(VB.NET UWP/WinRT) Get PDF DSS (Document Security Store)

See more PDF Signatures Examples

This example demonstrates how to extract the information from a PDF's DSS (Document Security Store), if a /DSS exists. (Just because a PDF is signed does not mean a /DSS will exists. In fact, the /DSS is typically created at the point of adding the 2nd or greater signature because the /DSS contains LTV (long term validation) information about the previous signature at the time of adding an additional signature.)

Note: This example requires Chilkat v9.5.0.85 or greater.

Chilkat Universal Windows Platform (UWP) / WinRT Downloads Chilkat for the Universal Windows Platform (UWP)

' This example requires the Chilkat API to have been previously unlocked.
' See Global Unlock Sample for sample code.

Dim pdf As New Chilkat.Pdf

Dim success As Boolean = pdf.LoadFile("qa_data/pdf/sign_testing_1/helloSigned2.pdf")
If (success = False) Then
    Debug.WriteLine(pdf.LastErrorText)
    Exit Sub
End If


Dim json As New Chilkat.JsonObject
json.EmitCompact = False

success = pdf.GetDss(json)
Debug.WriteLine(json.Emit())

' The document security store contains certificates, OCSP responses, and CRLs.
' The following JSON is a sample of what the /DSS can contain.
' Unfortunately, our sample contains /Certs and /OCSPs, but no /CRLs.
' It's no problem because whatever JSON you get back, you can use the
' following online tool to generate code to parse.
' Generate Parsing Code from JSON

' The code generated by the online tool for this JSON is shown below..

' {
'   "/VRI": {
'     "/EC5BB34CC1F8A0C5FE674427E16E313A08C80808": {}
'   },
'   "/Certs": [
'     {
'       "serial": "02",
'       "validFrom": "2011-08-07T19:00:00-05:00",
'       "validTo": "2021-08-10T23:59:59-05:00",
'       "expired": false,
'       "subject": {
'         "CN": "XYZ Corporation",
'         "O": "XYZ"
'       },
'       "issuer": {
'         "CN": "XYZ Corporation",
'         "O": "XYZ"
'       },
'       "keyType": "RSA",
'       "keySize": "2048",
'       "der": "MIIDz...Q4Zt"
'     },
'     {
'       "serial": "01",
'       "validFrom": "2011-08-07T19:00:00-05:00",
'       "validTo": "2021-08-10T23:59:59-05:00",
'       "expired": false,
'       "subject": {
'         "CN": "XYZ Corporation",
'         "O": "XYZ"
'       },
'       "issuer": {
'         "CN": "XYZ Corporation",
'         "O": "XYZ"
'       },
'       "keyType": "RSA",
'       "keySize": "2048",
'       "der": "MIID...jXYFc="
'     },
'     {
'       "serial": "0AA125D6D6321B7E41E405DA3697C215",
'       "validFrom": "2016-01-07T06:00:00-06:00",
'       "validTo": "2031-01-07T12:00:00-06:00",
'       "expired": false,
'       "subject": {
'         "CN": "DigiCert SHA2 Assured ID Timestamping CA",
'         "OU": "www.digicert.com",
'         "O": "DigiCert Inc",
'         "C": "US"
'       },
'       "issuer": {
'         "CN": "DigiCert Assured ID Root CA",
'         "OU": "www.digicert.com",
'         "O": "DigiCert Inc",
'         "C": "US"
'       },
'       "keyType": "RSA",
'       "keySize": "2048",
'       "der": "MIIF...OUg=="
'     },
'     {
'       "serial": "04CD3F8568AE76C61BB0FE7160CCA76D",
'       "validFrom": "2019-09-30T19:00:00-05:00",
'       "validTo": "2030-10-17T00:00:00-05:00",
'       "expired": false,
'       "subject": {
'         "CN": "TIMESTAMP-SHA256-2019-10-15",
'         "O": "DigiCert, Inc.",
'         "C": "US"
'       },
'       "issuer": {
'         "CN": "DigiCert SHA2 Assured ID Timestamping CA",
'         "OU": "www.digicert.com",
'         "O": "DigiCert Inc",
'         "C": "US"
'       },
'       "keyType": "RSA",
'       "keySize": "2048",
'       "der": "MIIG...MJtPc="
'     },
'     {
'       "serial": "0CE7E0E517D846FE8FE560FC1BF03039",
'       "validFrom": "2006-11-09T18:00:00-06:00",
'       "validTo": "2031-11-10T00:00:00-06:00",
'       "expired": false,
'       "subject": {
'         "CN": "DigiCert Assured ID Root CA",
'         "OU": "www.digicert.com",
'         "O": "DigiCert Inc",
'         "C": "US"
'       },
'       "issuer": {
'         "CN": "DigiCert Assured ID Root CA",
'         "OU": "www.digicert.com",
'         "O": "DigiCert Inc",
'         "C": "US"
'       },
'       "keyType": "RSA",
'       "keySize": "2048",
'       "der": "MIIDt...FL6Lw8g=="
'     },
'     {
'       "serial": "E4D34D01798BE686424AF7F6F0C3BF41",
'       "validFrom": "2015-03-24T10:58:16-05:00",
'       "validTo": "2039-12-31T23:59:59-06:00",
'       "expired": false,
'       "subject": {
'         "CN": "www.xyz.com"
'       },
'       "issuer": {
'         "CN": "www.xyz.com"
'       },
'       "keyType": "RSA",
'       "keySize": "1024",
'       "der": "MIIB9DCCAWG...UR10lz"
'     }
'   ],
'   "/OCSPs": [
'     {
'       "responseStatus": 0,
'       "responseTypeOid": "1.3.6.1.5.5.7.48.1.1",
'       "responseTypeName": "ocspBasic",
'       "response": {
'         "responderIdChoice": "KeyHash",
'         "responderKeyHash": "Reuir/SSy4IxLVGLp6chnfNtyA8=",
'         "dateTime": "20201005173921Z",
'         "cert": [
'           {
'             "hashOid": "1.3.14.3.2.26",
'             "hashAlg": "SHA-1",
'             "issuerNameHash": "98S+C0C1w0QzPT+uuU1uONr67FE=",
'             "issuerKeyHash": "Reuir/SSy4IxLVGLp6chnfNtyA8=",
'             "serialNumber": "0AA125D6D6321B7E41E405DA3697C215",
'             "status": 0,
'             "thisUpdate": "20201005173921Z",
'             "nextUpdate": "20201012173921Z"
'           }
'         ]
'       }
'     },
'     {
'       "responseStatus": 0,
'       "responseTypeOid": "1.3.6.1.5.5.7.48.1.1",
'       "responseTypeName": "ocspBasic",
'       "response": {
'         "responderIdChoice": "KeyHash",
'         "responderKeyHash": "9LbhIB3+Ka7S5GGlsqIlssgXNW4=",
'         "dateTime": "20201006114501Z",
'         "cert": [
'           {
'             "hashOid": "1.3.14.3.2.26",
'             "hashAlg": "SHA-1",
'             "issuerNameHash": "+YYA+KSr7NIxRSxCjUNQo25SyD0=",
'             "issuerKeyHash": "9LbhIB3+Ka7S5GGlsqIlssgXNW4=",
'             "serialNumber": "04CD3F8568AE76C61BB0FE7160CCA76D",
'             "status": 0,
'             "thisUpdate": "20201006114501Z",
'             "nextUpdate": "20201013110001Z"
'           }
'         ]
'       }
'     }
'   ]
' }




Dim responseDateTime As New Chilkat.DtObj
Dim thisUpdate As New Chilkat.DtObj
Dim nextUpdate As New Chilkat.DtObj
Dim serial As String
Dim validFrom As String
Dim validTo As String
Dim expired As Boolean
Dim subjectCN As String
Dim subjectO As String
Dim issuerCN As String
Dim issuerO As String
Dim keyType As String
Dim keySize As String
Dim der As String
Dim subjectOU As String
Dim subjectC As String
Dim issuerOU As String
Dim issuerC As String
Dim responseStatus As Integer
Dim responseTypeOid As String
Dim responseTypeName As String
Dim responseResponderIdChoice As String
Dim responseResponderKeyHash As String
Dim j As Integer
Dim count_j As Integer
Dim hashOid As String
Dim hashAlg As String
Dim issuerNameHash As String
Dim issuerKeyHash As String
Dim serialNumber As String
Dim status As Integer

Dim i As Integer = 0
Dim count_i As Integer = json.SizeOfArray("/Certs")
While i < count_i
    json.I = i
    serial = json.StringOf("/Certs[i].serial")
    validFrom = json.StringOf("/Certs[i].validFrom")
    validTo = json.StringOf("/Certs[i].validTo")
    expired = json.BoolOf("/Certs[i].expired")
    subjectCN = json.StringOf("/Certs[i].subject.CN")
    subjectO = json.StringOf("/Certs[i].subject.O")
    issuerCN = json.StringOf("/Certs[i].issuer.CN")
    issuerO = json.StringOf("/Certs[i].issuer.O")
    keyType = json.StringOf("/Certs[i].keyType")
    keySize = json.StringOf("/Certs[i].keySize")
    der = json.StringOf("/Certs[i].der")
    subjectOU = json.StringOf("/Certs[i].subject.OU")
    subjectC = json.StringOf("/Certs[i].subject.C")
    issuerOU = json.StringOf("/Certs[i].issuer.OU")
    issuerC = json.StringOf("/Certs[i].issuer.C")
    i = i + 1
End While
i = 0
count_i = json.SizeOfArray("/OCSPs")
While i < count_i
    json.I = i
    responseStatus = json.IntOf("/OCSPs[i].responseStatus")
    responseTypeOid = json.StringOf("/OCSPs[i].responseTypeOid")
    responseTypeName = json.StringOf("/OCSPs[i].responseTypeName")
    responseResponderIdChoice = json.StringOf("/OCSPs[i].response.responderIdChoice")
    responseResponderKeyHash = json.StringOf("/OCSPs[i].response.responderKeyHash")
    json.DtOf("/OCSPs[i].response.dateTime",False,responseDateTime)
    j = 0
    count_j = json.SizeOfArray("/OCSPs[i].response.cert")
    While j < count_j
        json.J = j
        hashOid = json.StringOf("/OCSPs[i].response.cert[j].hashOid")
        hashAlg = json.StringOf("/OCSPs[i].response.cert[j].hashAlg")
        issuerNameHash = json.StringOf("/OCSPs[i].response.cert[j].issuerNameHash")
        issuerKeyHash = json.StringOf("/OCSPs[i].response.cert[j].issuerKeyHash")
        serialNumber = json.StringOf("/OCSPs[i].response.cert[j].serialNumber")
        status = json.IntOf("/OCSPs[i].response.cert[j].status")
        json.DtOf("/OCSPs[i].response.cert[j].thisUpdate",False,thisUpdate)
        json.DtOf("/OCSPs[i].response.cert[j].nextUpdate",False,nextUpdate)
        j = j + 1
    End While
    i = i + 1
End While