pdfbox-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From til...@apache.org
Subject svn commit: r1747569 - /pdfbox/branches/2.0/examples/src/test/java/org/apache/pdfbox/examples/pdmodel/TestCreateSignature.java
Date Thu, 09 Jun 2016 17:45:22 GMT
Author: tilman
Date: Thu Jun  9 17:45:22 2016
New Revision: 1747569

URL: http://svn.apache.org/viewvc?rev=1747569&view=rev
Log:
PDFBOX-3017: simplify code by using getSignedContent()

Modified:
    pdfbox/branches/2.0/examples/src/test/java/org/apache/pdfbox/examples/pdmodel/TestCreateSignature.java

Modified: pdfbox/branches/2.0/examples/src/test/java/org/apache/pdfbox/examples/pdmodel/TestCreateSignature.java
URL: http://svn.apache.org/viewvc/pdfbox/branches/2.0/examples/src/test/java/org/apache/pdfbox/examples/pdmodel/TestCreateSignature.java?rev=1747569&r1=1747568&r2=1747569&view=diff
==============================================================================
--- pdfbox/branches/2.0/examples/src/test/java/org/apache/pdfbox/examples/pdmodel/TestCreateSignature.java
(original)
+++ pdfbox/branches/2.0/examples/src/test/java/org/apache/pdfbox/examples/pdmodel/TestCreateSignature.java
Thu Jun  9 17:45:22 2016
@@ -22,7 +22,6 @@ import java.io.File;
 import java.io.FileInputStream;
 import java.io.IOException;
 import java.io.InputStream;
-import java.io.RandomAccessFile;
 import java.net.URL;
 import java.security.GeneralSecurityException;
 import java.security.KeyStore;
@@ -30,8 +29,7 @@ import java.security.MessageDigest;
 import java.security.cert.Certificate;
 import java.security.cert.X509Certificate;
 import java.util.Collection;
-import org.apache.pdfbox.cos.COSArray;
-import org.apache.pdfbox.cos.COSDictionary;
+import java.util.List;
 import org.apache.pdfbox.cos.COSName;
 import org.apache.pdfbox.cos.COSString;
 
@@ -40,6 +38,7 @@ import org.apache.pdfbox.examples.signat
 import org.apache.pdfbox.examples.signature.TSAClient;
 import org.apache.pdfbox.io.IOUtils;
 import org.apache.pdfbox.pdmodel.PDDocument;
+import org.apache.pdfbox.pdmodel.interactive.digitalsignature.PDSignature;
 import org.apache.wink.client.MockHttpServer;
 import org.bouncycastle.cert.X509CertificateHolder;
 import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
@@ -175,66 +174,43 @@ public class TestCreateSignature extends
         checkSignature(destFile);
     }
 
-    //TODO expand this into a full verify (if possible)
     // This check fails with a file created with the code before PDFBOX-3011 was solved.
     private void checkSignature(File file)
             throws IOException, CMSException, OperatorCreationException, GeneralSecurityException
     {
         PDDocument document = PDDocument.load(file);
-        COSDictionary trailer = document.getDocument().getTrailer();
-        COSDictionary root = (COSDictionary) trailer.getDictionaryObject(COSName.ROOT);
-        COSDictionary acroForm = (COSDictionary) root.getDictionaryObject(COSName.ACRO_FORM);
-        COSArray fields = (COSArray) acroForm.getDictionaryObject(COSName.FIELDS);
-        COSDictionary sig = null;
-        for (int i = 0; i < fields.size(); i++)
+        List<PDSignature> signatureDictionaries = document.getSignatureDictionaries();
+        if (signatureDictionaries.isEmpty())
         {
-            COSDictionary field = (COSDictionary) fields.getObject(i);
-            if (COSName.SIG.equals(field.getCOSName(COSName.FT)))
-            {
-                sig = (COSDictionary) field.getDictionaryObject(COSName.V);
+            fail("no signature found");
+        }
+        for (PDSignature sig : document.getSignatureDictionaries())
+        {
+            COSString contents = (COSString) sig.getCOSObject().getDictionaryObject(COSName.CONTENTS);
+            
+            FileInputStream fis = new FileInputStream(file);
+            byte[] buf = sig.getSignedContent(fis);
+            fis.close();
+
+            // inspiration:
+            // http://stackoverflow.com/a/26702631/535646
+            // http://stackoverflow.com/a/9261365/535646
+            CMSSignedData signedData = new CMSSignedData(new CMSProcessableByteArray(buf),
contents.getBytes());
+            Store certificatesStore = signedData.getCertificates();
+            Collection<SignerInformation> signers = signedData.getSignerInfos().getSigners();
+            SignerInformation signerInformation = signers.iterator().next();
+            Collection matches = certificatesStore.getMatches(signerInformation.getSID());
+            X509CertificateHolder certificateHolder = (X509CertificateHolder) matches.iterator().next();
+            X509Certificate certFromSignedData = new JcaX509CertificateConverter().getCertificate(certificateHolder);
 
-                COSString contents = (COSString) sig.getDictionaryObject(COSName.CONTENTS);
-                COSArray byteRange = (COSArray) sig.getDictionaryObject(COSName.BYTERANGE);
-                
-                RandomAccessFile raf = new RandomAccessFile(file, "r");
-                
-                byte[] buf = new byte[byteRange.getInt(1) + byteRange.getInt(3)];
-                raf.seek(byteRange.getInt(0));
-                raf.readFully(buf, 0, byteRange.getInt(1));
-                raf.seek(byteRange.getInt(2));
-                raf.readFully(buf, byteRange.getInt(1), byteRange.getInt(3));
-                raf.close();
-                
-                // inspiration:
-                // http://stackoverflow.com/a/26702631/535646
-                // http://stackoverflow.com/a/9261365/535646
-                CMSSignedData signedData = new CMSSignedData(new CMSProcessableByteArray(buf),
contents.getBytes());
-                Store certificatesStore = signedData.getCertificates();
-                Collection<SignerInformation> signers = signedData.getSignerInfos().getSigners();
-                SignerInformation signerInformation = signers.iterator().next();
-
-                Collection matches = certificatesStore.getMatches(signerInformation.getSID());
-                X509CertificateHolder certificateHolder = (X509CertificateHolder) matches.iterator().next();
-                X509Certificate certFromSignedData = new JcaX509CertificateConverter().getCertificate(certificateHolder);
-                
-                assertEquals(certificate, certFromSignedData);
-
-                // CMSVerifierCertificateNotValidException means that the keystore wasn't
valid at signing time
-                if (signerInformation.verify(new JcaSimpleSignerInfoVerifierBuilder().build(certFromSignedData)))
-                {
-                    System.out.println("Signature verified");
-                }
-                else
-                {
-                    System.out.println("Signature verification failed");
-                }
+            assertEquals(certificate, certFromSignedData);
 
-                break;
+            // CMSVerifierCertificateNotValidException means that the keystore wasn't valid
at signing time
+            if (!signerInformation.verify(new JcaSimpleSignerInfoVerifierBuilder().build(certFromSignedData)))
+            {
+                fail("Signature verification failed");
             }
-        }
-        if (sig == null)
-        {
-            fail("no signature found");
+            break;
         }
         document.close();
     }



Mime
View raw message