From 2436aa273f00dafb465c2342ea8e7297898915d2 Mon Sep 17 00:00:00 2001 From: Andreas Fitzek Date: Tue, 21 Jan 2014 09:57:16 +0100 Subject: Implementations for pdf-as-web and pdf-as-legacy --- .../at/gv/egiz/pdfas/sigs/pades/PAdESVerifier.java | 46 +++++++++++++++------- .../sigs/pkcs7detached/PKCS7DetachedVerifier.java | 3 +- 2 files changed, 33 insertions(+), 16 deletions(-) (limited to 'signature-standards') diff --git a/signature-standards/sigs-pades/src/main/java/at/gv/egiz/pdfas/sigs/pades/PAdESVerifier.java b/signature-standards/sigs-pades/src/main/java/at/gv/egiz/pdfas/sigs/pades/PAdESVerifier.java index 52a58d56..3298f92b 100644 --- a/signature-standards/sigs-pades/src/main/java/at/gv/egiz/pdfas/sigs/pades/PAdESVerifier.java +++ b/signature-standards/sigs-pades/src/main/java/at/gv/egiz/pdfas/sigs/pades/PAdESVerifier.java @@ -3,6 +3,8 @@ package at.gv.egiz.pdfas.sigs.pades; import iaik.x509.X509Certificate; import java.util.ArrayList; +import java.util.Calendar; +import java.util.Date; import java.util.List; import javax.activation.DataHandler; @@ -49,10 +51,10 @@ public class PAdESVerifier implements IVerifyFilter { } @SuppressWarnings("rawtypes") - public List verify(byte[] contentData, byte[] signatureContent) + public List verify(byte[] contentData, + byte[] signatureContent, Date verificationTime) throws PdfAsException { - List resultList = new ArrayList(); try { logger.info("verification with MOA @ " + this.moaEndpoint); @@ -77,7 +79,11 @@ public class PAdESVerifier implements IVerifyFilter { verifyCMSSignatureRequest.setCMSSignature(cmsSignature); verifyCMSSignatureRequest .setDataObject(cmsDataObjectOptionalMetaType); - + if (verificationTime != null) { + Calendar cal = Calendar.getInstance(); + cal.setTime(verificationTime); + verifyCMSSignatureRequest.setDateTime(cal); + } // cmsDataObjectOptionalMetaType. VerifyCMSSignatureResponse response = service .verifyCMSSignature(verifyCMSSignatureRequest); @@ -120,25 +126,35 @@ public class PAdESVerifier implements IVerifyFilter { .getKeyInfoTypeChoice(); KeyInfoTypeChoice choice = keyInfo[0]; result.setSignatureData(data); - + // extract certificate if (choice.isX509DataSpecified()) { - byte[] certData = null; - X509DataTypeSequence[] x509Sequence = choice.getX509Data().getX509DataTypeSequence(); - for(int k = 0; k < x509Sequence.length; k++) { + byte[] certData = null; + X509DataTypeSequence[] x509Sequence = choice.getX509Data() + .getX509DataTypeSequence(); + for (int k = 0; k < x509Sequence.length; k++) { X509DataTypeSequence x509Data = x509Sequence[k]; - if(x509Data.getX509DataTypeChoice_type0().isX509CertificateSpecified()) { - DataHandler handler = x509Data.getX509DataTypeChoice_type0().getX509Certificate(); - certData = StreamUtils.inputStreamToByteArray(handler.getInputStream()); - } else if(x509Data.getX509DataTypeChoice_type0().isExtraElementSpecified()) { - if(x509Data.getX509DataTypeChoice_type0().getExtraElement().getLocalName().equals( - SignatureVerificationServiceStub.QualifiedCertificate.MY_QNAME.getLocalPart())) { + if (x509Data.getX509DataTypeChoice_type0() + .isX509CertificateSpecified()) { + DataHandler handler = x509Data + .getX509DataTypeChoice_type0() + .getX509Certificate(); + certData = StreamUtils + .inputStreamToByteArray(handler + .getInputStream()); + } else if (x509Data.getX509DataTypeChoice_type0() + .isExtraElementSpecified()) { + if (x509Data + .getX509DataTypeChoice_type0() + .getExtraElement() + .getLocalName() + .equals(SignatureVerificationServiceStub.QualifiedCertificate.MY_QNAME + .getLocalPart())) { result.setQualifiedCertificate(true); } } } - X509Certificate certificate = new X509Certificate( - certData); + X509Certificate certificate = new X509Certificate(certData); result.setSignerCertificate(certificate); } else if (choice.isExtraElementSpecified()) { String xmldisg = choice.getExtraElement().toString(); diff --git a/signature-standards/sigs-pkcs7detached/src/main/java/at/gv/egiz/pdfas/sigs/pkcs7detached/PKCS7DetachedVerifier.java b/signature-standards/sigs-pkcs7detached/src/main/java/at/gv/egiz/pdfas/sigs/pkcs7detached/PKCS7DetachedVerifier.java index 7d5c029a..40714e7a 100644 --- a/signature-standards/sigs-pkcs7detached/src/main/java/at/gv/egiz/pdfas/sigs/pkcs7detached/PKCS7DetachedVerifier.java +++ b/signature-standards/sigs-pkcs7detached/src/main/java/at/gv/egiz/pdfas/sigs/pkcs7detached/PKCS7DetachedVerifier.java @@ -11,6 +11,7 @@ import java.io.ByteArrayInputStream; import java.io.FileOutputStream; import java.security.SignatureException; import java.util.ArrayList; +import java.util.Date; import java.util.List; import org.apache.pdfbox.pdmodel.interactive.digitalsignature.PDSignature; @@ -33,7 +34,7 @@ public class PKCS7DetachedVerifier implements IVerifyFilter { public PKCS7DetachedVerifier() { } - public List verify(byte[] contentData, byte[] signatureContent) + public List verify(byte[] contentData, byte[] signatureContent, Date verificationTime) throws PdfAsException { try { List result = new ArrayList(); -- cgit v1.2.3