Table of Contents

Class LtvEmbedder

Namespace
SimpleSign.PAdES.Signing
Assembly
SimpleSign.PAdES.dll

Embeds revocation data (CRL + OCSP) and VRI (Validation Related Information) in the PDF DSS (Document Security Store) for LTV (Long Term Validation). The resulting PDF can be validated offline even after certificate expiration. Conforms to PAdES Part 4 (ETSI EN 319 142-1), Annex A.

public sealed class LtvEmbedder
Inheritance
LtvEmbedder
Inherited Members

Constructors

LtvEmbedder(IHttpClientProvider, ILogger?)

Creates an embedder using a custom IHttpClientProvider. Use this in ASP.NET Core to integrate with IHttpClientFactory.

public LtvEmbedder(IHttpClientProvider httpClientProvider, ILogger? logger = null)

Parameters

httpClientProvider IHttpClientProvider
logger ILogger

LtvEmbedder(HttpClient?, ILogger?) 

public LtvEmbedder(HttpClient? httpClient = null, ILogger? logger = null)

Parameters

httpClient HttpClient

HttpClient instance for downloading CRL/OCSP. In ASP.NET Core, inject via IHttpClientFactory.CreateClient() to avoid socket exhaustion. If null, uses the shared instance from DefaultHttpClientProvider.

logger ILogger

Optional logger for structured diagnostics.

Methods

EmbedLtvDataAsync(byte[], IReadOnlyList<X509Certificate2>, CancellationToken)

Collects revocation data (CRL + OCSP) from all certificates in the chain and embeds them in the PDF as an incremental update (DSS dictionary with VRI).

public Task<byte[]> EmbedLtvDataAsync(byte[] signedPdf, IReadOnlyList<X509Certificate2> certificateChain, CancellationToken cancellationToken = default)

Parameters

signedPdf byte[]

The signed PDF bytes.

certificateChain IReadOnlyList<X509Certificate2>

Full certificate chain (signer + intermediates + root).

cancellationToken CancellationToken

Cancellation token.

Returns

Task<byte[]>

The PDF bytes with embedded LTV data.

Edit this page