithm (e.g., "RSA" or "RSA_DH") or an object identifier (OID) string representing the algorithm.

The KnownCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the KnownCertCount property.

This property is read-only and not available at design time.

Data Type

String

KnownCertPublicKeyLength Property (PDFVerify Component)

The length of the certificate's public key (in bits).

Syntax

__property int KnownCertPublicKeyLength[int KnownCertIndex] = { read=FKnownCertPublicKeyLength };

Default Value

0

Remarks

The length of the certificate's public key (in bits). Common values are 512, 1024, and 2048.

The KnownCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the KnownCertCount property.

This property is read-only and not available at design time.

Data Type

Integer

KnownCertSerialNumber Property (PDFVerify Component)

The serial number of the certificate encoded as a string.

Syntax

__property String KnownCertSerialNumber[int KnownCertIndex] = { read=FKnownCertSerialNumber };

Default Value

""

Remarks

The serial number of the certificate encoded as a string. The number is encoded as a series of hexadecimal digits, with each pair representing a byte of the serial number.

The KnownCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the KnownCertCount property.

This property is read-only and not available at design time.

Data Type

String

KnownCertSignatureAlgorithm Property (PDFVerify Component)

The text description of the certificate's signature algorithm.

Syntax

__property String KnownCertSignatureAlgorithm[int KnownCertIndex] = { read=FKnownCertSignatureAlgorithm };

Default Value

""

Remarks

The text description of the certificate's signature algorithm. The property contains either the name of the algorithm (e.g., "RSA" or "RSA_MD5RSA") or an object identifier (OID) string representing the algorithm.

The KnownCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the KnownCertCount property.

This property is read-only and not available at design time.

Data Type

String

KnownCertStore Property (PDFVerify Component)

The name of the certificate store for the client certificate.

Syntax

__property String KnownCertStore[int KnownCertIndex] = { read=FKnownCertStore, write=FSetKnownCertStore };
__property DynamicArray<Byte> KnownCertStoreB[int KnownCertIndex] = { read=FKnownCertStoreB, write=FSetKnownCertStoreB };

Default Value

"MY"

Remarks

The name of the certificate store for the client certificate.

The KnownCertStoreType property denotes the type of the certificate store specified by KnownCertStore. If the store is password-protected, specify the password in KnownCertStorePassword.

KnownCertStore is used in conjunction with the KnownCertSubject property to specify client certificates. If KnownCertStore has a value, and KnownCertSubject or KnownCertEncoded is set, a search for a certificate is initiated. Please see the KnownCertSubject property for details.

Designations of certificate stores are platform dependent.

The following designations are the most common User and Machine certificate stores in Windows:

When the certificate store type is cstPFXFile, this property must be set to the name of the file. When the type is cstPFXBlob, the property must be set to the binary contents of a PFX file (i.e., PKCS#12 certificate store).

The KnownCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the KnownCertCount property.

This property is not available at design time.

Data Type

Byte Array

KnownCertStorePassword Property (PDFVerify Component)

If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.

Syntax

__property String KnownCertStorePassword[int KnownCertIndex] = { read=FKnownCertStorePassword, write=FSetKnownCertStorePassword };

Default Value

""

Remarks

If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.

The KnownCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the KnownCertCount property.

This property is not available at design time.

Data Type

String

KnownCertStoreType Property (PDFVerify Component)

The type of certificate store for this certificate.

Syntax

__property TispPDFVerifyKnownCertStoreTypes KnownCertStoreType[int KnownCertIndex] = { read=FKnownCertStoreType, write=FSetKnownCertStoreType };

enum TispPDFVerifyKnownCertStoreTypes {
  cstUser=0,
  cstMachine=1,
  cstPFXFile=2,
  cstPFXBlob=3,
  cstJKSFile=4,
  cstJKSBlob=5,
  cstPEMKeyFile=6,
  cstPEMKeyBlob=7,
  cstPublicKeyFile=8,
  cstPublicKeyBlob=9,
  cstSSHPublicKeyBlob=10,
  cstP7BFile=11,
  cstP7BBlob=12,
  cstSSHPublicKeyFile=13,
  cstPPKFile=14,
  cstPPKBlob=15,
  cstXMLFile=16,
  cstXMLBlob=17,
  cstJWKFile=18,
  cstJWKBlob=19,
  cstSecurityKey=20,
  cstBCFKSFile=21,
  cstBCFKSBlob=22,
  cstPKCS11=23,
  cstAuto=99
};

Default Value

cstUser

Remarks

The type of certificate store for this certificate.

The component supports both public and private keys in a variety of formats. When the cstAuto value is used, the component will automatically determine the type. This property can take one of the following values:

The KnownCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the KnownCertCount property.

This property is not available at design time.

Data Type

Integer

KnownCertSubjectAltNames Property (PDFVerify Component)

Comma-separated lists of alternative subject names for the certificate.

Syntax

__property String KnownCertSubjectAltNames[int KnownCertIndex] = { read=FKnownCertSubjectAltNames };

Default Value

""

Remarks

Comma-separated lists of alternative subject names for the certificate.

The KnownCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the KnownCertCount property.

This property is read-only and not available at design time.

Data Type

String

KnownCertThumbprintMD5 Property (PDFVerify Component)

The MD5 hash of the certificate.

Syntax

__property String KnownCertThumbprintMD5[int KnownCertIndex] = { read=FKnownCertThumbprintMD5 };

Default Value

""

Remarks

The MD5 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.

The KnownCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the KnownCertCount property.

This property is read-only and not available at design time.

Data Type

String

KnownCertThumbprintSHA1 Property (PDFVerify Component)

The SHA-1 hash of the certificate.

Syntax

__property String KnownCertThumbprintSHA1[int KnownCertIndex] = { read=FKnownCertThumbprintSHA1 };

Default Value

""

Remarks

The SHA-1 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.

The KnownCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the KnownCertCount property.

This property is read-only and not available at design time.

Data Type

String

KnownCertThumbprintSHA256 Property (PDFVerify Component)

The SHA-256 hash of the certificate.

Syntax

__property String KnownCertThumbprintSHA256[int KnownCertIndex] = { read=FKnownCertThumbprintSHA256 };

Default Value

""

Remarks

The SHA-256 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.

The KnownCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the KnownCertCount property.

This property is read-only and not available at design time.

Data Type

String

KnownCertUsage Property (PDFVerify Component)

The text description of UsageFlags .

Syntax

__property String KnownCertUsage[int KnownCertIndex] = { read=FKnownCertUsage };

Default Value

""

Remarks

The text description of KnownCertUsageFlags.

This value will be one or more of the following strings and will be separated by commas:

• Digital Signature
• Non-Repudiation
• Key Encipherment
• Data Encipherment
• Key Agreement
• Certificate Signing
• CRL Signing
• Encipher Only

If the provider is OpenSSL, the value is a comma-separated list of X.509 certificate extension names.

The KnownCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the KnownCertCount property.

This property is read-only and not available at design time.

Data Type

String

KnownCertUsageFlags Property (PDFVerify Component)

The flags that show intended use for the certificate.

Syntax

__property int KnownCertUsageFlags[int KnownCertIndex] = { read=FKnownCertUsageFlags };

Default Value

0

Remarks

The flags that show intended use for the certificate. The value of KnownCertUsageFlags is a combination of the following flags:

Please see the KnownCertUsage property for a text representation of KnownCertUsageFlags.

This functionality currently is not available when the provider is OpenSSL.

The KnownCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the KnownCertCount property.

This property is read-only and not available at design time.

Data Type

Integer

KnownCertVersion Property (PDFVerify Component)

The certificate's version number.

Syntax

__property String KnownCertVersion[int KnownCertIndex] = { read=FKnownCertVersion };

Default Value

""

Remarks

The certificate's version number. The possible values are the strings "V1", "V2", and "V3".

The KnownCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the KnownCertCount property.

This property is read-only and not available at design time.

Data Type

String

KnownCertSubject Property (PDFVerify Component)

The subject of the certificate used for client authentication.

Syntax

__property String KnownCertSubject[int KnownCertIndex] = { read=FKnownCertSubject, write=FSetKnownCertSubject };

Default Value

""

Remarks

The subject of the certificate used for client authentication.

This property must be set after all other certificate properties are set. When this property is set, a search is performed in the current certificate store to locate a certificate with a matching subject.

If a matching certificate is found, the property is set to the full subject of the matching certificate.

If an exact match is not found, the store is searched for subjects containing the value of the property.

If a match is still not found, the property is set to an empty string, and no certificate is selected.

The special value "*" picks a random certificate in the certificate store.

The certificate subject is a comma-separated list of distinguished name fields and values. For instance, "CN=www.server.com, OU=test, C=US, E=support@nsoftware.com". Common fields and their meanings are as follows:

If a field value contains a comma, it must be quoted.

The KnownCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the KnownCertCount property.

This property is not available at design time.

Data Type

String

KnownCertEncoded Property (PDFVerify Component)

The certificate (PEM/Base64 encoded).

Syntax

__property String KnownCertEncoded[int KnownCertIndex] = { read=FKnownCertEncoded, write=FSetKnownCertEncoded };
__property DynamicArray<Byte> KnownCertEncodedB[int KnownCertIndex] = { read=FKnownCertEncodedB, write=FSetKnownCertEncodedB };

Default Value

""

Remarks

The certificate (PEM/Base64 encoded). This property is used to assign a specific certificate. The KnownCertStore and KnownCertSubject properties also may be used to specify a certificate.

When KnownCertEncoded is set, a search is initiated in the current KnownCertStore for the private key of the certificate. If the key is found, KnownCertSubject is updated to reflect the full subject of the selected certificate; otherwise, KnownCertSubject is set to an empty string.

The KnownCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the KnownCertCount property.

This property is not available at design time.

Data Type

Byte Array

OfflineMode Property (PDFVerify Component)

Whether the component is operating in offline mode.

Syntax

__property bool OfflineMode = { read=FOfflineMode, write=FSetOfflineMode };

Default Value

false

Remarks

This property indicates whether the component should operate in offline mode.

In offline mode, the component restricts itself from accessing online Trusted Lists and revocation information sources such as CRLs or OCSP responders. It may be useful to set this property to true if there is a need to verify the completeness of the validation information included within the signature or provided via KnownCerts.

Data Type

Boolean

OutputData Property (PDFVerify Component)

A byte array containing the PDF document after processing.

Syntax

__property DynamicArray OutputData = { read=FOutputData };

Remarks

This property is used to read the byte array containing the produced output after the operation has completed. It will only be set if an output file and output stream have not been assigned via OutputFile and SetOutputStream respectively.

This property is read-only and not available at design time.

Data Type

Byte Array

OutputFile Property (PDFVerify Component)

The path to a local file where the output will be written.

Syntax

__property String OutputFile = { read=FOutputFile, write=FSetOutputFile };

Default Value

""

Remarks

This property is used to provide a path where the resulting PDF document will be saved after the operation has completed.

Data Type

String

Overwrite Property (PDFVerify Component)

Whether or not the component should overwrite files.

Syntax

__property bool Overwrite = { read=FOverwrite, write=FSetOverwrite };

Default Value

false

Remarks

This property indicates whether or not the component will overwrite OutputFile, OutputData, or the stream set in SetOutputStream. If set to false, an error will be thrown whenever OutputFile, OutputData, or the stream set in SetOutputStream exists before an operation.

Data Type

Boolean

Password Property (PDFVerify Component)

The password to decrypt the document with.

Syntax

__property String Password = { read=FPassword, write=FSetPassword };

Default Value

""

Remarks

This property is used to provide the user password for decryption. Though it may be different from OwnerPassword, most implementations use the same value for both.

Data Type

String

ProxyAuthScheme Property (PDFVerify Component)

The type of authorization to perform when connecting to the proxy.

Syntax

__property TispPDFVerifyProxyAuthSchemes ProxyAuthScheme = { read=FProxyAuthScheme, write=FSetProxyAuthScheme };

enum TispPDFVerifyProxyAuthSchemes {
  authBasic=0,
  authDigest=1,
  authProprietary=2,
  authNone=3,
  authNtlm=4,
  authNegotiate=5
};

Default Value

authBasic

Remarks

The type of authorization to perform when connecting to the proxy. This is used only when the ProxyUser and ProxyPassword properties are set.

ProxyAuthScheme should be set to authNone (3) when no authentication is expected.

By default, ProxyAuthScheme is authBasic (0), and if the ProxyUser and ProxyPassword properties are set, the component will attempt basic authentication.

If ProxyAuthScheme is set to authDigest (1), digest authentication will be attempted instead.

If ProxyAuthScheme is set to authProprietary (2), then the authorization token will not be generated by the component. Look at the configuration file for the component being used to find more information about manually setting this token.

If ProxyAuthScheme is set to authNtlm (4), NTLM authentication will be used.

For security reasons, setting this property will clear the values of ProxyUser and ProxyPassword.

Data Type

Integer

ProxyAutoDetect Property (PDFVerify Component)

Whether to automatically detect and use proxy system settings, if available.

Syntax

__property bool ProxyAutoDetect = { read=FProxyAutoDetect, write=FSetProxyAutoDetect };

Default Value

False

Remarks

Whether to automatically detect and use proxy system settings, if available. The default value is false.

Data Type

Boolean

ProxyPassword Property (PDFVerify Component)

A password if authentication is to be used for the proxy.

Syntax

__property String ProxyPassword = { read=FProxyPassword, write=FSetProxyPassword };

Default Value

""

Remarks

A password if authentication is to be used for the proxy.

If ProxyAuthScheme is set to Basic Authentication, the ProxyUser and ProxyPassword properties are Base64 encoded and the proxy authentication token will be generated in the form Basic [encoded-user-password].

If ProxyAuthScheme is set to Digest Authentication, the ProxyUser and ProxyPassword properties are used to respond to the Digest Authentication challenge from the server.

If ProxyAuthScheme is set to NTLM Authentication, the ProxyUser and ProxyPassword properties are used to authenticate through NTLM negotiation.

Data Type

String

ProxyPort Property (PDFVerify Component)

The Transmission Control Protocol (TCP) port for the proxy Server (default 80).

Syntax

__property int ProxyPort = { read=FProxyPort, write=FSetProxyPort };

Default Value

80

Remarks

The Transmission Control Protocol (TCP) port for the proxy ProxyServer (default 80). See the description of the ProxyServer property for details.

Data Type

Integer

ProxyServer Property (PDFVerify Component)

If a proxy Server is given, then the HTTP request is sent to the proxy instead of the server otherwise specified.

Syntax

__property String ProxyServer = { read=FProxyServer, write=FSetProxyServer };

Default Value

""

Remarks

If a proxy ProxyServer is given, then the HTTP request is sent to the proxy instead of the server otherwise specified.

If the ProxyServer property is set to a domain name, a DNS request is initiated. Upon successful termination of the request, the ProxyServer property is set to the corresponding address. If the search is not successful, an error is returned.

Data Type

String

ProxySSL Property (PDFVerify Component)

When to use a Secure Sockets Layer (SSL) for the connection to the proxy.

Syntax

__property TispPDFVerifyProxySSLs ProxySSL = { read=FProxySSL, write=FSetProxySSL };

enum TispPDFVerifyProxySSLs {
  psAutomatic=0,
  psAlways=1,
  psNever=2,
  psTunnel=3
};

Default Value

psAutomatic

Remarks

When to use a Secure Sockets Layer (SSL) for the connection to the proxy. The applicable values are as follows:

Data Type

Integer

ProxyUser Property (PDFVerify Component)

A username if authentication is to be used for the proxy.

Syntax

__property String ProxyUser = { read=FProxyUser, write=FSetProxyUser };

Default Value

""

Remarks

A username if authentication is to be used for the proxy.

If ProxyAuthScheme is set to Basic Authentication, the ProxyUser and ProxyPassword properties are Base64 encoded and the proxy authentication token will be generated in the form Basic [encoded-user-password].

If ProxyAuthScheme is set to Digest Authentication, the ProxyUser and ProxyPassword properties are used to respond to the Digest Authentication challenge from the server.

If ProxyAuthScheme is set to NTLM Authentication, the ProxyUser and ProxyPassword properties are used to authenticate through NTLM negotiation.

Data Type

String

RevocationCheck Property (PDFVerify Component)

The kind(s) of revocation check to perform for all chain certificates.

Syntax

__property TispPDFVerifyRevocationChecks RevocationCheck = { read=FRevocationCheck, write=FSetRevocationCheck };

enum TispPDFVerifyRevocationChecks {
  rcAllCRL=0,
  rcAllOCSP=1,
  rcAllCRLAndOCSP=2,
  rcAnyCRL=3,
  rcAnyOCSP=4,
  rcAnyCRLOrOCSP=5,
  rcAnyOCSPOrCRL=6
};

Default Value

rcAnyOCSPOrCRL

Remarks

This property is used to specify the revocation sources and preferences the component will use during chain validation. Revocation checking is necessary to ensure the integrity of the chain and to obtain up-to-date certificate validity and trust information.

Certificate Revocation Lists (CRLs) and Online Certificate Status Protocol (OCSP) responses serve the same purpose of ensuring that the certificate has not been revoked by the Certificate Authority (CA) at the time of use. Depending on the circumstances and security policy requirements, either one or both of the revocation information source types may be used.

Possible values are:

This property controls the way revocation checks are performed for every certificate in the chain. Typically, certificates come with two types of revocation information sources: CRLs (Certificate Revocation Lists) and OCSP responses. CRLs are static objects periodically published by the CA at some online location. OCSP responders are active online services maintained by the CA that can provide up-to-date information on certificate statuses in near real time.

There are some conceptual differences between the two. CRLs are normally larger in size. Their use involves some latency because there is normally a delay between the time at which a certificate was revoked and the time at which the subsequent CRL mentioning that revocation is published. The benefits of CRLs are that the same object can provide statuses for all certificates issued by a particular CA, and that the whole technology is much simpler than OCSP (and thus is supported by more CAs).

This property allows the validation course to be adjusted by including or excluding certain types of revocation sources from the validation process. The rcAnyOCSPOrCRL setting (give preference to the faster OCSP route and only demand one source to succeed) is a good choice for most typical validation environments. The rcAll* modes are much stricter, and may be used in scenarios where bulletproof validity information is essential.

Note: If no CRL or OCSP endpoints are provided by the CA, the revocation check will be considered successful. This is because the CA chose not to supply revocation information for its certificates, meaning they are considered irrevocable.

Note: Within each of the above settings, if any retrieved CRL or OCSP response indicates that the certificate has been revoked, the revocation check fails.

Data Type

Integer

PDFSignatureCount Property (PDFVerify Component)

The number of records in the PDFSignature arrays.

Syntax

__property int PDFSignatureCount = { read=FPDFSignatureCount };

Default Value

0

Remarks

This property controls the size of the following arrays:

• PDFSignatureAuthorName
• PDFSignatureChainValidationDetails
• PDFSignatureChainValidationResult
• PDFSignatureClaimedSigningTime
• PDFSignatureCoverageEndsAt
• PDFSignatureHashAlgorithm
• PDFSignatureProfile
• PDFSignatureReason
• PDFSignatureSignerCertIndex
• PDFSignatureTimestampCertIndex
• PDFSignatureTimestamped
• PDFSignatureType
• PDFSignatureValidatedSigningTime
• PDFSignatureValidationResult
• PDFSignatureWidgetHeight
• PDFSignatureWidgetOffsetX
• PDFSignatureWidgetOffsetY
• PDFSignatureWidgetPages
• PDFSignatureWidgetWidth

The array indices start at 0 and end at PDFSignatureCount - 1.

This property is read-only and not available at design time.

Data Type

Integer

PDFSignatureAuthorName Property (PDFVerify Component)

The human-readable name of the signer.

Syntax

__property String PDFSignatureAuthorName[int PDFSignatureIndex] = { read=FPDFSignatureAuthorName };

Default Value

""

Remarks

The human-readable name of the signer.

The PDFSignatureIndex parameter specifies the index of the item in the array. The size of the array is controlled by the PDFSignatureCount property.

This property is read-only and not available at design time.

Data Type

String

PDFSignatureChainValidationDetails Property (PDFVerify Component)

The details of the certificate chain validation outcome.

Syntax

__property int PDFSignatureChainValidationDetails[int PDFSignatureIndex] = { read=FPDFSignatureChainValidationDetails };

Default Value

0

Remarks

The details of the certificate chain validation outcome. They may often suggest the reasons that contributed to the overall validation result in PDFSignatureChainValidationResult.

The value of this property is a bitmask of the following flags:

Subscribe to the Log event to access the detailed validation log. This property is also available as a parameter of the SignatureProcessed event.

The PDFSignatureIndex parameter specifies the index of the item in the array. The size of the array is controlled by the PDFSignatureCount property.

This property is read-only and not available at design time.

Data Type

Integer

PDFSignatureChainValidationResult Property (PDFVerify Component)

The outcome of the certificate chain validation routine.

Syntax

__property TispPDFVerifyPDFSignatureChainValidationResults PDFSignatureChainValidationResult[int PDFSignatureIndex] = { read=FPDFSignatureChainValidationResult };

enum TispPDFVerifyPDFSignatureChainValidationResults {
  cvrUnknown=0,
  cvrValid=1,
  cvrValidButUntrusted=2,
  cvrInvalid=3,
  cvrCantBeEstablished=4
};

Default Value

cvrUnknown

Remarks

The outcome of the certificate chain validation routine.

Possible values are:

Subscribe to the Log event to access the detailed validation log. This property is also available as a parameter of the SignatureProcessed event.

The PDFSignatureIndex parameter specifies the index of the item in the array. The size of the array is controlled by the PDFSignatureCount property.

This property is read-only and not available at design time.

Data Type

Integer

PDFSignatureClaimedSigningTime Property (PDFVerify Component)

The signature's creation time in UTC.

Syntax

__property String PDFSignatureClaimedSigningTime[int PDFSignatureIndex] = { read=FPDFSignatureClaimedSigningTime };

Default Value

""

Remarks

The signature's creation time in UTC.

Use this property to get the signature creation time from the signer's computer. Note that the claimed time, unlike PDFSignatureValidatedSigningTime, does not originate from a trusted TSA and may be forfeited or wrong.

The PDFSignatureIndex parameter specifies the index of the item in the array. The size of the array is controlled by the PDFSignatureCount property.

This property is read-only and not available at design time.

Data Type

String

PDFSignatureCoverageEndsAt Property (PDFVerify Component)

The offset in the PDF file where the signature coverage ends.

Syntax

__property int PDFSignatureCoverageEndsAt[int PDFSignatureIndex] = { read=FPDFSignatureCoverageEndsAt };

Default Value

0

Remarks

The offset in the PDF file where the signature coverage ends.

PDF generators often use incremental updates to make changes in documents. This may result in the signature only covering a part of the document (one of the past revisions), but not the subsequent changes.

Use this property to identify the offset where the signature coverage ends. One option is to compare it to the length of the whole document to ensure that the signature covers the entire document. Alternatively, use the GetSignedVersion method to extract the exact revision that was signed.

The PDFSignatureIndex parameter specifies the index of the item in the array. The size of the array is controlled by the PDFSignatureCount property.

This property is read-only and not available at design time.

Data Type

Integer

PDFSignatureHashAlgorithm Property (PDFVerify Component)

The hash algorithm that was used for signing.

Syntax

__property String PDFSignatureHashAlgorithm[int PDFSignatureIndex] = { read=FPDFSignatureHashAlgorithm };

Default Value

"SHA256"

Remarks

The hash algorithm that was used for signing.

Possible values are:

• SHA1
• SHA224
• SHA256
• SHA384
• SHA512
• MD5

The PDFSignatureIndex parameter specifies the index of the item in the array. The size of the array is controlled by the PDFSignatureCount property.

This property is read-only and not available at design time.

Data Type

String

PDFSignatureProfile Property (PDFVerify Component)

The pre-defined PAdES profile that was applied when creating the signature, as defined by ETSI.

Syntax

__property TispPDFVerifyPDFSignatureProfiles PDFSignatureProfile[int PDFSignatureIndex] = { read=FPDFSignatureProfile };

enum TispPDFVerifyPDFSignatureProfiles {
  pfNone=0,
  pfBaselineB=1,
  pfBaselineT=2,
  pfBaselineLT=3,
  pfBaselineLTA=4
};

Default Value

pfNone

Remarks

The pre-defined PAdES profile that was applied when creating the signature, as defined by ETSI.

Advanced signatures come in many variants, and they are often defined by parties that need to process them or by local standards. Profiles are sets of pre-defined configurations that correspond to particular signature variants.

Possible values are:

Note that when verifying a signature, the LTV modifier may be affected by the validation settings. These include OfflineMode (set it to true to obtain the clean LTV capability) and CacheRevocationInfo (set it to false to prevent earlier validations from affecting the current validation).

The PDFSignatureIndex parameter specifies the index of the item in the array. The size of the array is controlled by the PDFSignatureCount property.

This property is read-only and not available at design time.

Data Type

Integer

PDFSignatureReason Property (PDFVerify Component)

The reason for signing.

Syntax

__property String PDFSignatureReason[int PDFSignatureIndex] = { read=FPDFSignatureReason };

Default Value

""

Remarks

The reason for signing.

The PDFSignatureIndex parameter specifies the index of the item in the array. The size of the array is controlled by the PDFSignatureCount property.

This property is read-only and not available at design time.

Data Type

String

PDFSignatureType Property (PDFVerify Component)

The type of the signature that was created.

Syntax

__property TispPDFVerifyPDFSignatureTypes PDFSignatureType[int PDFSignatureIndex] = { read=FPDFSignatureType };

enum TispPDFVerifyPDFSignatureTypes {
  stLegacy=0,
  stAdvanced=1,
  stDTS=2,
  stEmptyField=3
};

Default Value

stLegacy

Remarks

The type of the signature that was created.

Possible values are:

The PDFSignatureIndex parameter specifies the index of the item in the array. The size of the array is controlled by the PDFSignatureCount property.

This property is read-only and not available at design time.

Data Type

Integer

PDFSignatureSignerCertIndex Property (PDFVerify Component)

The index of the signer certificate in the DocumentCerts properties.

Syntax

__property int PDFSignatureSignerCertIndex[int PDFSignatureIndex] = { read=FPDFSignatureSignerCertIndex };

Default Value

-1

Remarks

The index of the signer certificate in the DocumentCerts properties.

The PDFSignatureIndex parameter specifies the index of the item in the array. The size of the array is controlled by the PDFSignatureCount property.

This property is read-only and not available at design time.

Data Type

Integer

PDFSignatureTimestampCertIndex Property (PDFVerify Component)

The index of the timestamping certificate in the DocumentCerts properties (if applicable).

Syntax

__property int PDFSignatureTimestampCertIndex[int PDFSignatureIndex] = { read=FPDFSignatureTimestampCertIndex };

Default Value

-1

Remarks

The index of the timestamping certificate in the DocumentCerts properties (if applicable).

The PDFSignatureIndex parameter specifies the index of the item in the array. The size of the array is controlled by the PDFSignatureCount property.

This property is read-only and not available at design time.

Data Type

Integer

PDFSignatureTimestamped Property (PDFVerify Component)

Whether the signature contains an embedded timestamp.

Syntax

__property bool PDFSignatureTimestamped[int PDFSignatureIndex] = { read=FPDFSignatureTimestamped };

Default Value

false

Remarks

Whether the signature contains an embedded timestamp.

The PDFSignatureIndex parameter specifies the index of the item in the array. The size of the array is controlled by the PDFSignatureCount property.

This property is read-only and not available at design time.

Data Type

Boolean

PDFSignatureValidatedSigningTime Property (PDFVerify Component)

The certified signing time in UTC.

Syntax

__property String PDFSignatureValidatedSigningTime[int PDFSignatureIndex] = { read=FPDFSignatureValidatedSigningTime };

Default Value

""

Remarks

The certified signing time in UTC.

Use this property to obtain the signing time as certified by a timestamp from a trusted timestamping authority. This property is only nonempty if there is a valid timestamp included in the signature.

Note that the validated time, unlike PDFSignatureClaimedSigningTime, is the trusted signing time.

The PDFSignatureIndex parameter specifies the index of the item in the array. The size of the array is controlled by the PDFSignatureCount property.

This property is read-only and not available at design time.

Data Type

String

PDFSignatureValidationResult Property (PDFVerify Component)

The outcome of the cryptographic signature validation.

Syntax

__property TispPDFVerifyPDFSignatureValidationResults PDFSignatureValidationResult[int PDFSignatureIndex] = { read=FPDFSignatureValidationResult };

enum TispPDFVerifyPDFSignatureValidationResults {
  svrUnknown=0,
  svrValid=1,
  svrCorrupted=2,
  svrSignerNotFound=3,
  svrFailure=4
};

Default Value

svrUnknown

Remarks

The outcome of the cryptographic signature validation.

Possible values are:

This property is also available as the SignatureValidationResult parameter of the SignatureProcessed event.

The PDFSignatureIndex parameter specifies the index of the item in the array. The size of the array is controlled by the PDFSignatureCount property.

This property is read-only and not available at design time.

Data Type

Integer

PDFSignatureWidgetHeight Property (PDFVerify Component)

The height of the signature widget in points.

Syntax

__property String PDFSignatureWidgetHeight[int PDFSignatureIndex] = { read=FPDFSignatureWidgetHeight };

Default Value

"70"

Remarks

The height of the signature widget in points. Both integer and decimal values are supported.

The PDFSignatureIndex parameter specifies the index of the item in the array. The size of the array is controlled by the PDFSignatureCount property.

This property is read-only and not available at design time.

Data Type

String

PDFSignatureWidgetOffsetX Property (PDFVerify Component)

The signature widget offset from the left-hand page border in points.

Syntax

__property String PDFSignatureWidgetOffsetX[int PDFSignatureIndex] = { read=FPDFSignatureWidgetOffsetX };

Default Value

"0"

Remarks

The signature widget offset from the left-hand page border in points. Both integer and decimal values are supported.

The PDFSignatureIndex parameter specifies the index of the item in the array. The size of the array is controlled by the PDFSignatureCount property.

This property is read-only and not available at design time.

Data Type

String

PDFSignatureWidgetOffsetY Property (PDFVerify Component)

The signature widget offset from the bottom page border in points.

Syntax

__property String PDFSignatureWidgetOffsetY[int PDFSignatureIndex] = { read=FPDFSignatureWidgetOffsetY };

Default Value

"0"

Remarks

The signature widget offset from the bottom page border in points. Both integer and decimal values are supported.

The PDFSignatureIndex parameter specifies the index of the item in the array. The size of the array is controlled by the PDFSignatureCount property.

This property is read-only and not available at design time.

Data Type

String

PDFSignatureWidgetPages Property (PDFVerify Component)

The pages that the signature and its widget are placed on.

Syntax

__property String PDFSignatureWidgetPages[int PDFSignatureIndex] = { read=FPDFSignatureWidgetPages };

Default Value

""

Remarks

The pages that the signature and its widget are placed on.

The PDFSignatureIndex parameter specifies the index of the item in the array. The size of the array is controlled by the PDFSignatureCount property.

This property is read-only and not available at design time.

Data Type

String

PDFSignatureWidgetWidth Property (PDFVerify Component)

The width of the signature widget in points.

Syntax

__property String PDFSignatureWidgetWidth[int PDFSignatureIndex] = { read=FPDFSignatureWidgetWidth };

Default Value

"70"

Remarks

The width of the signature widget in points. Both integer and decimal values are supported.

The PDFSignatureIndex parameter specifies the index of the item in the array. The size of the array is controlled by the PDFSignatureCount property.

This property is read-only and not available at design time.

Data Type

String

TrustedCertCount Property (PDFVerify Component)

The number of records in the TrustedCert arrays.

Syntax

__property int TrustedCertCount = { read=FTrustedCertCount, write=FSetTrustedCertCount };

Default Value

0

Remarks

This property controls the size of the following arrays:

• TrustedCertEffectiveDate
• TrustedCertEncoded
• TrustedCertExpirationDate
• TrustedCertExtendedKeyUsage
• TrustedCertFingerprint
• TrustedCertFingerprintSHA1
• TrustedCertFingerprintSHA256
• TrustedCertIssuer
• TrustedCertPrivateKey
• TrustedCertPrivateKeyAvailable
• TrustedCertPrivateKeyContainer
• TrustedCertPublicKey
• TrustedCertPublicKeyAlgorithm
• TrustedCertPublicKeyLength
• TrustedCertSerialNumber
• TrustedCertSignatureAlgorithm
• TrustedCertStore
• TrustedCertStorePassword
• TrustedCertStoreType
• TrustedCertSubject
• TrustedCertSubjectAltNames
• TrustedCertThumbprintMD5
• TrustedCertThumbprintSHA1
• TrustedCertThumbprintSHA256
• TrustedCertUsage
• TrustedCertUsageFlags
• TrustedCertVersion

The array indices start at 0 and end at TrustedCertCount - 1.

This property is not available at design time.

Data Type

Integer

TrustedCertEffectiveDate Property (PDFVerify Component)

The date on which this certificate becomes valid.

Syntax

__property String TrustedCertEffectiveDate[int TrustedCertIndex] = { read=FTrustedCertEffectiveDate };

Default Value

""

Remarks

The date on which this certificate becomes valid. Before this date, it is not valid. The date is localized to the system's time zone. The following example illustrates the format of an encoded date:

23-Jan-2000 15:00:00.

The TrustedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the TrustedCertCount property.

This property is read-only and not available at design time.

Data Type

String

TrustedCertExpirationDate Property (PDFVerify Component)

The date on which the certificate expires.

Syntax

__property String TrustedCertExpirationDate[int TrustedCertIndex] = { read=FTrustedCertExpirationDate };

Default Value

""

Remarks

The date on which the certificate expires. After this date, the certificate will no longer be valid. The date is localized to the system's time zone. The following example illustrates the format of an encoded date:

23-Jan-2001 15:00:00.

The TrustedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the TrustedCertCount property.

This property is read-only and not available at design time.

Data Type

String

TrustedCertExtendedKeyUsage Property (PDFVerify Component)

A comma-delimited list of extended key usage identifiers.

Syntax

__property String TrustedCertExtendedKeyUsage[int TrustedCertIndex] = { read=FTrustedCertExtendedKeyUsage };

Default Value

""

Remarks

A comma-delimited list of extended key usage identifiers. These are the same as ASN.1 object identifiers (OIDs).

The TrustedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the TrustedCertCount property.

This property is read-only and not available at design time.

Data Type

String

TrustedCertFingerprint Property (PDFVerify Component)

The hex-encoded, 16-byte MD5 fingerprint of the certificate.

Syntax

__property String TrustedCertFingerprint[int TrustedCertIndex] = { read=FTrustedCertFingerprint };

Default Value

""

Remarks

The hex-encoded, 16-byte MD5 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.

The following example illustrates the format: bc:2a:72:af:fe:58:17:43:7a:5f:ba:5a:7c:90:f7:02

The TrustedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the TrustedCertCount property.

This property is read-only and not available at design time.

Data Type

String

TrustedCertFingerprintSHA1 Property (PDFVerify Component)

The hex-encoded, 20-byte SHA-1 fingerprint of the certificate.

Syntax

__property String TrustedCertFingerprintSHA1[int TrustedCertIndex] = { read=FTrustedCertFingerprintSHA1 };

Default Value

""

Remarks

The hex-encoded, 20-byte SHA-1 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.

The following example illustrates the format: 30:7b:fa:38:65:83:ff:da:b4:4e:07:3f:17:b8:a4:ed:80:be:ff:84

The TrustedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the TrustedCertCount property.

This property is read-only and not available at design time.

Data Type

String

TrustedCertFingerprintSHA256 Property (PDFVerify Component)

The hex-encoded, 32-byte SHA-256 fingerprint of the certificate.

Syntax

__property String TrustedCertFingerprintSHA256[int TrustedCertIndex] = { read=FTrustedCertFingerprintSHA256 };

Default Value

""

Remarks

The hex-encoded, 32-byte SHA-256 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.

The following example illustrates the format: 6a:80:5c:33:a9:43:ea:b0:96:12:8a:64:96:30:ef:4a:8a:96:86:ce:f4:c7:be:10:24:8e:2b:60:9e:f3:59:53

The TrustedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the TrustedCertCount property.

This property is read-only and not available at design time.

Data Type

String

TrustedCertIssuer Property (PDFVerify Component)

The issuer of the certificate.

Syntax

__property String TrustedCertIssuer[int TrustedCertIndex] = { read=FTrustedCertIssuer };

Default Value

""

Remarks

The issuer of the certificate. This property contains a string representation of the name of the issuing authority for the certificate.

The TrustedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the TrustedCertCount property.

This property is read-only and not available at design time.

Data Type

String

TrustedCertPrivateKey Property (PDFVerify Component)

The private key of the certificate (if available).

Syntax

__property String TrustedCertPrivateKey[int TrustedCertIndex] = { read=FTrustedCertPrivateKey };

Default Value

""

Remarks

The private key of the certificate (if available). The key is provided as PEM/Base64-encoded data.

Note: The TrustedCertPrivateKey may be available but not exportable. In this case, TrustedCertPrivateKey returns an empty string.

The TrustedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the TrustedCertCount property.

This property is read-only and not available at design time.

Data Type

String

TrustedCertPrivateKeyAvailable Property (PDFVerify Component)

Whether a PrivateKey is available for the selected certificate.

Syntax

__property bool TrustedCertPrivateKeyAvailable[int TrustedCertIndex] = { read=FTrustedCertPrivateKeyAvailable };

Default Value

false

Remarks

Whether a TrustedCertPrivateKey is available for the selected certificate. If TrustedCertPrivateKeyAvailable is True, the certificate may be used for authentication purposes (e.g., server authentication).

The TrustedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the TrustedCertCount property.

This property is read-only and not available at design time.

Data Type

Boolean

TrustedCertPrivateKeyContainer Property (PDFVerify Component)

The name of the PrivateKey container for the certificate (if available).

Syntax

__property String TrustedCertPrivateKeyContainer[int TrustedCertIndex] = { read=FTrustedCertPrivateKeyContainer };

Default Value

""

Remarks

The name of the TrustedCertPrivateKey container for the certificate (if available). This functionality is available only on Windows platforms.

The TrustedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the TrustedCertCount property.

This property is read-only and not available at design time.

Data Type

String

TrustedCertPublicKey Property (PDFVerify Component)

The public key of the certificate.

Syntax

__property String TrustedCertPublicKey[int TrustedCertIndex] = { read=FTrustedCertPublicKey };

Default Value

""

Remarks

The public key of the certificate. The key is provided as PEM/Base64-encoded data.

The TrustedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the TrustedCertCount property.

This property is read-only and not available at design time.

Data Type

String

TrustedCertPublicKeyAlgorithm Property (PDFVerify Component)

The textual description of the certificate's public key algorithm.

Syntax

__property String TrustedCertPublicKeyAlgorithm[int TrustedCertIndex] = { read=FTrustedCertPublicKeyAlgorithm };

Default Value

""

Remarks

The textual description of the certificate's public key algorithm. The property contains either the name of the algorithm (e.g., "RSA" or "RSA_DH") or an object identifier (OID) string representing the algorithm.

The TrustedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the TrustedCertCount property.

This property is read-only and not available at design time.

Data Type

String

TrustedCertPublicKeyLength Property (PDFVerify Component)

The length of the certificate's public key (in bits).

Syntax

__property int TrustedCertPublicKeyLength[int TrustedCertIndex] = { read=FTrustedCertPublicKeyLength };

Default Value

0

Remarks

The length of the certificate's public key (in bits). Common values are 512, 1024, and 2048.

The TrustedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the TrustedCertCount property.

This property is read-only and not available at design time.

Data Type

Integer

TrustedCertSerialNumber Property (PDFVerify Component)

The serial number of the certificate encoded as a string.

Syntax

__property String TrustedCertSerialNumber[int TrustedCertIndex] = { read=FTrustedCertSerialNumber };

Default Value

""

Remarks

The serial number of the certificate encoded as a string. The number is encoded as a series of hexadecimal digits, with each pair representing a byte of the serial number.

The TrustedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the TrustedCertCount property.

This property is read-only and not available at design time.

Data Type

String

TrustedCertSignatureAlgorithm Property (PDFVerify Component)

The text description of the certificate's signature algorithm.

Syntax

__property String TrustedCertSignatureAlgorithm[int TrustedCertIndex] = { read=FTrustedCertSignatureAlgorithm };

Default Value

""

Remarks

The text description of the certificate's signature algorithm. The property contains either the name of the algorithm (e.g., "RSA" or "RSA_MD5RSA") or an object identifier (OID) string representing the algorithm.

The TrustedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the TrustedCertCount property.

This property is read-only and not available at design time.

Data Type

String

TrustedCertStore Property (PDFVerify Component)

The name of the certificate store for the client certificate.

Syntax

__property String TrustedCertStore[int TrustedCertIndex] = { read=FTrustedCertStore, write=FSetTrustedCertStore };
__property DynamicArray<Byte> TrustedCertStoreB[int TrustedCertIndex] = { read=FTrustedCertStoreB, write=FSetTrustedCertStoreB };

Default Value

"MY"

Remarks

The name of the certificate store for the client certificate.

The TrustedCertStoreType property denotes the type of the certificate store specified by TrustedCertStore. If the store is password-protected, specify the password in TrustedCertStorePassword.

TrustedCertStore is used in conjunction with the TrustedCertSubject property to specify client certificates. If TrustedCertStore has a value, and TrustedCertSubject or TrustedCertEncoded is set, a search for a certificate is initiated. Please see the TrustedCertSubject property for details.

Designations of certificate stores are platform dependent.

The following designations are the most common User and Machine certificate stores in Windows:

When the certificate store type is cstPFXFile, this property must be set to the name of the file. When the type is cstPFXBlob, the property must be set to the binary contents of a PFX file (i.e., PKCS#12 certificate store).

The TrustedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the TrustedCertCount property.

This property is not available at design time.

Data Type

Byte Array

TrustedCertStorePassword Property (PDFVerify Component)

If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.

Syntax

__property String TrustedCertStorePassword[int TrustedCertIndex] = { read=FTrustedCertStorePassword, write=FSetTrustedCertStorePassword };

Default Value

""

Remarks

If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.

The TrustedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the TrustedCertCount property.

This property is not available at design time.

Data Type

String

TrustedCertStoreType Property (PDFVerify Component)

The type of certificate store for this certificate.

Syntax

__property TispPDFVerifyTrustedCertStoreTypes TrustedCertStoreType[int TrustedCertIndex] = { read=FTrustedCertStoreType, write=FSetTrustedCertStoreType };

enum TispPDFVerifyTrustedCertStoreTypes {
  cstUser=0,
  cstMachine=1,
  cstPFXFile=2,
  cstPFXBlob=3,
  cstJKSFile=4,
  cstJKSBlob=5,
  cstPEMKeyFile=6,
  cstPEMKeyBlob=7,
  cstPublicKeyFile=8,
  cstPublicKeyBlob=9,
  cstSSHPublicKeyBlob=10,
  cstP7BFile=11,
  cstP7BBlob=12,
  cstSSHPublicKeyFile=13,
  cstPPKFile=14,
  cstPPKBlob=15,
  cstXMLFile=16,
  cstXMLBlob=17,
  cstJWKFile=18,
  cstJWKBlob=19,
  cstSecurityKey=20,
  cstBCFKSFile=21,
  cstBCFKSBlob=22,
  cstPKCS11=23,
  cstAuto=99
};

Default Value

cstUser

Remarks

The type of certificate store for this certificate.

The component supports both public and private keys in a variety of formats. When the cstAuto value is used, the component will automatically determine the type. This property can take one of the following values:

The TrustedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the TrustedCertCount property.

This property is not available at design time.

Data Type

Integer

TrustedCertSubjectAltNames Property (PDFVerify Component)

Comma-separated lists of alternative subject names for the certificate.

Syntax

__property String TrustedCertSubjectAltNames[int TrustedCertIndex] = { read=FTrustedCertSubjectAltNames };

Default Value

""

Remarks

Comma-separated lists of alternative subject names for the certificate.

The TrustedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the TrustedCertCount property.

This property is read-only and not available at design time.

Data Type

String

TrustedCertThumbprintMD5 Property (PDFVerify Component)

The MD5 hash of the certificate.

Syntax

__property String TrustedCertThumbprintMD5[int TrustedCertIndex] = { read=FTrustedCertThumbprintMD5 };

Default Value

""

Remarks

The MD5 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.

The TrustedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the TrustedCertCount property.

This property is read-only and not available at design time.

Data Type

String

TrustedCertThumbprintSHA1 Property (PDFVerify Component)

The SHA-1 hash of the certificate.

Syntax

__property String TrustedCertThumbprintSHA1[int TrustedCertIndex] = { read=FTrustedCertThumbprintSHA1 };

Default Value

""

Remarks

The SHA-1 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.

The TrustedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the TrustedCertCount property.

This property is read-only and not available at design time.

Data Type

String

TrustedCertThumbprintSHA256 Property (PDFVerify Component)

The SHA-256 hash of the certificate.

Syntax

__property String TrustedCertThumbprintSHA256[int TrustedCertIndex] = { read=FTrustedCertThumbprintSHA256 };

Default Value

""

Remarks

The SHA-256 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.

The TrustedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the TrustedCertCount property.

This property is read-only and not available at design time.

Data Type

String

TrustedCertUsage Property (PDFVerify Component)

The text description of UsageFlags .

Syntax

__property String TrustedCertUsage[int TrustedCertIndex] = { read=FTrustedCertUsage };

Default Value

""

Remarks

The text description of TrustedCertUsageFlags.

This value will be one or more of the following strings and will be separated by commas:

• Digital Signature
• Non-Repudiation
• Key Encipherment
• Data Encipherment
• Key Agreement
• Certificate Signing
• CRL Signing
• Encipher Only

If the provider is OpenSSL, the value is a comma-separated list of X.509 certificate extension names.

The TrustedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the TrustedCertCount property.

This property is read-only and not available at design time.

Data Type

String

TrustedCertUsageFlags Property (PDFVerify Component)

The flags that show intended use for the certificate.

Syntax

__property int TrustedCertUsageFlags[int TrustedCertIndex] = { read=FTrustedCertUsageFlags };

Default Value

0

Remarks

The flags that show intended use for the certificate. The value of TrustedCertUsageFlags is a combination of the following flags:

Please see the TrustedCertUsage property for a text representation of TrustedCertUsageFlags.

This functionality currently is not available when the provider is OpenSSL.

The TrustedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the TrustedCertCount property.

This property is read-only and not available at design time.

Data Type

Integer

TrustedCertVersion Property (PDFVerify Component)

The certificate's version number.

Syntax

__property String TrustedCertVersion[int TrustedCertIndex] = { read=FTrustedCertVersion };

Default Value

""

Remarks

The certificate's version number. The possible values are the strings "V1", "V2", and "V3".

The TrustedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the TrustedCertCount property.

This property is read-only and not available at design time.

Data Type

String

TrustedCertSubject Property (PDFVerify Component)

The subject of the certificate used for client authentication.

Syntax

__property String TrustedCertSubject[int TrustedCertIndex] = { read=FTrustedCertSubject, write=FSetTrustedCertSubject };

Default Value

""

Remarks

The subject of the certificate used for client authentication.

This property must be set after all other certificate properties are set. When this property is set, a search is performed in the current certificate store to locate a certificate with a matching subject.

If a matching certificate is found, the property is set to the full subject of the matching certificate.

If an exact match is not found, the store is searched for subjects containing the value of the property.

If a match is still not found, the property is set to an empty string, and no certificate is selected.

The special value "*" picks a random certificate in the certificate store.

The certificate subject is a comma-separated list of distinguished name fields and values. For instance, "CN=www.server.com, OU=test, C=US, E=support@nsoftware.com". Common fields and their meanings are as follows:

If a field value contains a comma, it must be quoted.

The TrustedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the TrustedCertCount property.

This property is not available at design time.

Data Type

String

TrustedCertEncoded Property (PDFVerify Component)

The certificate (PEM/Base64 encoded).

Syntax

__property String TrustedCertEncoded[int TrustedCertIndex] = { read=FTrustedCertEncoded, write=FSetTrustedCertEncoded };
__property DynamicArray<Byte> TrustedCertEncodedB[int TrustedCertIndex] = { read=FTrustedCertEncodedB, write=FSetTrustedCertEncodedB };

Default Value

""

Remarks

The certificate (PEM/Base64 encoded). This property is used to assign a specific certificate. The TrustedCertStore and TrustedCertSubject properties also may be used to specify a certificate.

When TrustedCertEncoded is set, a search is initiated in the current TrustedCertStore for the private key of the certificate. If the key is found, TrustedCertSubject is updated to reflect the full subject of the selected certificate; otherwise, TrustedCertSubject is set to an empty string.

The TrustedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the TrustedCertCount property.

This property is not available at design time.

Data Type

Byte Array

TrustedLists Property (PDFVerify Component)

A list of known Trusted Lists for chain validation.

Syntax

__property String TrustedLists = { read=FTrustedLists, write=FSetTrustedLists };

Default Value

"%EUTL%"

Remarks

This property is used to supply a semicolon-separated list of URLs or paths of known Trusted Lists to the component for chain validation.

A Trusted List is an XML document that contains a government-issued list of CAs that have passed regulated compliance checks. When validating the chain, the component will consult the Trusted List to establish certificate trust, ensuring that the CA is legitimate and entitled to issue certificates of the kind being checked.

The default value is the special %EUTL% macro, which, if applicable, instructs the component to check the root certificate against up-to-date versions of the primary EU Trusted Lists from the EU LOTL. Custom values can be appended: component.TrustedLists = "%EUTL%;http://my.company/tsl;c:\tsls\mytsl.xml"; Note: The component will cache all Trusted Lists it downloads and uses during chain validation. This cache is shared between component instances within the same process. If this property contains a URL that is also present in the cache, the component will retrieve the cached data and reuse them in the current validation. If the data are invalid, the component will download a fresh Trusted List and add it to the cache.

Data Type

String

TrustSources Property (PDFVerify Component)

The trust sources to use during chain validation.

Syntax

__property TispPDFVerifyTrustSources TrustSources = { read=FTrustSources, write=FSetTrustSources };

enum TispPDFVerifyTrustSources {
  tsManual=0,
  tsLocal=1,
  tsTrustedLists=2,
  tsLocalAndTrustedLists=3
};

Default Value

tsLocalAndTrustedLists

Remarks

This property is used to specify the sources the component will use to establish certificate trust during chain validation.

Establishing trust for a particular certificate, when either signing or verifying, involves building a chain up to a valid trust anchor. This trust anchor is a root certificate that typically resides on the local system. If the certificate does not eventually chain up to a valid trust anchor, the chain is considered untrusted and therefore invalid.

Possible values are:

Data Type

Integer

ValidationFlags Property (PDFVerify Component)

Additional chain validation settings.

Syntax

__property int ValidationFlags = { read=FValidationFlags, write=FSetValidationFlags };

Default Value

0

Remarks

This property is used to specify additional settings that affect the overall flow of the chain validation.

Its value should be provided as a bitmask of the following flags:

Data Type

Integer

ValidationPolicy Property (PDFVerify Component)

The level at which to perform chain validation.

Syntax

__property TispPDFVerifyValidationPolicies ValidationPolicy = { read=FValidationPolicy, write=FSetValidationPolicy };

enum TispPDFVerifyValidationPolicies {
  vpNone=0,
  vpFull=1,
  vpFullNoTrust=2,
  vpFullNoRevocation=3,
  vpBestEffort=4
};

Default Value

vpFull

Remarks

This property is used to specify the overall validation policy the component will follow.

Possible values are:

Validation Policy Heuristics

The choice of validation policy will depend on the scenario for which the chain is validated.

Creating a new signature:

• For a basic signature with or without a timestamp, chain validation is not required, so it is recommended to use vpNone. This policy may also be used in test environments or on offline systems.
• For an LTV signature, use vpFull or vpFullNoTrust depending on whether trust checks are necessary in the current environment. If the signature is being created in an environment that does not match the prospective validation environment, consider vpFullNoTrust to validate the chain properly and fully without expecting good trust.

Updating or extending an existing signature:

• When updating a basic signature to LTV, similarly use vpFull or vpFullNoTrust as above.
• When extending an LTV signature, similarly use vpFull or vpFullNoTrust as above.

Validating an existing signature:

• For basic signature validation, use vpFullNoRevocation if trust checks, but not revocation checks, are necessary in the current environment. This policy may also be used on offline systems if the trust anchor is already available to the component.
• For archival validation, use vpFull to validate the chain properly and fully. This policy expects the trust anchor and all the revocation material to be available.

Data Type

Integer

ValidationTime Property (PDFVerify Component)

The time point at which the signature should be validated.

Syntax

__property String ValidationTime = { read=FValidationTime, write=FSetValidationTime };

Default Value

""

Remarks

This property is used to specify the moment in time at which the signature validity should be established. The time should be provided in UTC in yyyyMMddHHmmssZ format.

Leave this property empty to stick to the default time point. The component will then prioritize:

• The signature creation time if the signature contains a signature timestamp (), or
• The local time included in the signature by the signer ().

Note: The validity of the same signature may differ depending on the time point chosen due to temporal changes in chain validities, revocation statuses, and timestamp times.

Data Type

String

Close Method (PDFVerify Component)

Closes an opened PDF document.

Syntax

void __fastcall Close();

Remarks

This method is used to close the previously opened document specified in InputFile, InputData, or SetInputStream. It should always be preceded by a call to the Open method.

Example: component.InputFile = "input.pdf"; component.Open(); // Some operation component.Close();

If any changes are made to the document, they will be saved automatically to OutputFile, OutputData, or the stream set in SetOutputStream when this method is called. To configure this saving behavior, set the SaveChanges configuration setting.

Config Method (PDFVerify Component)

Sets or retrieves a configuration setting.

Syntax

String __fastcall Config(String ConfigurationString);

Remarks

Config is a generic method available in every component. It is used to set and retrieve configuration settings for the component.

These settings are similar in functionality to properties, but they are rarely used. In order to avoid "polluting" the property namespace of the component, access to these internal properties is provided through the Config method.

To set a configuration setting named PROPERTY, you must call Config("PROPERTY=VALUE"), where VALUE is the value of the setting expressed as a string. For boolean values, use the strings "True", "False", "0", "1", "Yes", or "No" (case does not matter).

To read (query) the value of a configuration setting, you must call Config("PROPERTY"). The value will be returned as a string.

Encrypted Method (PDFVerify Component)

Checks whether a PDF document is encrypted.

Syntax

bool __fastcall Encrypted();

Remarks

This method is used to determine whether or not the document specified in InputFile, InputData, or SetInputStream is encrypted. It will return false if the document is pseudo-encrypted with an empty password.

Example: component.InputFile = "input.pdf"; if (component.Encrypted()) { // Set Password or DecryptionCert } component.Open(); // Some operation component.Close(); Note: If the document is not already opened, this method will open it, perform the operation, then close it.

GetPageProperty Method (PDFVerify Component)

Retrieves the value of a page property.

Syntax

String __fastcall GetPageProperty(int Page, String PageProperty);

Remarks

This method is used to read general information about the pages of the document specified in InputFile, InputData, or SetInputStream, such as their dimensions and content positioning details.

The Page parameter specifies the page to read information about (with a valid range from 1 to PageCount), and the PageProperty parameter specifies the page property to read. The latter can take one of the following values:

Note: Each page property is only populated once the document has been loaded, which is reported by the DocumentInfo event.

Example: int pageCount = 0; component.OnDocumentInfo += (s, e) => { pageCount = e.PageCount; }; component.InputFile = "input.pdf"; component.Open(); for (int i = 1; i <= pageCount; i++) component.GetPageProperty(i, "Height"); component.Close(); The page properties can be used to adjust the position of the signature widget based on the page dimensions. For example: int x = int.Parse(pdfsign.GetPageProperty(1, "Width")) - 100; int y = int.Parse(pdfsign.GetPageProperty(1, "Height")) - 100; pdfsign.SetWidgetProperty("OffsetX", x.ToString()); pdfsign.SetWidgetProperty("OffsetY", y.ToString()); Note: If the document is not already opened, this method will open it, perform the operation, then close it.

GetSignedVersion Method (PDFVerify Component)

Returns the part of a signed PDF document that is covered by the signature.

Syntax

void __fastcall GetSignedVersion(int SignatureIndex);

Remarks

This method is used to retrieve the revision of the document specified in InputFile, InputData, or SetInputStream that is covered by the signature specified by SignatureIndex. The extracted revision will be saved to OutputFile, OutputData, or the stream set in SetOutputStream.

The SignatureIndex parameter is the index of the signature of interest in the Signatures properties.

Example: pdfverify.InputFile = "signed.pdf"; pdfverify.OutputFile = "revision0.pdf"; pdfverify.GetSignedVersion(0); PDF documents often use an incremental update approach, with any changes being appended to the document without altering the existing revision. This may lead to situations where a signature only covers part of the document (one of the past revisions), but not subsequent changes. This method provides a means to extract the revision that is actually certified by the signature.

It is recommended to use this method when validating signatures to make sure the signature covers the byte range it is expected to cover.

An alternative to this method is to check the property of the signature object and match it to the document length.

Note: If the document is not already opened, this method will open it, perform the operation, then close it.

Interrupt Method (PDFVerify Component)

Interrupts the current action.

Syntax

void __fastcall Interrupt();

Remarks

This method interrupts the current action. It can be used, for example, within the ChainCert event to abort the chain validation procedure.

If there is no action in progress, this method simply returns, doing nothing.

Open Method (PDFVerify Component)

Opens a PDF document for processing.

Syntax

void __fastcall Open();

Remarks

This method is used to open the document specified in InputFile, InputData, or SetInputStream before performing some operation on it, such as verifying or removing signatures. When finished, call Close to complete or discard the operation.

It is recommended to use this method (alongside Close) when performing multiple operations on the document at once.

Note: This method will populate the Attachments, DocumentCerts, and Signatures collections with any corresponding objects found in the document.

Automatic Decryption Functionality

If this method is called on an encrypted document, the Password or RecipientInfo event will fire (depending on the encryption type) as a notification that the document must be decrypted before processing can continue.

Once the correct decryption material is supplied, the component will then attempt to decrypt the document automatically within this method. When this occurs, the decrypted content is kept in memory so that the document's encrypted status is preserved when it is saved later. Use the Decrypt method to save a decrypted copy of the document instead.

Reset Method (PDFVerify Component)

Resets the component.

Syntax

void __fastcall Reset();

Remarks

This method is used to reset the component's properties and configuration settings to their default values.

SaveAttachment Method (PDFVerify Component)

Saves a PDF attachment to a file.

Syntax

void __fastcall SaveAttachment(int Index, String FileName);

Remarks

This method is used to retrieve the contents of an attachment from the document specified in InputFile, InputData, or SetInputStream and save it to the file specified by FileName. It does not modify the existence of the Attachments properties's contents.

The Index parameter is the index of the attachment in the Attachments properties to be saved.

The FileName parameter specifies the filename that the attachment will be saved to.

Example: component.InputFile = "input_with_attachment.pdf"; component.Open(); component.SaveAttachment(0, "a.dat"); component.Close(); Example (saving to a stream): component.InputFile = "input_with_attachment.pdf"; component.Attachments[0].OutputStream = myStream; component.SaveAttachment(0, null); // null means use the OutputStream property if it's set Note: If the document is not already opened, this method will open it, perform the operation, then close it.

Signed Method (PDFVerify Component)

Checks whether a PDF document is signed.

Syntax

bool __fastcall Signed();

Remarks

This method is used to determine whether or not the document specified in InputFile, InputData, or SetInputStream is signed. It will return false if the document contains only empty signature fields.

Example: pdfverify.InputFile = "input.pdf"; if (pdfverify.Signed()) { // Configure validation-related properties as desired pdfverify.Verify(); } Note: If the document is not already opened, this method will open it, perform the operation, then close it.

Unsign Method (PDFVerify Component)

Removes a signature from a PDF document.

Syntax

void __fastcall Unsign(int SignatureIndex, int UnsignKind);

Remarks

This method is used to remove an existing signature specified by SignatureIndex from the document specified in InputFile, InputData, or SetInputStream. The document with the removed signature will be saved to OutputFile, OutputData, or the stream set in SetOutputStream.

The SignatureIndex parameter is the index of the signature in the Signatures properties to be removed.

The UnsignKind parameter specifies the kind of unsign to perform. Possible values are:

Example: pdfverify.InputFile = "signed.pdf"; pdfverify.OutputFile = "unsigned.pdf"; pdfverify.Open(); int idx = pdfverify.Signatures.Count - 1; pdfverify.Unsign(idx, 0); // uskFull pdfverify.Close(); Note that unsigning is different from GetSignedVersion. The latter returns the revision of the document including the mentioned signature (thus removing anything after that signature was created). Unsign removes the signature completely by carving it out of the document.

Note: SignatureIndex set to -1 removes all signatures in the document.

Note: If the document is not already opened, this method will open it, perform the operation, then close it.

Verify Method (PDFVerify Component)

Verifies a signed PDF document.

Syntax

void __fastcall Verify();

Remarks

This method is used to validate all signatures in the document specified in InputFile, InputData, or SetInputStream.

This method walks through the signed document and reports every signature via the SignatureInfo event. Subscribe to the event to be notified about the signatures and adjust validation settings on the fly.

Upon completion of this method, the signature details will be published in the Signatures property.

Example: pdfverify.InputFile = "signed.pdf"; pdfverify.Verify(); PDFSignature signature = pdfverify.Signatures[0]; if (signature.ValidationResult == SignatureValidationResults.svrValid) Console.WriteLine("Signature is good"); if (signature.ChainValidationResult == ChainValidationResults.cvrValid) Console.WriteLine("Chain is good"); This method only validates the signatures and does not check their coverage. It is a good idea to use mechanisms such as GetSignedVersion or to ensure that the signature covers the expected document revision.

To control individual signature validation, subscribe to the SignatureInfo event and set the ValidateSignature and ValidateChain parameters accordingly. The results are reported via the SignatureProcessed event.

Use the following properties to adjust chain validation parameters:

• BlockedCerts
• KnownCerts
• OfflineMode
• RevocationCheck
• TrustedCerts
• TrustedLists
• TrustSources
• ValidationFlags
• ValidationPolicy
• ValidationTime

Note: If the document is not already opened, this method will open it, perform the operation, then close it.

ChainCert Event (PDFVerify Component)

Fired when the component encounters a chain certificate.

Syntax

typedef struct {
  String CertEncoded;
  DynamicArray<Byte> CertEncodedB;
  String CertSubject;
  String CertIssuer;
  String ValidationTime;
  int ValidationResult;
  int ValidationDetails;
} TispPDFVerifyChainCertEventParams;
typedef void __fastcall (__closure *TispPDFVerifyChainCertEvent)(System::TObject* Sender, TispPDFVerifyChainCertEventParams *e);
__property TispPDFVerifyChainCertEvent OnChainCert = { read=FOnChainCert, write=FOnChainCert };

Remarks

This event is fired once for each certificate encountered during chain validation to report that it is about to be processed. The component will try to retrieve all required chain certificates automatically.

The CertEncoded parameter specifies the PEM (Base64-encoded) public certificate.

The CertSubject and CertIssuer parameters specify the distinguished names of the certificate owner and issuer respectively.

The ValidationTime parameter specifies the time point (in UTC) at which the certificate validity was established.

The ValidationResult parameter reports the outcome of the individual certificate validation and can be one of the following values:

In the case of a failure, the ValidationDetails parameter provides more details on its reasons. Its value is a bitmask of the following flags:

Overridable Chain Validation

While the component will follow the validation rules defined by the X.509 standard to the best of its ability, minor technical issues may arise when validating the chain. The ValidationResult and ValidationDetails parameters can be overridden to relax such requirements on a per-certificate basis.

For example, set ValidationResult to cvrValid and ValidationDetails to 0 in order to:

• Ignore CA or TLS key usage requirements
• Ignore the AuthorityKeyId extension in certificate-issuing CAs (helps with incorrectly renewed certificates)
• Ignore the Basic Constraints or Name Constraints extensions of CA certificates
• Tolerate some weaker algorithms
• Implicitly trust self-signed certificates
• Skip validity period checks for trusted certificates (helps with older devices that have expired root certificates)
• Ignore chain loops (helps with buggy CAs that include subchains that sign themselves)

Based on the adjusted validity of the certificate that is currently being processed, the component will continue or abort the chain validation procedure accordingly as if it had arrived at the chosen validation result itself.

Note: The user code is ultimately responsible for certificate validity decisions made via these two parameters. If their values are modified within this event, the resulting chain validation procedure may deviate from the standard.

DocumentInfo Event (PDFVerify Component)

Fired when the document has been loaded into memory.

Syntax

typedef struct {
  int PageCount;
  int SignatureCount;
} TispPDFVerifyDocumentInfoEventParams;
typedef void __fastcall (__closure *TispPDFVerifyDocumentInfoEvent)(System::TObject* Sender, TispPDFVerifyDocumentInfoEventParams *e);
__property TispPDFVerifyDocumentInfoEvent OnDocumentInfo = { read=FOnDocumentInfo, write=FOnDocumentInfo };

Remarks

This event is fired once per document processing routine to report that the document has been processed and loaded into memory.

The handler for this event is a good place to check the document structure and access document-related information such as page number and document file details. These may be useful when preparing the signature. For example, the GetPageProperty method can be used to find the optimal position for the signature widget.

The PageCount parameter reports the number of pages in the document.

The SignatureCount parameter reports the number of signatures in the document.

This event is fired when the Open method is called, but only after Password or RecipientInfo is fired (if applicable) and the document has been decrypted.

Error Event (PDFVerify Component)

Fired when information is available about errors during data delivery.

Syntax

typedef struct {
  int ErrorCode;
  String Description;
} TispPDFVerifyErrorEventParams;
typedef void __fastcall (__closure *TispPDFVerifyErrorEvent)(System::TObject* Sender, TispPDFVerifyErrorEventParams *e);
__property TispPDFVerifyErrorEvent OnError = { read=FOnError, write=FOnError };

Remarks

The Error event is fired in case of exceptional conditions during message processing. Normally the component raises an exception.

The ErrorCode parameter contains an error code, and the Description parameter contains a textual description of the error. For a list of valid error codes and their descriptions, please refer to the Error Codes section.

Log Event (PDFVerify Component)

Fired once for each log message.

Syntax

typedef struct {
  int LogLevel;
  String Message;
  String LogType;
} TispPDFVerifyLogEventParams;
typedef void __fastcall (__closure *TispPDFVerifyLogEvent)(System::TObject* Sender, TispPDFVerifyLogEventParams *e);
__property TispPDFVerifyLogEvent OnLog = { read=FOnLog, write=FOnLog };

Remarks

This event is fired once for each log message generated by the component. The verbosity is controlled by the LogLevel configuration setting.

The LogLevel parameter indicates the detail level of the message. Possible values are:

The Message parameter is the log message.

The LogType parameter identifies the type of log entry. Possible values are:

• CertValidator
• Font
• HTTP
• PDFInvalidSignature
• PDFRevocationInfo
• Timestamp
• TSL

Password Event (PDFVerify Component)

Fired when the component detects that the PDF document is encrypted with a password.

Syntax

typedef struct {
  bool Available;
  bool Cancel;
} TispPDFVerifyPasswordEventParams;
typedef void __fastcall (__closure *TispPDFVerifyPasswordEvent)(System::TObject* Sender, TispPDFVerifyPasswordEventParams *e);
__property TispPDFVerifyPasswordEvent OnPassword = { read=FOnPassword, write=FOnPassword };

Remarks

This event is fired during document processing to report that the document is encrypted with a password. It may be used to supply the correct decryption password to the Password property.

The Available parameter indicates whether the decryption password is already available to the component or still needs to be set. If this parameter is set to false, the correct password must be provided for the decryption attempt to succeed.

The Cancel parameter determines whether the component will stop firing this event to request a password.

RecipientInfo Event (PDFVerify Component)

Fired for each recipient certificate of the encrypted PDF document.

Syntax

typedef struct {
  String Issuer;
  String SerialNumber;
  String SubjectKeyIdentifier;
  bool Available;
  bool Cancel;
} TispPDFVerifyRecipientInfoEventParams;
typedef void __fastcall (__closure *TispPDFVerifyRecipientInfoEvent)(System::TObject* Sender, TispPDFVerifyRecipientInfoEventParams *e);
__property TispPDFVerifyRecipientInfoEvent OnRecipientInfo = { read=FOnRecipientInfo, write=FOnRecipientInfo };

Remarks

This event is fired during document processing for each recipient certificate that the document has been encrypted for (if applicable). It may be used to identify the certificate(s) to load and supply to the DecryptionCert property.

The Issuer parameter specifies the subject of the issuer certificate.

The SerialNumber parameter specifies the serial number of the encryption certificate.

The SubjectKeyIdentifier parameter specifies the X.509 subjectKeyIdentifier extension value of the encryption certificate, encoded as a hex string.

The Available parameter indicates whether the decryption certificate is already available to the component or still needs to be set. If this parameter is set to false, the correct certificate must be provided for the decryption attempt to succeed.

The Cancel parameter determines whether the component will stop firing this event to request a certificate.

Note: The document may be encrypted with more than one certificate (or have "more than one recipient"), in which case each certificate will cause its own invocation of this event.

SignatureInfo Event (PDFVerify Component)

Fired when the component finds a signature in the document.

Syntax

typedef struct {
  int SignatureIndex;
  bool ValidateSignature;
  bool ValidateChain;
} TispPDFVerifySignatureInfoEventParams;
typedef void __fastcall (__closure *TispPDFVerifySignatureInfoEvent)(System::TObject* Sender, TispPDFVerifySignatureInfoEventParams *e);
__property TispPDFVerifySignatureInfoEvent OnSignatureInfo = { read=FOnSignatureInfo, write=FOnSignatureInfo };

Remarks

This event is fired once for each signature found in the document to report that the signature specified by SignatureIndex is about to be validated.

The SignatureIndex parameter is the index of the signature in the Signatures properties.

Signature validation consists of two independent stages: cryptographic signature validation and chain validation. The ValidateSignature and ValidateChain parameters determine whether each stage should be included in the validation. They can be overridden to modify the validation policy on a per-signature basis, allowing signatures to be verified individually instead of all at once (via Verify). To skip validation entirely, set both parameters to false.

Use the following properties to adjust chain validation parameters:

• BlockedCerts
• KnownCerts
• OfflineMode
• RevocationCheck
• TrustedCerts
• TrustedLists
• TrustSources
• ValidationFlags
• ValidationPolicy
• ValidationTime

SignatureProcessed Event (PDFVerify Component)

Fired after a signature has been processed.

Syntax

typedef struct {
  int SignatureIndex;
  int SignatureValidationResult;
  int ChainValidationResult;
  int ChainValidationDetails;
} TispPDFVerifySignatureProcessedEventParams;
typedef void __fastcall (__closure *TispPDFVerifySignatureProcessedEvent)(System::TObject* Sender, TispPDFVerifySignatureProcessedEventParams *e);
__property TispPDFVerifySignatureProcessedEvent OnSignatureProcessed = { read=FOnSignatureProcessed, write=FOnSignatureProcessed };

Remarks

This event is fired once for each signature found in the document to report that the signature specified by SignatureIndex has completed validation. It is fired after SignatureInfo if that event's ValidateSignature parameter is set to true.

The SignatureIndex parameter is the index of the signature in the Signatures properties.

Signature validation consists of two independent stages: cryptographic signature validation and chain validation. Separate validation results are reported for each in the SignatureValidationResult and ChainValidationResult parameters.

The former reports the validity of the signature and can be one of the following values:

The latter reports the validity of the chain and can be one of the following values:

In the case of a failure, the ChainValidationDetails parameter provides more details on its reasons. Its value is a bitmask of the following flags:

Note: SignatureValidationResult, ChainValidationResult, and ChainValidationDetails are also available as properties in the PDFSignature type.

SSLServerAuthentication Event (PDFVerify Component)

Fired after the server presents its certificate to the client.

Syntax

typedef struct {
  String CertEncoded;
  DynamicArray<Byte> CertEncodedB;
  String CertSubject;
  String CertIssuer;
  String Status;
  bool Accept;
} TispPDFVerifySSLServerAuthenticationEventParams;
typedef void __fastcall (__closure *TispPDFVerifySSLServerAuthenticationEvent)(System::TObject* Sender, TispPDFVerifySSLServerAuthenticationEventParams *e);
__property TispPDFVerifySSLServerAuthenticationEvent OnSSLServerAuthentication = { read=FOnSSLServerAuthentication, write=FOnSSLServerAuthentication };

Remarks

This event is fired during timestamping or chain validation after the server presents its SSL/TLS certificate to the component. It only applies if the TSA, CRL, OCSP, or Trusted List endpoint operates over HTTPS.

During this event, the client can decide whether or not to continue with the connection process. The Accept parameter is a recommendation on whether to continue or close the connection. This is just a suggestion: application software must use its own logic to determine whether or not to continue.

When the Accept parameter is false, the Status parameter shows why the verification failed (otherwise, Status contains the string OK). If it is decided to continue, you can override and accept the certificate by setting the Accept parameter to true.

SSLStatus Event (PDFVerify Component)

Fired when secure connection progress messages are available.

Syntax

typedef struct {
  String Message;
} TispPDFVerifySSLStatusEventParams;
typedef void __fastcall (__closure *TispPDFVerifySSLStatusEvent)(System::TObject* Sender, TispPDFVerifySSLStatusEventParams *e);
__property TispPDFVerifySSLStatusEvent OnSSLStatus = { read=FOnSSLStatus, write=FOnSSLStatus };

Remarks

This event is fired during timestamping or chain validation for informational and logging purposes only. This event tracks the progress of the SSL/TLS connection. It only applies if the TSA, CRL, OCSP, or Trusted List endpoint operates over HTTPS.

Config Settings (PDFVerify Component)

The component accepts one or more of the following configuration settings. Configuration settings are similar in functionality to properties, but they are rarely used. In order to avoid "polluting" the property namespace of the component, access to these internal properties is provided through the Config method.

PDFVerify Config Settings

Base Config Settings

Trappable Errors (PDFVerify Component)

PDFVerify Errors

PDF Errors

Parsing Errors

The component may also return one of the following error codes, which are inherited from other components.

HTTP Errors

The component may also return one of the following error codes, which are inherited from other components.

TCPClient Errors

SSL Errors

TCP/IP Errors