I work with a system that has a PDF signature option.
Now, having created an additional application for Android, I ran into some mystery: How to check the certificate is correct?
The problem is that I am wondering if the certificate was valid at the time of signing. Now I know that Adobe has such an opportunity, but I would like to know how to implement such a thing on my own.
I successfully checked the status of the certificate with respect to OCSP, but the only thing it gave me the status of the certificate, regardless of whether it was canceled / suspended and the date (which is an insight and still puzzles me), I also looked at the CRL, but it seems that he has only one entry per certificate, that is, he cannot tell me whether the certificate is valid at a particular point in time.
Example:
Certificate 01 4D 44 5B - issued on 20.08.2012 - suspended on 21.08.2012 - reactivated on 22.08.2012 PDF document1 - signed on 20.08.2012 PDF document2 - signed on 21.08.2012
Now, if we check the validity of documents in Adobe Reader, PDF1 will show valid and PDF2 as invalid .
How does Adobe know, and how do I know the same information ? Maybe there is some kind of OS program whose source I could study to find out?
source share