You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@pdfbox.apache.org by "Tilman Hausherr (JIRA)" <ji...@apache.org> on 2017/11/22 18:48:02 UTC
[jira] [Commented] (PDFBOX-4020) Into existing signature embedded
signed timestamp for validation
[ https://issues.apache.org/jira/browse/PDFBOX-4020?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16263128#comment-16263128 ]
Tilman Hausherr commented on PDFBOX-4020:
-----------------------------------------
Thank you for your patch, it works nicely, and I didn't even have to expand the signature size. I'd like to commit the code to the trunk only (for now) without the ocsp part, lets do that when it is done.
Please resubmit your patch with these changes:
- use Hex.getString() instead of bytesToHex()
- typo: Ragne
- remove not-yet-living code
- add javadoc at top of class if missing, include the argument by Ralf
- add apache header
- CreateEmbeddedValidation: please correct the javadoc (exceptions and parameters sometimes incorrect)
- better name instead of CreateEmbeddedValidation. I don't have a good idea, but shouldn't it contain the word "timestamp"?
- ValidationTimestamp: Please avoid double code. This is very important, because if we have it twice and make a change then likely one of the two will be forgotten. The code in ValidationTimestamp is almost the same as in CreateSignatureBase. There are two possibilities: either move the methods into SigUtils (or another new class), or (probably better) keep ValidationTimestamp but change CreateSignatureBase to remove it there and use your class. Please keep any TODO from previous developers unless you KNOW it isn't needed. (if so, please tell why, maybe include a comment)
In the future, try to avoid reformatting existing code like you did in CreateSignature.java (no need to correct now, I'll exclude these myself)
> Into existing signature embedded signed timestamp for validation
> ----------------------------------------------------------------
>
> Key: PDFBOX-4020
> URL: https://issues.apache.org/jira/browse/PDFBOX-4020
> Project: PDFBox
> Issue Type: Improvement
> Components: Signing
> Affects Versions: 2.0.8
> Reporter: Alexis Suter
> Attachments: SignatureValidation_Embedded_Timestamping.java.patch
>
>
> I would like to contribute a new example for embedded Timestamping.
> The Timestamp is beeing embedded into the existing Signature (which has so be prepared big enough for it). So that the document does not get changed.
> This Step is a preparation for the LTV and includes some reorganisation for Validation-Purposes.
> I am still working on embedding the OCSP-Data, wich will take a bit longer. For that I have excluded and commented out the Code for it, to avoid confusion.
> Possible Usage:
> {code:java}
> exec:java -X -Dexec.mainClass="org.apache.pdfbox.examples.signature.validation.CreateEmbeddedValidation" -Dexec.args="${infile} -tsa ${tsa}"
> {code}
> CreateSignature has been changed to add SignatureOptions, where we can choose the size of the signature.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@pdfbox.apache.org
For additional commands, e-mail: dev-help@pdfbox.apache.org