|
PERMISION NOTICE AND DISCLAIMER This website contains certain downloadable software. This software is copyrighted and the copyrighter claims all exclusive rights to such software. The copyright owner of the software that you download through this site may be indicated in the accompanying read-me file and in the accompanying source code as well as in the area of this Web Site from which the software is downloaded. Permission to use, copy, modify and distribute this software and its source code for non commercial purposes and without fee is hereby granted, provided that the name of the copyright owner or related contributors not be used in advertising or publicity pertaining to distribution of the software without specific, written prior permission. The copyright owner and contributors makes no representations about the suitability of this software for any purpose. It is provided "as is" without express or implied warranty. The copyright owner and its contributors disclaim all warranties with regard to this software, including all implied warranties of merchantability and fitness. In no event shall the author and the contributors be liable for any special, indirect or consequential damages or any damages whatsoever resulting from loss of use, data or profits, whether in an action of contract, negligence or other tortuous action, arising out of or in connection with the use or performance of this software. AcceptCancel
The objective of this example is to validate the document signature produced in the CMS/PKCS#7 Signature Generation.
To try this example, you must download the file called sampleAxis6.zip and follow the instructions in Configuration of the Environment.
The downloaded file already contains a signature to be used for verification, but, if you wish, you can replace this file with the one generated in the CMS/PKCS#7 Signature Generation example, to check the validity of the generated signature.
To perform a signature verification request, you must use a VerifyRequest object which will contain the request for the destination host, just as we saw in the X.509 Certificate Validation example. And as we are dealing with a CMS signature, the profile is CMS/PKCS#7.
VerifyRequest vr = new VerifyRequest();
vr.setProfile(new URI(PROF_VERIF_CMS));
Given that the signature to be verified is detached, the request must include the data for both the signed file and the signature.
The binary encoded signature data are inserted in the request in a SignatureObject object. In addition to the data, it is also stated that the format of the inserted signature is CMS.
SignatureObject sobj = new SignatureObject();
Base64Signature b64sig = new Base64Signature();
b64sig.setType(new URI(TYPE_CMS));
b64sig.set_value(Util.readBinaryFile(path_in + signname));
sobj.setBase64Signature(b64sig);
vr.setSignatureObject(sobj);
The data of the signed file are inserted in the request as InputDocuments, and they are encoded in Base64 inside a Document object.
InputDocuments idoc = new InputDocuments();
Document doc = new Document();
Base64Data b64data = new Base64Data();
b64data.set_value(Util.readBinaryFile(path_in + filename));
doc.setBase64Data(b64data);
idoc.setDocument(doc);
vr.setInputDocuments(idoc);
Once all the data have been entered in the request, the verify() operation is invoked; this operation sends the request to the host and collects the response in a VerifyResponse object.
VerifyResponse vrs = bindingDsv.verify(vr);
Execution of this example will generate a response such as the one seen below.
** RESPONSE **
---------------------
Major: urn:oasis:names:tc:dss:1.0:resultmajor:Success
Minor: urn:oasis:names:tc:dss:1.0:resultminor:ValidSignature_OnAllDocuments
DN: CN=trustedx, OU=Demo, O=TrustedX, C=ES
Issuer Trust Level: 0
Issuer Trust Label: Administration
|
(1)