Author: tilman Date: Wed Oct 31 20:07:31 2018 New Revision: 1845380 URL: http://svn.apache.org/viewvc?rev=1845380&view=rev Log: PDFBOX-3017: refactor TimeStampToken extraction
Modified: pdfbox/branches/2.0/examples/src/main/java/org/apache/pdfbox/examples/signature/ShowSignature.java Modified: pdfbox/branches/2.0/examples/src/main/java/org/apache/pdfbox/examples/signature/ShowSignature.java URL: http://svn.apache.org/viewvc/pdfbox/branches/2.0/examples/src/main/java/org/apache/pdfbox/examples/signature/ShowSignature.java?rev=1845380&r1=1845379&r2=1845380&view=diff ============================================================================== --- pdfbox/branches/2.0/examples/src/main/java/org/apache/pdfbox/examples/signature/ShowSignature.java (original) +++ pdfbox/branches/2.0/examples/src/main/java/org/apache/pdfbox/examples/signature/ShowSignature.java Wed Oct 31 20:07:31 2018 @@ -334,18 +334,10 @@ public final class ShowSignature SigUtils.checkCertificateUsage(certFromSignedData); - if (signerInformation.getUnsignedAttributes() != null) + // Embedded timestamp + TimeStampToken timeStampToken = extractTimeStampTokenFromSignerInformation(signerInformation); + if (timeStampToken != null) { - // Embedded timestamp - AttributeTable unsignedAttributes = signerInformation.getUnsignedAttributes(); - - // https://stackoverflow.com/questions/1647759/how-to-validate-if-a-signed-jar-contains-a-timestamp - Attribute attribute = unsignedAttributes.get( - PKCSObjectIdentifiers.id_aa_signatureTimeStampToken); - ASN1Object obj = (ASN1Object) attribute.getAttrValues().getObjectAt(0); - CMSSignedData signedTSTData = new CMSSignedData(obj.getEncoded()); - TimeStampToken timeStampToken = new TimeStampToken(signedTSTData); - // tested with QV_RCA1_RCA3_CPCPS_V4_11.pdf // https://www.quovadisglobal.com/~/media/Files/Repository/QV_RCA1_RCA3_CPCPS_V4_11.ashx // timeStampToken.getCertificates() only contained the local certificate and not @@ -421,6 +413,22 @@ public final class ShowSignature } } + private TimeStampToken extractTimeStampTokenFromSignerInformation(SignerInformation signerInformation) + throws CMSException, IOException, TSPException + { + if (signerInformation.getUnsignedAttributes() == null) + { + return null; + } + AttributeTable unsignedAttributes = signerInformation.getUnsignedAttributes(); + // https://stackoverflow.com/questions/1647759/how-to-validate-if-a-signed-jar-contains-a-timestamp + Attribute attribute = unsignedAttributes.get( + PKCSObjectIdentifiers.id_aa_signatureTimeStampToken); + ASN1Object obj = (ASN1Object) attribute.getAttrValues().getObjectAt(0); + CMSSignedData signedTSTData = new CMSSignedData(obj.getEncoded()); + return new TimeStampToken(signedTSTData); + } + private void validateTimestampToken(TimeStampToken timeStampToken) throws IOException, CertificateException, TSPException, OperatorCreationException {