Implementations for pdf-as-web and pdf-as-legacy

2 files changed, 33 insertions, 16 deletions

diff --git a/signature-standards/sigs-pades/src/main/java/at/gv/egiz/pdfas/sigs/pades/PAdESVerifier.java b/signature-standards/sigs-pades/src/main/java/at/gv/egiz/pdfas/sigs/pades/PAdESVerifier.java
index 52a58d56..3298f92b 100644
--- a/signature-standards/sigs-pades/src/main/java/at/gv/egiz/pdfas/sigs/pades/PAdESVerifier.java
+++ b/signature-standards/sigs-pades/src/main/java/at/gv/egiz/pdfas/sigs/pades/PAdESVerifier.java
@@ -3,6 +3,8 @@ package at.gv.egiz.pdfas.sigs.pades;
 import iaik.x509.X509Certificate;
 
 import java.util.ArrayList;
+import java.util.Calendar;
+import java.util.Date;
 import java.util.List;
 
 import javax.activation.DataHandler;
@@ -49,10 +51,10 @@ public class PAdESVerifier implements IVerifyFilter {
 	}
 
 	@SuppressWarnings("rawtypes")
-	public List<VerifyResult> verify(byte[] contentData, byte[] signatureContent)
+	public List<VerifyResult> verify(byte[] contentData,
+			byte[] signatureContent, Date verificationTime)
 			throws PdfAsException {
 
-
 		List<VerifyResult> resultList = new ArrayList<VerifyResult>();
 		try {
 			logger.info("verification with MOA @ " + this.moaEndpoint);
@@ -77,7 +79,11 @@ public class PAdESVerifier implements IVerifyFilter {
 			verifyCMSSignatureRequest.setCMSSignature(cmsSignature);
 			verifyCMSSignatureRequest
 					.setDataObject(cmsDataObjectOptionalMetaType);
-
+			if (verificationTime != null) {
+				Calendar cal = Calendar.getInstance();
+				cal.setTime(verificationTime);
+				verifyCMSSignatureRequest.setDateTime(cal);
+			}
 			// cmsDataObjectOptionalMetaType.
 			VerifyCMSSignatureResponse response = service
 					.verifyCMSSignature(verifyCMSSignatureRequest);
@@ -120,25 +126,35 @@ public class PAdESVerifier implements IVerifyFilter {
 						.getKeyInfoTypeChoice();
 				KeyInfoTypeChoice choice = keyInfo[0];
 				result.setSignatureData(data);
-				
+
 				// extract certificate
 				if (choice.isX509DataSpecified()) {
-					byte[] certData  = null;
-					X509DataTypeSequence[] x509Sequence = choice.getX509Data().getX509DataTypeSequence();
-					for(int k = 0; k < x509Sequence.length; k++) {
+					byte[] certData = null;
+					X509DataTypeSequence[] x509Sequence = choice.getX509Data()
+							.getX509DataTypeSequence();
+					for (int k = 0; k < x509Sequence.length; k++) {
 						X509DataTypeSequence x509Data = x509Sequence[k];
-						if(x509Data.getX509DataTypeChoice_type0().isX509CertificateSpecified()) {
-							DataHandler handler  = x509Data.getX509DataTypeChoice_type0().getX509Certificate();
-							certData = StreamUtils.inputStreamToByteArray(handler.getInputStream());
-						} else if(x509Data.getX509DataTypeChoice_type0().isExtraElementSpecified()) {
-							if(x509Data.getX509DataTypeChoice_type0().getExtraElement().getLocalName().equals(
-									SignatureVerificationServiceStub.QualifiedCertificate.MY_QNAME.getLocalPart())) {
+						if (x509Data.getX509DataTypeChoice_type0()
+								.isX509CertificateSpecified()) {
+							DataHandler handler = x509Data
+									.getX509DataTypeChoice_type0()
+									.getX509Certificate();
+							certData = StreamUtils
+									.inputStreamToByteArray(handler
+											.getInputStream());
+						} else if (x509Data.getX509DataTypeChoice_type0()
+								.isExtraElementSpecified()) {
+							if (x509Data
+									.getX509DataTypeChoice_type0()
+									.getExtraElement()
+									.getLocalName()
+									.equals(SignatureVerificationServiceStub.QualifiedCertificate.MY_QNAME
+											.getLocalPart())) {
 								result.setQualifiedCertificate(true);
 							}
 						}
 					}
-					X509Certificate certificate = new X509Certificate(
-							certData);
+					X509Certificate certificate = new X509Certificate(certData);
 					result.setSignerCertificate(certificate);
 				} else if (choice.isExtraElementSpecified()) {
 					String xmldisg = choice.getExtraElement().toString();
diff --git a/signature-standards/sigs-pkcs7detached/src/main/java/at/gv/egiz/pdfas/sigs/pkcs7detached/PKCS7DetachedVerifier.java b/signature-standards/sigs-pkcs7detached/src/main/java/at/gv/egiz/pdfas/sigs/pkcs7detached/PKCS7DetachedVerifier.java
index 7d5c029a..40714e7a 100644
--- a/signature-standards/sigs-pkcs7detached/src/main/java/at/gv/egiz/pdfas/sigs/pkcs7detached/PKCS7DetachedVerifier.java
+++ b/signature-standards/sigs-pkcs7detached/src/main/java/at/gv/egiz/pdfas/sigs/pkcs7detached/PKCS7DetachedVerifier.java
@@ -11,6 +11,7 @@ import java.io.ByteArrayInputStream;
 import java.io.FileOutputStream;
 import java.security.SignatureException;
 import java.util.ArrayList;
+import java.util.Date;
 import java.util.List;
 
 import org.apache.pdfbox.pdmodel.interactive.digitalsignature.PDSignature;
@@ -33,7 +34,7 @@ public class PKCS7DetachedVerifier implements IVerifyFilter {
 	public PKCS7DetachedVerifier() {
 	}
 	
-	public List<VerifyResult> verify(byte[] contentData, byte[] signatureContent)
+	public List<VerifyResult> verify(byte[] contentData, byte[] signatureContent, Date verificationTime)
 			throws PdfAsException {
 		try {
 			List<VerifyResult> result = new ArrayList<VerifyResult>();