Uploaded image for project: 'PDFBox'
  1. PDFBox
  2. PDFBOX-4381

Revocation CRL check should be done at signing time in AddValidation example

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 2.0.12
    • Fix Version/s: 2.0.13, 3.0.0 PDFBox
    • Component/s: Signing
    • Labels:
      None

      Description

      crl.isRevoked(cert) in CRLHelper.java is not correct, a certificate could have been valid at signing time and be invalidated later, e.g. when an employee signs, but loses his card at the after-signing-party. The correct way to do it is in CRLVerifier.verifyCertificateCRLs().

        Attachments

          Activity

            People

            • Assignee:
              tilman Tilman Hausherr
              Reporter:
              tilman Tilman Hausherr
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: