Verify Digital Signature without loading cacerts file
import java.io.FileInputStream;
import java.io.IOException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.SignatureException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.InvalidKeySpecException;
import java.util.ArrayList;
import java.util.Calendar;
import com.lowagie.text.pdf.AcroFields;
import com.lowagie.text.pdf.PdfPKCS7;
import com.lowagie.text.pdf.PdfReader;
public class VerifySignWithoutCacerts {
public static void main(String[] args) throws IOException,
KeyStoreException, SignatureException, NoSuchAlgorithmException,
InvalidKeySpecException, CertificateException {
CertificateFactory factory = CertificateFactory.getInstance("X.509");
X509Certificate certificate = (X509Certificate) factory
.generateCertificate(new FileInputStream(
"C:\\User_Cert.csr"));
KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
keyStore.load(null);
keyStore.setCertificateEntry("", certificate);
PdfReader reader = new PdfReader(
"C:\\signed.pdf");
AcroFields af = reader.getAcroFields();
ArrayList names = af.getSignatureNames();
for (int k = 0; k < names.size(); ++k) {
String name = (String) names.get(k);
PdfPKCS7 pk = af.verifySignature(name);
Calendar cal = pk.getSignDate();
java.security.cert.Certificate[] pkc = pk.getCertificates();
System.out.println("Document modified: " + !pk.verify());
Object fails[] = PdfPKCS7.verifyCertificates(pkc, keyStore, null,
cal); if (fails == null) {
System.out .println("Certificates verified against the KeyStore");
} else {
System.out.println("Certificate failed: " + fails[1]);
}
}
}
}
import java.io.IOException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.SignatureException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.InvalidKeySpecException;
import java.util.ArrayList;
import java.util.Calendar;
import com.lowagie.text.pdf.AcroFields;
import com.lowagie.text.pdf.PdfPKCS7;
import com.lowagie.text.pdf.PdfReader;
public class VerifySignWithoutCacerts {
public static void main(String[] args) throws IOException,
KeyStoreException, SignatureException, NoSuchAlgorithmException,
InvalidKeySpecException, CertificateException {
CertificateFactory factory = CertificateFactory.getInstance("X.509");
X509Certificate certificate = (X509Certificate) factory
.generateCertificate(new FileInputStream(
"C:\\User_Cert.csr"));
KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
keyStore.load(null);
keyStore.setCertificateEntry("", certificate);
PdfReader reader = new PdfReader(
"C:\\signed.pdf");
AcroFields af = reader.getAcroFields();
ArrayList names = af.getSignatureNames();
for (int k = 0; k < names.size(); ++k) {
String name = (String) names.get(k);
PdfPKCS7 pk = af.verifySignature(name);
Calendar cal = pk.getSignDate();
java.security.cert.Certificate[] pkc = pk.getCertificates();
System.out.println("Document modified: " + !pk.verify());
Object fails[] = PdfPKCS7.verifyCertificates(pkc, keyStore, null,
cal); if (fails == null) {
System.out .println("Certificates verified against the KeyStore");
} else {
System.out.println("Certificate failed: " + fails[1]);
}
}
}
}
Comments
Post a Comment