|
PERMISION NOTICE AND DISCLAIMER This website contains certain downloadable software. This software is copyrighted and the copyrighter claims all exclusive rights to such software. The copyright owner of the software that you download through this site may be indicated in the accompanying read-me file and in the accompanying source code as well as in the area of this Web Site from which the software is downloaded. Permission to use, copy, modify and distribute this software and its source code for non commercial purposes and without fee is hereby granted, provided that the name of the copyright owner or related contributors not be used in advertising or publicity pertaining to distribution of the software without specific, written prior permission. The copyright owner and contributors makes no representations about the suitability of this software for any purpose. It is provided "as is" without express or implied warranty. The copyright owner and its contributors disclaim all warranties with regard to this software, including all implied warranties of merchantability and fitness. In no event shall the author and the contributors be liable for any special, indirect or consequential damages or any damages whatsoever resulting from loss of use, data or profits, whether in an action of contract, negligence or other tortuous action, arising out of or in connection with the use or performance of this software. AcceptCancel
The objective of this example is to update a signature with a time-stamp in an XML document to a long-term signature format, using the TrustedX verification service.
To try this example, you must download the file called sampleAxis8.zip and follow the instructions in Configuration of the Environment.
The signature to be updated is the one generated in the XML Signature Generation with Time-Stamp example. The downloaded file already contains a signature to be used for the update, but, if you wish, you can replace this file with the one generated in the previous example, to check that it functions correctly.
To update a signature, we must perform a verification request with a VerifyRequest object, and, unlike the other examples, we must indicate that it is the NONREP (or non-repudiation) and not the verification signature profile that must be used.
VerifyRequest vr = new VerifyRequest();
vr.setProfile(new URI(PROF_NO_REP));
The request must include the signature data, encoded in Base64, in a SignatureObject object.
SignatureObject sobj = new SignatureObject();
Base64Binary b64bin = new Base64Binary();
b64bin.set_value(Util.readBinaryFile(path_in + filename));
sobj.setBase64XMLSignature(b64bin);
vr.setSignatureObject(sobj);
Moreover, the format of the document to be returned and the format of the updated signature (ES-A) will also be indicated. This format allows preservation of the signature for a period of time that is longer than the validity period of the cryptographic material used to generate it. To indicate that we want to update the signature, we must create a ReturnUpdatedSignature object and include the format of the new signature.
OptionalInputs opt = new OptionalInputs();
opt.setReturnBase64XML("");
ReturnUpdatedSignature rus = new ReturnUpdatedSignature();
rus.setType(new URI(SIGN_TYPE_ESA));
opt.setReturnUpdatedSignature(rus);
The setAddCertificateValues(), setAddRevocationValues() and setAddTimeStampValues() method calls have also been added to this request , so that the response will return information about the certificates, the revocation lists and the time-stamps. These method calls are performed from the previously created OptionalInputs object. Furthermore, it is indicated that these parameters must be included in the response in binary format.
AddCertificateValuesType acv = new AddCertificateValuesType();
acv.setBinary(true);
opt.setAddCertificateValues(acv);
AddRevocationValuesType arvt = new AddRevocationValuesType();
acv.setBinary(true);
opt.setAddRevocationValues(arvt);
AddTimeStampValues atsv = new AddTimeStampValues();
atsv.setBinary(true);
opt.setAddTimeStampValues(atsv);
vr.setOptionalInputs(opt);
Once all the data have been entered in the request, the update() operation is invoked; this operation sends the request and obtains a VerifyResponse object.
VerifyResponse vrs = bindingDr.update(vr);
Once the request has been sent, we can check if it has been processed correctly by consulting the response parameters. The functions of the UtilTrustedX auxiliary class are used for this. If all goes well, the signature will be retrieved from the response. The OptionalOutputs object contains the updated signature in an UpdatedSignature object.
if (UtilTrustedXAxis.check(vrs.getResult(), bindingDr)) {
byte[] data = vrs.getOptionalOutputs().getUpdatedSignature().getSignatureObject().getBase64XMLSignature().get_value();
String destFilename = path_out + filename.substring(0, filename.lastIndexOf("."))
+ "Archive.xml";
Util.writeBinaryFile(destFilename, data);
UtilTrustedXAxis.printResponse(vrs);
System.out.println("\n\n\n ** SOAP Response ** \n---------------------\n");
UtilTrustedXAxis.printResponse(bindingDr);
}
After executing the example, we obtain a response, such as the one below, and a file with the signature.
** RESPONSE **
---------------------
Major: urn:oasis:names:tc:dss:1.0:resultmajor:Success
Minor: urn:oasis:names:tc:dss:1.0:resultminor:ValidSignature_OnAllDocuments
DN: CN=trustedx, OU=Demo, O=TrustedX, C=ES
Issuer Trust Level: 0
Issuer Trust Label: Administration
Moreover, in this particular case, once the example has been executed, the content of the response will be shown. Here, we can observe all the additional information that is included, due to it having been specified in the request.
|
Try 
(1)