Discuss this help topic in SecureBlackbox Forum

TElOCSPServer.OnCertificateCheck

TElOCSPServer     


Filter: C#  VB.NET  Pascal  C++  PHP  Java  


This event is fired when certificate status must be checked.

Declaration

[C#]
    event TSBCertificateOCSPCheckEvent OnCertificateCheck;
    delegate void TSBCertificateOCSPCheckEvent(Object Sender, byte[] HashAlgOID, byte[] IssuerNameHash, byte[] IssuerKeyHash, byte[] CertificateSerial, ref TElOCSPCertificateStatus CertStatus, ref TSBCRLReasonFlag Reason, ref DateTime RevocationTime, ref DateTime ThisUpdate, ref DateTime NextUpdate);

[VB.NET]
    Event OnCertificateCheck As TSBCertificateOCSPCheckEvent
    Delegate Sub TSBCertificateOCSPCheckEvent(ByVal Sender As Object, ByVal HashAlgOID As Byte(), ByVal IssuerNameHash As Byte(), ByVal IssuerKeyHash As Byte(), ByVal CertificateSerial As Byte(), ByRef CertStatus As TElOCSPCertificateStatus, ByRef Reason As TSBCRLReasonFlag, ByRef RevocationTime As DateTime, ByRef ThisUpdate As DateTime, ByRef NextUpdate As DateTime)

[Pascal]
    property OnCertificateCheck : TSBCertificateOCSPCheckEvent;
    TSBCertificateOCSPCheckEvent = procedure(Sender : TObject; const HashAlgOID : ByteArray; const IssuerNameHash : ByteArray; const IssuerKeyHash : ByteArray; const CertificateSerial : ByteArray; var CertStatus : TElOCSPCertificateStatus; var Reason : TSBCRLReasonFlag; var RevocationTime, ThisUpdate, NextUpdate : TDateTime) of object;

[C++]
    void get_OnCertificateCheck(TSBCertificateOCSPCheckEvent &pMethodOutResult, void * &pDataOutResult);
    void set_OnCertificateCheck(TSBCertificateOCSPCheckEvent pMethodValue, void * pDataValue);
    typedef void (SB_CALLBACK *TSBCertificateOCSPCheckEvent)(void * _ObjectData, TObjectHandle Sender, const uint8_t pHashAlgOID[], int32_t szHashAlgOID, const uint8_t pIssuerNameHash[], int32_t szIssuerNameHash, const uint8_t pIssuerKeyHash[], int32_t szIssuerKeyHash, const uint8_t pCertificateSerial[], int32_t szCertificateSerial, TElOCSPCertificateStatusRaw &CertStatus, TSBCRLReasonFlagRaw &Reason, int64_t &RevocationTime, int64_t &ThisUpdate, int64_t &NextUpdate);

[PHP]
    TSBCertificateOCSPCheckEvent|callable|NULL get_OnCertificateCheck()
    void set_OnCertificateCheck(TSBCertificateOCSPCheckEvent|callable|NULL $Value)
    callable TSBCertificateOCSPCheckEvent(TObject $Sender, string $HashAlgOID, string $IssuerNameHash, string $IssuerKeyHash, string $CertificateSerial, integer &$CertStatus, integer &$Reason, DateTime &$RevocationTime, DateTime &$ThisUpdate, DateTime &$NextUpdate)

[Java]
    TSBCertificateOCSPCheckEvent getOnCertificateCheck();
    void setOnCertificateCheck(TSBCertificateOCSPCheckEvent Value);
    TSBCertificateOCSPCheckEvent.Callback OnCertificateCheck = new TSBCertificateOCSPCheckEvent.Callback() {
        public void TSBCertificateOCSPCheckEventCallback(TObject arg0, byte[] arg1, byte[] arg2, byte[] arg3, byte[] arg4, TElCertificateOCSPCheckParams arg5) {
            //...
        }
    }

Parameters

  • HashAlgOID - OID of the hash algorithm, used to create IssuerNameHash and IssuerKeyHash
  • IssuerNameHash - hash of the IssuerName field of the certificate, being verified
  • IssuerKeyHash - hash of the public key of the certificate, which was used to sign the certificate being verified
  • CertificateSerial - serial of the certificate being verified
  • CertStatus - certificate status
  • Reason - reason of certificate revocation
  • RevocationTime - time when the certificate was revoked
  • ThisUpdate - time of the current status update
  • NextUpdate - time of the next status update
  • pHashAlgOID -
  • szHashAlgOID - the length of pcHashAlgOID.
  • pIssuerNameHash -
  • szIssuerNameHash - the length of pcIssuerNameHash.
  • pIssuerKeyHash -
  • szIssuerKeyHash - the length of pcIssuerKeyHash.
  • pCertificateSerial -
  • szCertificateSerial - the length of pcCertificateSerial.

Possible values of certificate status:

Possible values of CRL reason flags:

Description

    This event is fired for each certificate from the request. In response to this event you need to provide certificate status and other parameters necessary for the OCSP response.

Discuss this help topic in SecureBlackbox Forum