diff options
Diffstat (limited to 'src/main/java/at/gv/egiz/pdfas/api/verify')
5 files changed, 455 insertions, 0 deletions
diff --git a/src/main/java/at/gv/egiz/pdfas/api/verify/SignatureCheck.java b/src/main/java/at/gv/egiz/pdfas/api/verify/SignatureCheck.java new file mode 100644 index 0000000..df29570 --- /dev/null +++ b/src/main/java/at/gv/egiz/pdfas/api/verify/SignatureCheck.java @@ -0,0 +1,31 @@ +/**
+ *
+ */
+package at.gv.egiz.pdfas.api.verify;
+
+/**
+ * The result of a signature check performed by a verification device.
+ *
+ * @see VerifyResult
+ *
+ * @author wprinz
+ */
+public interface SignatureCheck
+{
+ /**
+ * Returns the response code of the check.
+ *
+ * @return Returns the response code of the check.
+ */
+ public int getCode();
+
+ /**
+ * Returns the textual response message of the check (corresponding to the
+ * code).
+ *
+ * @return Returns the textual response message of the check (corresponding to
+ * the code).
+ */
+ public String getMessage();
+
+}
diff --git a/src/main/java/at/gv/egiz/pdfas/api/verify/VerifyAfterAnalysisParameters.java b/src/main/java/at/gv/egiz/pdfas/api/verify/VerifyAfterAnalysisParameters.java new file mode 100644 index 0000000..dd50d79 --- /dev/null +++ b/src/main/java/at/gv/egiz/pdfas/api/verify/VerifyAfterAnalysisParameters.java @@ -0,0 +1,117 @@ +/**
+ *
+ */
+package at.gv.egiz.pdfas.api.verify;
+
+import java.util.Date;
+
+import at.gv.egiz.pdfas.api.analyze.AnalyzeResult;
+import at.gv.egiz.pdfas.api.commons.Constants;
+
+/**
+ * Parameter object that holds the verify after analysis parameters.
+ *
+ * @author wprinz
+ */
+public class VerifyAfterAnalysisParameters
+{
+
+ /**
+ * The list of signatures to be verified.
+ */
+ protected AnalyzeResult analyzeResult = null;
+
+ /**
+ * The signature device to perform the actual signature.
+ *
+ * <p>
+ * May be {@link Constants#SIGNATURE_DEVICE_MOA} or
+ * {@link Constants#SIGNATURE_DEVICE_BKU}.
+ * </p>
+ */
+ protected String signatureDevice = Constants.SIGNATURE_DEVICE_MOA;
+
+ /**
+ * Allows to pass a VerificationTime to the signature device.
+ */
+ protected Date verificationTime = null;
+
+ /**
+ * Tells the signature device (e.g. MOA) to return the signature hash input
+ * data (which is the probably transformed signed data).
+ *
+ * <p>
+ * Note that this forces MOA to return the potentially large signature data to
+ * be returned in the result XML, which may result in very bad performance.
+ * </p>
+ */
+ protected boolean returnHashInputData = false;
+
+ /**
+ * @return the analyzeResult
+ */
+ public AnalyzeResult getAnalyzeResult()
+ {
+ return this.analyzeResult;
+ }
+
+ /**
+ * @param analyzeResult
+ * the analyzeResult to set
+ */
+ public void setAnalyzeResult(AnalyzeResult analyzeResult)
+ {
+ this.analyzeResult = analyzeResult;
+ }
+
+ /**
+ * @return the signatureDevice
+ */
+ public String getSignatureDevice()
+ {
+ return this.signatureDevice;
+ }
+
+ /**
+ * @param signatureDevice
+ * the signatureDevice to set
+ */
+ public void setSignatureDevice(String signatureDevice)
+ {
+ this.signatureDevice = signatureDevice;
+ }
+
+ /**
+ * @return the verificationTime
+ */
+ public Date getVerificationTime()
+ {
+ return this.verificationTime;
+ }
+
+ /**
+ * @param verificationTime the verificationTime to set
+ */
+ public void setVerificationTime(Date verificationTime)
+ {
+ this.verificationTime = verificationTime;
+ }
+
+ /**
+ * @return the returnHashInputData
+ */
+ public boolean isReturnHashInputData()
+ {
+ return this.returnHashInputData;
+ }
+
+ /**
+ * @param returnHashInputData
+ * the returnHashInputData to set
+ */
+ public void setReturnHashInputData(boolean returnHashInputData)
+ {
+ this.returnHashInputData = returnHashInputData;
+ }
+
+}
diff --git a/src/main/java/at/gv/egiz/pdfas/api/verify/VerifyParameters.java b/src/main/java/at/gv/egiz/pdfas/api/verify/VerifyParameters.java new file mode 100644 index 0000000..fb3b8b8 --- /dev/null +++ b/src/main/java/at/gv/egiz/pdfas/api/verify/VerifyParameters.java @@ -0,0 +1,183 @@ +/**
+ *
+ */
+package at.gv.egiz.pdfas.api.verify;
+
+import java.util.Date;
+
+import at.gv.egiz.pdfas.api.commons.Constants;
+import at.gv.egiz.pdfas.api.io.DataSource;
+
+/**
+ * Parameter object that holds the verify parameters.
+ *
+ * @author wprinz
+ */
+public class VerifyParameters
+{
+ // This would be a perfect point for multiple inheritance in Java.
+ // VerifyParameters extends AnalyzeParameters, VerifyAfterAnalysisParameters
+ // Then a lot of code could be easily reused in the PdfAsObject's check*Parameters methods.
+
+ /**
+ * The document to be verified.
+ */
+ protected DataSource document = null;
+
+ /**
+ * The signature device to perform the actual signature.
+ *
+ * <p>
+ * May be {@link Constants#SIGNATURE_DEVICE_MOA} or
+ * {@link Constants#SIGNATURE_DEVICE_BKU}.
+ * </p>
+ */
+ protected String signatureDevice = Constants.SIGNATURE_DEVICE_MOA;
+
+ /**
+ * The mode of operation how the document is analyzed.
+ *
+ * <p>
+ * May be {@link Constants#VERIFY_MODE_BINARY_ONLY} to check the document for
+ * binary signatures only (very fast). Or may be
+ * {@link Constants#VERIFY_MODE_SEMI_CONSERVATIVE} to perform a semi
+ * conservative (optimized) text and binary verification (slow). Or may be
+ * {@link Constants#VERIFY_MODE_FULL_CONSERVATIVE} to perform a full
+ * conservative text and binary verification (very slow).
+ * </p>
+ */
+ protected String verifyMode = Constants.VERIFY_MODE_FULL_CONSERVATIVE;
+
+ /**
+ * The (zero based) index of the signature to verify.
+ *
+ * <p>
+ * This allows to verify only one found signature instead of all. {@link Constants#VERIFY_ALL} means to
+ * verify all found signatures.
+ * </p>
+ */
+ protected int signatureToVerify = Constants.VERIFY_ALL;
+
+ /**
+ * Allows to pass a VerificationTime to the verification device.
+ *
+ * <p>
+ * Note that the actual usage of this parameter depends on the verification device.
+ * </p>
+ */
+ protected Date verificationTime = null;
+
+ /**
+ * Tells the signature device (e.g. MOA) to return the signature hash input
+ * data (which is the probably transformed signed data).
+ *
+ * <p>
+ * Note that this forces MOA to return the potentially large signature data to
+ * be returned in the result XML, which may result in very bad performance.
+ * </p>
+ */
+ protected boolean returnHashInputData = false;
+
+ /**
+ * @return the document
+ */
+ public DataSource getDocument()
+ {
+ return this.document;
+ }
+
+ /**
+ * @param document
+ * the document to set
+ */
+ public void setDocument(DataSource document)
+ {
+ this.document = document;
+ }
+
+ /**
+ * @return the signatureDevice
+ */
+ public String getSignatureDevice()
+ {
+ return this.signatureDevice;
+ }
+
+ /**
+ * @param signatureDevice
+ * the signatureDevice to set
+ */
+ public void setSignatureDevice(String signatureDevice)
+ {
+ this.signatureDevice = signatureDevice;
+ }
+
+ /**
+ * @return the verifyMode
+ */
+ public String getVerifyMode()
+ {
+ return this.verifyMode;
+ }
+
+ /**
+ * @param verifyMode
+ * the verifyMode to set
+ */
+ public void setVerifyMode(String verifyMode)
+ {
+ this.verifyMode = verifyMode;
+ }
+
+ /**
+ * @return the signatureToVerify
+ */
+ public int getSignatureToVerify()
+ {
+ return this.signatureToVerify;
+ }
+
+ /**
+ * @param signatureToVerify
+ * the signatureToVerify to set
+ */
+ public void setSignatureToVerify(int signatureToVerify)
+ {
+ this.signatureToVerify = signatureToVerify;
+ }
+
+ /**
+ * @return the verificationTime
+ */
+ public Date getVerificationTime()
+ {
+ return this.verificationTime;
+ }
+
+ /**
+ * @param verificationTime
+ * the verificationTime to set
+ */
+ public void setVerificationTime(Date verificationTime)
+ {
+ this.verificationTime = verificationTime;
+ }
+
+ /**
+ * @return the returnHashInputData
+ */
+ public boolean isReturnHashInputData()
+ {
+ return this.returnHashInputData;
+ }
+
+ /**
+ * @param returnHashInputData
+ * the returnHashInputData to set
+ */
+ public void setReturnHashInputData(boolean returnHashInputData)
+ {
+ this.returnHashInputData = returnHashInputData;
+ }
+
+}
diff --git a/src/main/java/at/gv/egiz/pdfas/api/verify/VerifyResult.java b/src/main/java/at/gv/egiz/pdfas/api/verify/VerifyResult.java new file mode 100644 index 0000000..be5a88f --- /dev/null +++ b/src/main/java/at/gv/egiz/pdfas/api/verify/VerifyResult.java @@ -0,0 +1,97 @@ +package at.gv.egiz.pdfas.api.verify;
+
+import java.util.Date;
+import java.util.List;
+
+import at.gv.egiz.pdfas.api.commons.SignatureInformation;
+
+/**
+ * Encapsulates the data of a verification of one signature.
+ *
+ * @author wprinz
+ */
+public interface VerifyResult extends SignatureInformation
+{
+ /**
+ * Returns the result of the certificate check.
+ *
+ * @return Returns the result of the certificate check.
+ */
+ public SignatureCheck getCertificateCheck();
+
+ /**
+ * Returns the result of the value (and hash) check.
+ *
+ * @return Returns the result of the value (and hash) check.
+ */
+ public SignatureCheck getValueCheckCode();
+
+ /**
+ * Returns the result of the manifest check.
+ *
+ * @return Returns the result of the manifest check.
+ */
+ public SignatureCheck getManifestCheckCode();
+
+ /**
+ * Returns true, if the signer's certificate is a qualified certificate.
+ *
+ * @return Returns true, if the signer's certificate is a qualified
+ * certificate.
+ */
+ public boolean isQualifiedCertificate();
+
+ /**
+ * Returns a list of Strings each stating one public property of the
+ * certificate.
+ *
+ * <p>
+ * Such public properties are certificate extensions each being assigned an
+ * own OID. For example the public property "Verwaltungseigenschaft" has the
+ * OID "1.2.40.0.10.1.1.1".
+ * </p>
+ *
+ * @return Returns the list of Strings representing the public properties of
+ * this certificate, if any.
+ */
+ public List getPublicProperties();
+
+ /**
+ * Returns the verification time, which is the time when the signature was
+ * verified.
+ *
+ * <p>
+ * Note that this is actually the Date passed to the verify methods over
+ * {@link VerifyParameters#setVerificationTime(Date)} or
+ * {@link VerifyAfterAnalysisParameters#setVerificationTime(Date)}. The
+ * signature devices don't respond the actual verification time so there is no
+ * guarantee that the set verification time was actually used as time of
+ * verification. Please consult the device's documentation for more
+ * information.
+ * </p>
+ *
+ * @return Returns the verification time, which is the time when the signature
+ * was verified.
+ */
+ public Date getVerificationTime();
+
+ /**
+ * Returns the hash input data as returned by MOA.
+ *
+ * <p>
+ * This will only return a value other than null if the corresponding
+ * VerifyParameter was set to true.
+ * </p>
+ * <p>
+ * Note that the HashInputData does not necessarily have to be exactly the
+ * same as the signed date return by the
+ * {@link SignatureInformation#getSignedData()} method.
+ * </p>
+ *
+ * @return Returns the hash input data as returned by MOA.
+ *
+ * @see SignatureInformation#getSignedData()
+ */
+ public String getHashInputData();
+
+}
diff --git a/src/main/java/at/gv/egiz/pdfas/api/verify/VerifyResults.java b/src/main/java/at/gv/egiz/pdfas/api/verify/VerifyResults.java new file mode 100644 index 0000000..abda1fe --- /dev/null +++ b/src/main/java/at/gv/egiz/pdfas/api/verify/VerifyResults.java @@ -0,0 +1,27 @@ +/**
+ *
+ */
+package at.gv.egiz.pdfas.api.verify;
+
+import java.util.List;
+
+/**
+ * The result of the verification of a document.
+ *
+ * <p>
+ * Currently, this is not more than a list of VerifyResult objects, one for each
+ * verified signature. There may be additional items in future PDF-AS versions.
+ * </p>
+ *
+ * @author wprinz
+ */
+public interface VerifyResults
+{
+ /**
+ * Returns the List of VerifyResult objects, one for each verified signature.
+ *
+ * @return Returns the List of VerifyResult objects, one for each verified
+ * signature.
+ */
+ public List getResults();
+}
|