From 0decd9fd4799557f9ec77c6309381fe9f22c15dd Mon Sep 17 00:00:00 2001
From: Andreas Fitzek <andreas.fitzek@iaik.tugraz.at>
Date: Tue, 18 Feb 2014 11:06:49 +0100
Subject: blacking out signature content in verification to produce valid
 verified PDF Documents

Signed-off-by: Andreas Fitzek <andreas.fitzek@iaik.tugraz.at>
---
 .../at/gv/egiz/pdfas/sigs/pkcs7detached/PKCS7DetachedVerifier.java   | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

(limited to 'signature-standards/sigs-pkcs7detached')

diff --git a/signature-standards/sigs-pkcs7detached/src/main/java/at/gv/egiz/pdfas/sigs/pkcs7detached/PKCS7DetachedVerifier.java b/signature-standards/sigs-pkcs7detached/src/main/java/at/gv/egiz/pdfas/sigs/pkcs7detached/PKCS7DetachedVerifier.java
index 41d8f902..7de51d7e 100644
--- a/signature-standards/sigs-pkcs7detached/src/main/java/at/gv/egiz/pdfas/sigs/pkcs7detached/PKCS7DetachedVerifier.java
+++ b/signature-standards/sigs-pkcs7detached/src/main/java/at/gv/egiz/pdfas/sigs/pkcs7detached/PKCS7DetachedVerifier.java
@@ -19,6 +19,7 @@ import org.slf4j.LoggerFactory;
 
 import at.gv.egiz.pdfas.common.exceptions.PdfAsException;
 import at.gv.egiz.pdfas.common.exceptions.PdfAsSignatureException;
+import at.gv.egiz.pdfas.common.utils.PDFUtils;
 import at.gv.egiz.pdfas.lib.api.Configuration;
 import at.gv.egiz.pdfas.lib.api.verify.VerifyResult;
 import at.gv.egiz.pdfas.lib.impl.verify.FilterEntry;
@@ -33,7 +34,7 @@ public class PKCS7DetachedVerifier implements IVerifyFilter {
 	public PKCS7DetachedVerifier() {
 	}
 	
-	public List<VerifyResult> verify(byte[] contentData, byte[] signatureContent, Date verificationTime)
+	public List<VerifyResult> verify(byte[] contentData, byte[] signatureContent, Date verificationTime, int[] byteRange)
 			throws PdfAsException {
 		try {
 			List<VerifyResult> result = new ArrayList<VerifyResult>();
@@ -56,7 +57,7 @@ public class PKCS7DetachedVerifier implements IVerifyFilter {
 			// verify the signatures
 			for (int i = 0; i < signerInfos.length; i++) {
 				VerifyResultImpl verifyResult = new VerifyResultImpl();
-				verifyResult.setSignatureData(contentData);
+				verifyResult.setSignatureData(PDFUtils.blackOutSignature(contentData, byteRange));
 				try {
 					// verify the signature for SignerInfo at index i
 					X509Certificate signer_cert = signedData.verify(i);
-- 
cgit v1.2.3