|
The objective of this example is to validate the document signature produced in the CMS/PKCS#7 Signature Generation example.
To try this example, you must download the file called sampleSW6.zip and follow the instructions in Configuration of the Environment.
The downloaded file already contains a signature to be used for verification, but, if you wish, you can replace this file with the one generated in the XML Signature Generation example, to check the validity of the generated signature.
To perform a signature verification request, you must use a SmartVerifyRequest object which will contain the request for the destination host, just as we saw in the X.509 Certificate Validation example. And as we are dealing with a CMS signature, the profile is CMS/PKCS#7.
SmartVerifyRequest svr = new SmartVerifyRequest(host);
svr.setProfile(Constants.Profile.CMSPKCS7);
Given that the signature generated is detached, the request must include the data for both the signed file and the signature. It is also possible to indicate the signature type, although, by default, this value is CMS.
svr.setInputBase64Data(Util.readBinaryFileB64(path_in + filename));
svr.setSignatureBase64(Base64.encode(Util.readBinaryFile(path_in + signatureFile)));
svr.setSignatureBase64Type(Constants.SignatureType.CMS);
Once all the data have been entered in the request, the send() operation is invoked; this operation sends the request to the host and collects the response in a SmartVerifyResponse object.
SmartVerifyResponse svrs = svr.send();
Once the request has been sent, we can check if it has been processed correctly by consulting the response parameters. The functions of the UtilTrustedX auxiliary class are used for this.
if (UtilTrustedX.checkSW(svrs.getResultMajor(), svrs.getResultMinor(), svrs.getResultMessage())) {
UtilTrustedX.printResponse(svrs);
for (int other = 0; other < svrs.getNumberVerifyResponses(); other++) {
UtilTrustedX.printResponse(svrs.getOtherResponse(other));
}
}
Execution of this example will generate a response such as the one seen below.
** RESPONSE **
---------------------
Signature num 0
---------------------
** Certificate **
Major: urn:oasis:names:tc:dss:1.0:resultmajor:Success
Minor: urn:oasis:names:tc:dss:1.0:resultminor:ValidSignature_OnAllDocuments
DN: CN=Dave, OU=Demo, O=TrustedX, C=ES
Issuer Trust Level: 0
Issuer Trust Label: Administration
|
