|
PERMISION NOTICE AND DISCLAIMER This website contains certain downloadable software. This software is copyrighted and the copyrighter claims all exclusive rights to such software. The copyright owner of the software that you download through this site may be indicated in the accompanying read-me file and in the accompanying source code as well as in the area of this Web Site from which the software is downloaded. Permission to use, copy, modify and distribute this software and its source code for non commercial purposes and without fee is hereby granted, provided that the name of the copyright owner or related contributors not be used in advertising or publicity pertaining to distribution of the software without specific, written prior permission. The copyright owner and contributors makes no representations about the suitability of this software for any purpose. It is provided "as is" without express or implied warranty. The copyright owner and its contributors disclaim all warranties with regard to this software, including all implied warranties of merchantability and fitness. In no event shall the author and the contributors be liable for any special, indirect or consequential damages or any damages whatsoever resulting from loss of use, data or profits, whether in an action of contract, negligence or other tortuous action, arising out of or in connection with the use or performance of this software. AcceptCancel
The objective of this example is to validate the status of a certificate using the TrustedX validation service. Next, we will describe the necessary steps for creating a validation request.
To try this example, you must download the file called sampleSW1.zip and follow the instructions in Configuration of the Environment. The downloaded file contains the example code and the necessary files – in this case the certificate to be validated.
Firstly, in the example, the necessary constants are defined. A class with public definitions of internal constants, which can be used freely, is integrated in the API. The constants that must be defined for the example include the location of the certificate to be validated, the authentication parameters and the address of the TrustedX platform where the services will be invoked.
private static final String path_in = "data/input/";
private static final String filename = "dave.crt";
private static final String user = "dave";
private static final String password = "trustedx";
private static final String host = "https://labs.safelayer.com/demo/services/SignatureVerify";
To perform a certificate validation request, we must create a SmartVerifyRequest object, which will contain the request for the recipient host.
SmartVerifyRequest svr = new SmartVerifyRequest(host);
The authentication credentials must also be included; in this case via username and clear text password. This type of authentication is used in all the examples.
SmartHeader sh = new SmartHeader();
sh.setUsername(user);
sh.setPassword(password);
svr.setHeader(sh);
The profile that will be used in the TrustedX validation service must be defined; in this case it is certstatus.
svr.setProfile(Constants.Profile.CERTSTATUS);
Finally, the data of the certificate to be validated are added in Base64, indicating that it is a signed certificate. These instructions use the Util class, which implements functions for reading the content of the different files required.
svr.setSignatureBase64(Util.readBinaryFileB64(path_in + filename));
svr.setSignatureBase64Type(Constants.SignatureType.CERTIFICATE);
Once all the data have been entered in the request, the send() method is invoked; this method sends the request to the host and collects the response in a SmartVerifyResponse object.
SmartVerifyResponse svrs = svr.send();
Next, we can check if the request has been sent correctly by consulting the response parameters. We will use the functions of the UtilTrustedX auxiliary class to do this.
if (UtilTrustedX.checkSW(svrs.getResultMajor(), svrs.getResultMinor(), svrs.getResultMessage())) {
UtilTrustedX.printResponse(svrs);
for (int other = 0; other < svrs.getNumberVerifyResponses(); other++) {
UtilTrustedX.printResponse(svrs.getOtherResponse(other));
}
}
Finally, after trying this code, we will obtain the result of the execution. Of particular interest are the values of the ResultMajor and ResultMinor attributes, which indicate if the request has been correctly processed. For this particular example, the values are Success and ValidSignature_OnAllDocuments respectively.
** RESPONSE **
---------------------
Signature num 0
---------------------
** Certificate **
Major: urn:oasis:names:tc:dss:1.0:resultmajor:Success
Minor: urn:oasis:names:tc:dss:1.0:resultminor:ValidSignature_OnAllDocuments
DN: CN=Dave, OU=Demo, O=TrustedX, C=ES
Issuer Trust Level: 0
Issuer Trust Label: Administration
Furthermore, it is possible for a certificate validation response to return other values with optional information. Some of these values are added because of having been previously selected in the signature policy, which is used in the TrustedX’s own administration console. Others, however, are expected to be present in a response, as they have been asked for explicitly in the corresponding request.
In this case, information about the signer and the level of trust of the signer is obtained.
To request additional information, we can use methods, such as, setAddCertificateValues() or setAddRevocationValues(), indicating the format in which we want to retrieve these values.
|
(5)