SecureBlackbox 2020 PHP Edition

Questions / Feedback?

Verify Method

Verifies all signatures in the ASiC container.

Object Oriented Interface

public function doVerify();

Procedural Interface

secureblackbox_asicverifier_do_verify($res);

Remarks

Use this method to verify the signature and any associated signed files residing in the ASiC container.

When processing the container, the verifier walks through all the signatures contained in the message, one after another.

For each signature, the SignatureFound event is thrown. The benefits of this are that it:

  • Lets you know some basic details about the signature and its creator
  • Allows you to tell the component whether or not you want to validate it and/or its signing certificate's chain
  • Gives you a chance to provide any missing certificates (CertFound indicates whether you need to do that)
The control then validates the signature and the chain (if told to do so in SignatureFound), reporting the validity of each via SignatureValidated and ChainValidated events, respectively. Before these events are fired, the properties of the signature are populated in the control's properties. Two properties that may be useful to read inside the event handlers are those reporting the signature's creation time, ClaimedSigningTime and ValidatedSigningTime.

The control's properties remain assigned with the last processed signature's details, and are still available after the Verify() call returns, providing a handy way to work with single-signature containers.

Once the main signature's processing completes, the control proceeds to its subordinate elements (countersignatures and/or timestamps). Each timestamp is reported via TimestampValidated event.

Having reported all the countersignatures and timestamps, the control proceeds to the next main signature and any timestamps associated with it - and so on.

Copyright (c) 2022 /n software inc. - All rights reserved.
SecureBlackbox 2020 PHP Edition - Version 20.0 [Build 8154]