Website Download Support
 

Discuss this help topic in SecureBlackbox Forum

TElCustomSimpleSSLClient.OnCertificateValidate

TElCustomSimpleSSLClient     See also     

Filter: C#  VB.NET  Pascal  C++  PHP  Java  

This event is fired when the server certificate must be validated.

Declaration

[C#]
    event TSBCertificateValidateEvent OnCertificateValidate;
    delegate void TSBCertificateValidateEvent(Object Sender, TElX509Certificate X509Certificate, ref TSBCertificateValidity Validity, ref TSBCertificateValidityReason Reason);

[VB.NET]
    Event OnCertificateValidate As TSBCertificateValidateEvent
    Delegate Sub TSBCertificateValidateEvent(ByVal Sender As Object, ByVal X509Certificate As TElX509Certificate, ByRef Validity As TSBCertificateValidity, ByRef Reason As TSBCertificateValidityReason)

[Pascal]
    property OnCertificateValidate : TSBCertificateValidateEvent;
    TSBCertificateValidateEvent = procedure(Sender : TObject; X509Certificate : TElX509Certificate; var Validity : TSBCertificateValidity; var Reason : TSBCertificateValidityReason) of object;

[C++]
    void get_OnCertificateValidate(TSBCertificateValidateEvent &pMethodOutResult, void * &pDataOutResult);
    void set_OnCertificateValidate(TSBCertificateValidateEvent pMethodValue, void * pDataValue);
    typedef void (SB_CALLBACK *TSBCertificateValidateEvent)(void * _ObjectData, TObjectHandle Sender, TElX509CertificateHandle X509Certificate, X509Certificate, uint8_t * Validity, uint32_t * Reason);

[PHP]
    TSBCertificateValidateEvent|callable|NULL get_OnCertificateValidate()
    void set_OnCertificateValidate(TSBCertificateValidateEvent|callable|NULL $Value)
    callable TSBCertificateValidateEvent(TObject $Sender, TElX509Certificate $X509Certificate, integer &$Validity, integer &$Reason)

[Java]
    TSBCertificateValidateEvent getOnCertificateValidate();
    void setOnCertificateValidate(TSBCertificateValidateEvent Value);
    TSBCertificateValidateEvent.Callback OnCertificateValidate = new TSBCertificateValidateEvent.Callback() {
        public void TSBCertificateValidateEventCallback(TObject Sender, TElX509Certificate X509Certificate, TElX509CertificateValidateResult Res) {
            //...
        }
    }

Parameters

  • X509Certificate - the certificate to be validated.
  • Validity - specifies the certificate validity status.
  • Reason - specifies validity reason.
  • Res - [Java] References an instance of the object, which contains Validity and Reason properties.

TSBCertificateValidity values

[.NET] [C++] [Pascal] Description
cvOk = 0 cvOk Certificate was validated successfully and is valid
cvSelfSigned = 1 cvSelfSigned Certificate is self signed
cvInvalid = 2 cvInvalid Certificate is invalid
cvStorageError = 3 cvStorageError Certificate was not validated due to certificate storage error
cvChainUnvalidated = 4 cvChainUnvalidated Certificate chain was not validated because while the certificate itself is valid, one or more of CA Certificates in the chain have validation problems

TSBCertificateValidityReason values

[.NET] [Pascal] [C++] Description
vrBadData = 1 vrBadData f_vrBadData = 1 Invalid certificate format or certificate is corrupted
vrRevoked = 2 vrRevoked f_vrRevoked = 2 Certificate is revoked by Issuer
vrNotYetValid = 4 vrNotYetValid f_vrNotYetValid = 4 Certificate is not valid yet
vrExpired = 8 vrExpired f_vrExpired = 8 Certificate is expired
vrInvalidSignature = 16 vrInvalidSignature f_vrInvalidSignature = 16 Certificate contains invalid digital signature, it could be corrupted
vrUnknownCA = 32 vrUnknownCA f_vrUnknownCA = 32 Issuer (CA) certificate was not found.
vrCAUnauthorized = 64 vrCAUnauthorized f_vrCAUnauthorized = 64 Issuer (CA) certificate was found but its key usage fields don't allow use of this certificate for signing other certificates.
vrCRLNotVerified = 128 vrCRLNotVerified f_vrCRLNotVerified = 128 Certificate Revocation List for this certificate could not be retrieved and/or validated.
vrOCSPNotVerified = 256 vrOCSPNotVerified f_vrOCSPNotVerified = 256 OCSP response for this certificate could not be retrieved and/or validated.
vrIdentityMismatch = 512 vrIdentityMismatch f_vrIdentityMismatch = 512 Provided certificate doesn't include the specified name and / or IP address. Either the remote side in TLS or sender in S/MIME is misconfigured, or the certificate is misused by the remote side or sender, or authenticity of the remote side or sender is forged.
vrNoKeyUsage = 1024 vrNoKeyUsage f_vrNoKeyUsage = 1024 Provided certificate may not be used for chosen activity (identifying TLS server or client or S/MIME message sender)
vrBlocked = 2048 vrBlocked f_vrBlocked = 2048 Provided certificate has been found in the list of blocked certificates
vrFailure = 4096 vrFailure f_vrFailure = 4096 Validation took too long, aborted
vrChainLoop = 8192 vrChainLoop f_vrChainLoop = 8192 Certificate chain includes a loop. Further validation is not possible.
vrWeakAlgorithm = 16384 vrWeakAlgorithm f_vrWeakAlgorithm = 16384 One of certificates is signed using the weak hash algorithm

Description

    This event is fired by TElSimpleSSLClient when the negotiated protocol offers the client to validate the server's certificate, starting from the root CA to the end-entity certificate. One can check whether the certificate is an end-entity one via the certificate's Chain property. Use methods of the TElX509CertificateValidator class to perform the certificate validation.
    This event handler is a good place for calling InternalValidate().

See also:     TElX509Certificate     InternalValidate()    

Discuss this help topic in SecureBlackbox Forum

Copyright (c) 2018, /n software, inc.