You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@pdfbox.apache.org by ti...@apache.org on 2018/10/17 17:10:10 UTC
svn commit: r1844133 -
/pdfbox/trunk/examples/src/main/java/org/apache/pdfbox/examples/signature/ShowSignature.java
Author: tilman
Date: Wed Oct 17 17:10:10 2018
New Revision: 1844133
URL: http://svn.apache.org/viewvc?rev=1844133&view=rev
Log:
PDFBOX-3017: remove solved //TODOs; avoid NPE if no signing time
Modified:
pdfbox/trunk/examples/src/main/java/org/apache/pdfbox/examples/signature/ShowSignature.java
Modified: pdfbox/trunk/examples/src/main/java/org/apache/pdfbox/examples/signature/ShowSignature.java
URL: http://svn.apache.org/viewvc/pdfbox/trunk/examples/src/main/java/org/apache/pdfbox/examples/signature/ShowSignature.java?rev=1844133&r1=1844132&r2=1844133&view=diff
==============================================================================
--- pdfbox/trunk/examples/src/main/java/org/apache/pdfbox/examples/signature/ShowSignature.java (original)
+++ pdfbox/trunk/examples/src/main/java/org/apache/pdfbox/examples/signature/ShowSignature.java Wed Oct 17 17:10:10 2018
@@ -186,8 +186,6 @@ public final class ShowSignature
case "adbe.pkcs7.detached":
case "ETSI.CAdES.detached":
verifyPKCS7(buf, contents, sig);
-
- //TODO check certificate chain, revocation lists, timestamp...
break;
case "adbe.pkcs7.sha1":
{
@@ -199,8 +197,6 @@ public final class ShowSignature
System.out.println("certs=" + certs);
byte[] hash = MessageDigest.getInstance("SHA1").digest(buf);
verifyPKCS7(hash, contents, sig);
-
- //TODO check certificate chain, revocation lists, timestamp...
break;
}
case "adbe.x509.rsa_sha1":
@@ -334,9 +330,15 @@ public final class ShowSignature
try
{
- //TODO NPE risk
- certFromSignedData.checkValidity(sig.getSignDate().getTime());
- System.out.println("Certificate valid at signing time");
+ if (sig.getSignDate() != null)
+ {
+ certFromSignedData.checkValidity(sig.getSignDate().getTime());
+ System.out.println("Certificate valid at signing time");
+ }
+ else
+ {
+ System.err.println("Certificate cannot be verified without signing time");
+ }
}
catch (CertificateExpiredException ex)
{
@@ -380,9 +382,15 @@ public final class ShowSignature
additionalCerts.add(certificate);
}
}
- //TODO NPE risk (signDate parameter)
- CertificateVerifier.verifyCertificate(certFromSignedData,
- additionalCerts, true, sig.getSignDate().getTime());
+ if (sig.getSignDate() != null)
+ {
+ CertificateVerifier.verifyCertificate(certFromSignedData,
+ additionalCerts, true, sig.getSignDate().getTime());
+ }
+ else
+ {
+ System.err.println("Certificate cannot be verified without signing time");
+ }
}
}