From 1a6f73ffadd8032cd25814e1e17f55ba46c7371f Mon Sep 17 00:00:00 2001
From: tknall <tknall@7b5415b0-85f9-ee4d-85bd-d5d0c3b42d1c>
Date: Tue, 7 Dec 2010 13:00:25 +0000
Subject: Updates in order to show how to retrieve reconstructed XMLDSig.

git-svn-id: https://joinup.ec.europa.eu/svn/pdf-as/trunk@694 7b5415b0-85f9-ee4d-85bd-d5d0c3b42d1c
---
 src/main/java/demo/SignatureVerificationDemo.java | 54 ++++++++++++++++++++++-
 1 file changed, 53 insertions(+), 1 deletion(-)

(limited to 'src/main/java/demo')

diff --git a/src/main/java/demo/SignatureVerificationDemo.java b/src/main/java/demo/SignatureVerificationDemo.java
index e89c394..b1c11c7 100644
--- a/src/main/java/demo/SignatureVerificationDemo.java
+++ b/src/main/java/demo/SignatureVerificationDemo.java
@@ -3,6 +3,7 @@ package demo;
 import java.io.File;
 import java.io.IOException;
 import java.io.PrintWriter;
+import java.util.Date;
 import java.util.Iterator;
 import java.util.List;
 
@@ -15,9 +16,13 @@ import at.gv.egiz.pdfas.api.commons.Constants;
 import at.gv.egiz.pdfas.api.commons.SignatureInformation;
 import at.gv.egiz.pdfas.api.exceptions.PdfAsException;
 import at.gv.egiz.pdfas.api.io.DataSource;
-import at.gv.egiz.pdfas.api.verify.VerifyAfterAnalysisParameters;
+import at.gv.egiz.pdfas.api.verify.VerifyAfterReconstructXMLDsigParameters;
 import at.gv.egiz.pdfas.api.verify.VerifyResult;
 import at.gv.egiz.pdfas.api.verify.VerifyResults;
+import at.gv.egiz.pdfas.api.xmldsig.ExtendedSignatureInformation;
+import at.gv.egiz.pdfas.api.xmldsig.ReconstructXMLDsigAfterAnalysisParameters;
+import at.gv.egiz.pdfas.api.xmldsig.ReconstructXMLDsigResult;
+import at.gv.egiz.pdfas.api.xmldsig.XMLDsigData;
 import at.gv.egiz.pdfas.commandline.Main;
 import at.gv.egiz.pdfas.exceptions.ErrorCode;
 import at.gv.egiz.pdfas.exceptions.ErrorCodeHelper;
@@ -98,18 +103,65 @@ public class SignatureVerificationDemo {
                   System.out.println("\nNo non-textual objects detected for this signature.");
                }
             }
+         } else {
+            if (analyzeResult != null && analyzeResult.hasBeenCorrected()) {
+               System.err.println("The document could not been processed, maybe due to modification by third party tools. An attempt to correct the document was successful but no verifiable signatures could be found. This/these signature(s) - if any - might got lost.");
+            } else {
+               System.err.println("No signatures found.");
+            }
+            System.exit(1);
          }
          
+         // retrieve reconstructed signature
+         ReconstructXMLDsigAfterAnalysisParameters recstrParams = new ReconstructXMLDsigAfterAnalysisParameters();
+         recstrParams.setAnalyzeResult(analyzeResult);
+         ReconstructXMLDsigResult recstrResult = pdfasAPI.reconstructXMLDSIG(recstrParams);
+
+         // it is now possible to retrieve the reconstructed XMLDSig and the underlying signed
+         // data without invoking signature verification. Just enable the following block
+         /*
+         List extSigInfoList = recstrResult.getExtendedSignatures();
+         if (extSigInfoList != null && !extSigInfoList.isEmpty()) {
+            Iterator it = extSigInfoList.iterator();
+            while (it.hasNext()) {
+               ExtendedSignatureInformation extSigInfo = (ExtendedSignatureInformation) it.next();
+               SignatureInformation sigInfo = extSigInfo.getSignatureInformation();
+               XMLDsigData xmlDSigData = extSigInfo.getXmlDsigData();
+               // output XMLDSIG somewhere: xmlDSigData.getXmlDsig()
+               if (xmlDSigData.isDetached()) {
+                  DataSource signedDataSource = sigInfo.getSignedData();
+                  // output signed data somewhere: signedDataSource.getAsByteArray()
+               }
+            }
+         }
+         */
+
          // setup verification
+         // verification without intermediate step of reconstruction
+         /* 
          VerifyAfterAnalysisParameters vaap = new VerifyAfterAnalysisParameters();
          vaap.setAnalyzeResult(analyzeResult);
          vaap.setReturnHashInputData(true);
          vaap.setSignatureDevice(Constants.SIGNATURE_DEVICE_MOA);
          vaap.setVerificationTime(null);
+         */
+         // verification with intermediate step of reconstruction
+         VerifyAfterReconstructXMLDsigParameters varp = new VerifyAfterReconstructXMLDsigParameters();
+         varp.setReconstructXMLDsigResult(recstrResult);
+         varp.setReturnHashInputData(true);
+         varp.setSignatureDevice(Constants.SIGNATURE_DEVICE_MOA);
+         varp.setVerificationTime(null);
 
          // invoke verification
          System.out.println("Verifying...");
+         // without intermediate step of reconstruction
+         /*
          VerifyResults verifyResults = pdfasAPI.verify(vaap);
+         */
+         // with intermediate step of reconstruction
+         VerifyResults verifyResults = pdfasAPI.verify(varp);
+         
+         // retrieve results
          List verifyResultList = verifyResults.getResults();
          System.out.println("Verification complete.\n");
 
-- 
cgit v1.2.3