How to add timestamping signature to System.IO.Packaging.Package?
-
19-09-2019 - |
Question
There is a way to create packages, add some parts and sign it with a X509Certificate
.
I would also like to add a timestamping signature to the package.
If the certificate expires or gets revoked the signature should remain valid if the package parts have been timestamped before the expiration/revokation.
P.S. I'm using the System.IO.Packaging.Package
class defined in the WindowsBase.dll
assembly.
Solution
The following solution works it you're both the creator and the consumer of the package:
- Use a secure Internet server to get the trusted timestamp.
- Redefine the certificate chain policy to include the timestamp validation in the certificate chain.
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow