The objective of this example is to validate the status of a certificate using the TrustedX validation service. Next, we will describe the necessary steps for creating a validation request using Axis.

To try this example, you must download the file called sampleAxis1.zip and follow the instructions in Configuration of the Environment. The downloaded file contains the example code and the necessary files – in this case the certificate to be validated.

Firstly, in the example, the necessary constants are defined. The constants that must be defined for the example include the location of the certificate to be validated, the authentication parameters and the address of the TrustedX platform where the services will be invoked.
Also included, are the parameters relating to the URNs which identify the profile of the verification type and indicate that a certificate is being validated.

private static final String path_in = "data/input/";
private static final String filename = "dave.crt";
private static final String host = "https://labs.safelayer.com/demo/services/SignatureVerify";
private static final String PROF_CERT_STATUS = "urn:safelayer:tws:dss:1.0:profiles:certstatus:1.0:verify";
private static final String PROF_CERT_TYPE = "urn:safelayer:tws:dss:1.0:profiles:names:certificate";
private static final String user = "dave";
private static final String password = "trustedx";

Next, the connection with the signature verification Web service must be initialized. The location of these services i.e. the address of the TrustedX which will be used, must be specified It is also necessary to configure the SSL parameters.

TWSDSVLocator locatorDsv = new TWSDSVLocator();
locatorDsv.setSignatureVerifyEndpointAddress(host);
SignatureVerificationType svt = locatorDsv.getSignatureVerify();
DSVBindingStub bindingDsv = (DSVBindingStub) svt;
UtilTrustedX.ssl_conf();

Once the connection has been initialized, a verification request is created with a VerifyRequest object. The authentication credentials must be included; in this case via username and clear text password. This type of authentication is used in all the examples. The addUsernameToken() function adds the authentication parameters in the SOAP header of the request.
The profile that will be used in the TrustedX validation service must also be defined; in this case it is certstatus.

VerifyRequest vr = new VerifyRequest();
vr.setProfile(new URI(PROF_CERT_STATUS));
UtilTrustedX.addUsernameToken(bindingDsv, user, password);

Finally, the data of the certificate to be validated are added in Base64, indicating that it is a signed certificate. To do this, a SignatureObject is created. This object which will contain a Base64Signature object with the certificate and it is included in the request.

SignatureObject sobj = new SignatureObject();
Base64Signature b64sig = new Base64Signature();
b64sig.setType(new URI(PROF_CERT_TYPE));
b64sig.set_value(Util.readBinaryFile(path_in + filename));
sobj.setBase64Signature(b64sig);
vr.setSignatureObject(sobj);

Once all the data have been entered in the request, the verify() method is invoked; this method sends the verification request to the host and collects the response in a VerifyResponse object.

VerifyResponse vrs = bindingDsv.verify(vr);

Finally, after trying this code, we will obtain the result of the execution. Of particular interest are the values of the ResultMajor and ResultMinor attributes, which indicate if the request has been correctly processed. For this particular example, the values are Success and ValidSignature_OnAllDocuments respectively.
Apart from these values, information about the signer and the level of trust of the signer is also obtained.

** RESPONSE **
---------------------
Major: urn:oasis:names:tc:dss:1.0:resultmajor:Success
Minor: urn:oasis:names:tc:dss:1.0:resultminor:ValidSignature_OnAllDocuments
DN: CN=Dave, OU=Demo, O=TrustedX, C=ES
Issuer Trust Level: 0
Issuer Trust Label: Administration

Go to discussion forum (1)