Class SVTenabledPDFDocumentSigVerifier
java.lang.Object
se.swedenconnect.sigval.pdf.verify.impl.SVTenabledPDFDocumentSigVerifier
- All Implemented Interfaces:
se.idsec.signservice.security.sign.pdf.PDFSignatureValidator,se.idsec.signservice.security.sign.SignatureValidator<byte[]>,ExtendedPDFSignatureValidator
public class SVTenabledPDFDocumentSigVerifier
extends Object
implements ExtendedPDFSignatureValidator
This class provides the functionality to validate signatures on a PDF where the signature validation process is enhanced with validation
based on SVA (Signature Validation Assertions). The latest valid SVA that can be verified given the provided trust validation resources is selected.
Signatures covered by this SVA is validated based on SVA. Any other signatures are validated through traditional signature validation methods.
- Author:
- Martin Lindström (martin@idsec.se), Stefan Santesson (stefan@idsec.se)
-
Field Summary
Fields -
Constructor Summary
ConstructorsConstructorDescriptionSVTenabledPDFDocumentSigVerifier(PDFSingleSignatureValidator pdfSingleSignatureValidator, PDFSignatureContextFactory pdfSignatureContextFactory) Constructor if no SVT validation is supportedSVTenabledPDFDocumentSigVerifier(PDFSingleSignatureValidator pdfSingleSignatureValidator, PDFSVTValidator pdfsvtValidator, PDFSignatureContextFactory pdfSignatureContextFactory) Constructor -
Method Summary
Modifier and TypeMethodDescriptionextendedResultValidation(byte[] pdfDocBytes) Compile a complete PDF signature verification result object from the list of individual signature resultsse.idsec.signservice.security.certificate.CertificateValidatorgetConcludingSigVerifyResult(List<se.idsec.signservice.security.sign.SignatureValidationResult> sigVerifyResultList) Compile a complete PDF signature verification result object from the list of individual signature resultsThis implementation allways perform PKIX validation and returns an empty list for this functionbooleanisSigned(byte[] document) List<se.idsec.signservice.security.sign.SignatureValidationResult> validate(byte[] pdfDocBytes) Verifies the signatures of a PDF document.List<se.idsec.signservice.security.sign.SignatureValidationResult> Verifies the signatures of a PDF document.
-
Field Details
-
LOG
-
-
Constructor Details
-
SVTenabledPDFDocumentSigVerifier
public SVTenabledPDFDocumentSigVerifier(PDFSingleSignatureValidator pdfSingleSignatureValidator, PDFSignatureContextFactory pdfSignatureContextFactory) Constructor if no SVT validation is supported- Parameters:
pdfSingleSignatureValidator- The verifier used to verify signatures not supported by SVApdfSignatureContextFactory- factory for creating an instance of signature context for the validated document
-
SVTenabledPDFDocumentSigVerifier
public SVTenabledPDFDocumentSigVerifier(PDFSingleSignatureValidator pdfSingleSignatureValidator, PDFSVTValidator pdfsvtValidator, PDFSignatureContextFactory pdfSignatureContextFactory) Constructor- Parameters:
pdfSingleSignatureValidator- The verifier used to verify signatures not supported by SVApdfsvtValidator- Certificate verifier for the certificate used to sign SVA tokenspdfSignatureContextFactory- factory for creating an instance of signature context for the validated document
-
-
Method Details
-
validate
public List<se.idsec.signservice.security.sign.SignatureValidationResult> validate(File pdfDoc) throws SignatureException Verifies the signatures of a PDF document. Validation based on SVT is given preference over traditional signature validation.- Parameters:
pdfDoc- signed PDF document to verify- Returns:
- Validation result from PDF verification
- Throws:
SignatureException- on error
-
validate
public List<se.idsec.signservice.security.sign.SignatureValidationResult> validate(byte[] pdfDocBytes) throws SignatureException Verifies the signatures of a PDF document. Validation based on SVA is given preference over traditional signature validation.- Specified by:
validatein interfacese.idsec.signservice.security.sign.SignatureValidator<byte[]>- Parameters:
pdfDocBytes- signed PDF document to verify- Returns:
- Validation result from PDF verification
- Throws:
SignatureException- on error
-
isSigned
- Specified by:
isSignedin interfacese.idsec.signservice.security.sign.SignatureValidator<byte[]>- Throws:
IllegalArgumentException
-
getRequiredSignerCertificates
This implementation allways perform PKIX validation and returns an empty list for this function- Specified by:
getRequiredSignerCertificatesin interfacese.idsec.signservice.security.sign.SignatureValidator<byte[]>- Returns:
- empty list
-
getCertificateValidator
public se.idsec.signservice.security.certificate.CertificateValidator getCertificateValidator()- Specified by:
getCertificateValidatorin interfacese.idsec.signservice.security.sign.SignatureValidator<byte[]>
-
extendedResultValidation
public SignedDocumentValidationResult<ExtendedPdfSigValResult> extendedResultValidation(byte[] pdfDocBytes) throws SignatureException Compile a complete PDF signature verification result object from the list of individual signature results- Specified by:
extendedResultValidationin interfaceExtendedPDFSignatureValidator- Parameters:
pdfDocBytes- validate the complete PDF document and return concluding validation results for the complete document.- Returns:
- PDF signature validation result objects
- Throws:
SignatureException- errors validating signature
-
getConcludingSigVerifyResult
public static SignedDocumentValidationResult<ExtendedPdfSigValResult> getConcludingSigVerifyResult(List<se.idsec.signservice.security.sign.SignatureValidationResult> sigVerifyResultList) Compile a complete PDF signature verification result object from the list of individual signature results- Parameters:
sigVerifyResultList- list of individual signature validation results. Each result must be of typeExtendedPdfSigValResult- Returns:
- PDF signature validation result objects
-