Example usage for com.itextpdf.text.pdf.security LtvVerification merge

List of usage examples for com.itextpdf.text.pdf.security LtvVerification merge

  1. HOME
  2. Java
  3. com.itextpdf
  4. com.itextpdf.text.pdf.security.*
  5. LtvVerification
  6. merge

Introduction

In this page you can find the example usage for com.itextpdf.text.pdf.security LtvVerification merge.

Prototype

public void merge() throws IOException

Source Link

Document

Merges the validation with any validation already in the document or creates a new one.

Usage

From source file:com.swisscom.ais.itext.PDF.java

License:Open Source License

/** 
 * Add external revocation information to DSS Dictionary, to enable Long Term Validation (LTV) in Adobe Reader
 * /*  w w w. ja v  a 2s.  c o  m*/
 * @param ocspArr List of OCSP Responses as base64 encoded String
 * @param crlArr  List of CRLs as base64 encoded String
 * @throws Exception 
 */
public void addValidationInformation(ArrayList<String> ocspArr, ArrayList<String> crlArr) throws Exception {
    if (ocspArr == null && crlArr == null)
        return;

    PdfReader reader = new PdfReader(outputFilePath);

    // Check if source pdf is not protected by a certification
    if (reader.getCertificationLevel() == PdfSignatureAppearance.CERTIFIED_NO_CHANGES_ALLOWED)
        throw new Exception(
                "Could not apply revocation information (LTV) to the DSS Dictionary. Document contains a certification that does not allow any changes.");

    Collection<byte[]> ocspColl = new ArrayList<byte[]>();
    Collection<byte[]> crlColl = new ArrayList<byte[]>();

    // Decode each OCSP Response (String of base64 encoded form) and add it to the Collection (byte[])
    if (ocspArr != null) {
        for (String ocspBase64 : ocspArr) {
            OCSPResp ocspResp = new OCSPResp(new ByteArrayInputStream(Base64.decode(ocspBase64)));
            BasicOCSPResp basicResp = (BasicOCSPResp) ocspResp.getResponseObject();

            if (Soap._debugMode) {
                System.out.println("\nEmbedding OCSP Response...");
                System.out.println("Status                : " + ((ocspResp.getStatus() == 0) ? "GOOD" : "BAD"));
                System.out.println("Produced at           : " + basicResp.getProducedAt());
                System.out.println("This Update           : " + basicResp.getResponses()[0].getThisUpdate());
                System.out.println("Next Update           : " + basicResp.getResponses()[0].getNextUpdate());
                System.out.println("X509 Cert Issuer      : " + basicResp.getCerts()[0].getIssuer());
                System.out.println("X509 Cert Subject     : " + basicResp.getCerts()[0].getSubject());
                System.out.println(
                        "Responder ID X500Name : " + basicResp.getResponderId().toASN1Object().getName());
                System.out.println("Certificate ID        : "
                        + basicResp.getResponses()[0].getCertID().getSerialNumber().toString() + " ("
                        + basicResp.getResponses()[0].getCertID().getSerialNumber().toString(16).toUpperCase()
                        + ")");
            }

            ocspColl.add(basicResp.getEncoded()); // Add Basic OCSP Response to Collection (ASN.1 encoded representation of this object)
        }
    }

    // Decode each CRL (String of base64 encoded form) and add it to the Collection (byte[])
    if (crlArr != null) {
        for (String crlBase64 : crlArr) {
            X509CRL x509crl = (X509CRL) CertificateFactory.getInstance("X.509")
                    .generateCRL(new ByteArrayInputStream(Base64.decode(crlBase64)));

            if (Soap._debugMode) {
                System.out.println("\nEmbedding CRL...");
                System.out.println("IssuerDN                    : " + x509crl.getIssuerDN());
                System.out.println("This Update                 : " + x509crl.getThisUpdate());
                System.out.println("Next Update                 : " + x509crl.getNextUpdate());
                System.out.println(
                        "No. of Revoked Certificates : " + ((x509crl.getRevokedCertificates() == null) ? "0"
                                : x509crl.getRevokedCertificates().size()));
            }

            crlColl.add(x509crl.getEncoded()); // Add CRL to Collection (ASN.1 DER-encoded form of this CRL)
        }
    }

    byteArrayOutputStream = new ByteArrayOutputStream();
    PdfStamper stamper = new PdfStamper(reader, byteArrayOutputStream, '\0', true);
    LtvVerification validation = stamper.getLtvVerification();

    // Add the CRL/OCSP validation information to the DSS Dictionary
    boolean addVerification = false;
    for (String sigName : stamper.getAcroFields().getSignatureNames()) {
        addVerification = validation.addVerification(sigName, // Signature Name
                ocspColl, // OCSP
                crlColl, // CRL
                null // certs
        );
    }

    validation.merge(); // Merges the validation with any validation already in the document or creates a new one.

    stamper.close();
    reader.close();

    // Save to (same) file
    OutputStream outputStream = new FileOutputStream(outputFilePath);
    byteArrayOutputStream.writeTo(outputStream);

    if (Soap._debugMode) {
        if (addVerification)
            System.out.println("\nOK merging LTV validation information to " + outputFilePath);
        else
            System.out.println("\nFAILED merging LTV validation information to " + outputFilePath);
    }

    byteArrayOutputStream.close();
    outputStream.close();
}