Hi,
I have to verify a (detached) signature from a third party. I am using System.Security.Cryptography.Pkcs.SignedCMS (VS2008) to validate the Signature. The verification of the data works fine. But when I try to verify the used certificates I always get
that the intermediate certificate is not valid. The ChainStatus returns RevocationStatusUnknown (UnknownError) and OfflineRevocation (UnknownError) even if I set the RevocationMode to NoCheck on the chain.
Dim byteData() As Byte = IO.File.ReadAllBytes(DataFile.FullName)
Dim byteSignature() As Byte = IO.File.ReadAllBytes(SignatureFile.FullName)
Dim ciData As New Pkcs.ContentInfo(New Oid("data"), byteData)
Dim Verifier As New Pkcs.SignedCms(ciData, True)
Try
Verifier.Decode(byteSignature)
Verifier.CheckSignature(True)
Catch crex As CryptographicException
' Signature is not valid
Catch ex As Exception
' Verification failed
End Try
For Each SignatureCertificate As X509Certificates.X509Certificate2 In Verifier.Certificates
Dim certChain As New X509Certificates.X509Chain(True)
certChain.Build(SignatureCertificate) ' Build the certificate chain from the signers certificate
certChain.ChainPolicy.RevocationMode = X509Certificates.X509RevocationMode.NoCheck
For Each certElement As X509Certificates.X509ChainElement In certChain.ChainElements
If Not certElement.Certificate.Verify() Then
' Cert
View Complete Post