Add Long Term Validation (LTV) to the Document Security Store (DSS).




virtual void AddLTV(Oid oid)

[Visual Basic]
Overridable Sub AddLTV(oid As Oid)

Throws Exceptions may throw Exception()



Name Description
oid The hash algorithm to use to create the digest of the signature to be timestamped where uri is specified, for example new Oid("SHA256").




Add Long Term Validation (LTV) to the Document Security Store (DSS).

The signature must have been signed and committed prior to calling this method.

The certificate used to sign the signature must be time-valid at the time of the call or an exception will be thrown.

The signing certificate and any other certificates in the signing certificate's chain of trust are extracted from the signature.

Additional reference certificates may be added to the ReferenceCertificates member of this Signature.

Each of these certificates is added to the document as a stream, along with any Online Certificate Status Protocol(OCSP) responses and/or Certificate Revocation Lists (CRLs) obtained.

The DSS dictionary is created containing references to these streams.

In addition a signature Validation Related Information (VRI) entry is added which enables fast lookup of information from the DSS.

If the TimestampServiceUrl is set an RFC 3161 timestamp will be stored as a stream with its reference set in to the VRI TS entry.

It it is null then the VRI TU value will be set to the current time from the computer's clock.

For more information see ISO 32000-2:2017 Section 12.8.4 (




In this example, for simplicity, we use the plain text password overload. However to improve application security you may wish to use the SecureString overload.


using (Doc doc = new Doc()) {
  X509Certificate2 cert = new X509Certificate2(Server.MapPath("MyCertificate.p12"), "mypassword", X509KeyStorageFlags.Exportable);
  doc.Page = doc.AddPage();
  Signature sig = doc.Form.AddSignature(new XRect("340 160 540 220"), "Signature");
  sig.Sign(cert, false);
  sig = (Signature)doc.Form.Fields["Signature"];
  sig.TimestampServiceUrl = new Uri("");
  sig.AddLTV(new Oid(CryptoConfig.MapNameToOID("SHA256")));

[Visual Basic]
Using doc As New Doc()
  Dim cert As New X509Certificate2(Server.MapPath("MyCertificate.p12"), "mypassword", X509KeyStorageFlags.Exportable)
  doc.Page = doc.AddPage()
  Dim sig As Signature = doc.Form.AddSignature(New XRect("340 160 540 220"), "Signature")
  sig.Sign(cert, False)
  sig = CType(doc.Form.Fields("Signature"), Signature)
  sig.TimestampServiceUrl = New Uri("")
  sig.AddLTV(New Oid(CryptoConfig.MapNameToOID("SHA256")))
End Using