pCOS Cookbook

cookbook

interactive/signatures

Retrieve digital signature information including PAdES status.

Download Java Code  Show Output  Show Input (invoice-signed.pdf) 

/*
 * Retrieve digital signature information including PAdES status
 * The following types of signatures are checked:
 *
 * - plain (approval) signatures with CAdES/PAdES vs. CMS distinction
 * - certification signatures and permissions
 * - document timestamp signatures
 * - DSS (Document Security Store) information is also dumped
 * - signatures for Reader-enabling a document
 *
 * Required software: pCOS interface 9 (PDFlib+PDI 10, TET 5.x, PLOP 5.x)
 * Required data: signed PDF document
 */

package com.pdflib.cookbook.pcos.interactive;

import com.pdflib.IpCOS;

import com.pdflib.cookbook.pcos.pcos_cookbook_example;

public class signatures extends pcos_cookbook_example {

    /* This is where the data files are. Adjust as necessary. */
    private final static String SEARCH_PATH = "../input";

    public void example_code(IpCOS p, int doc) throws Exception {

        System.out.println("File name: " + p.pcos_get_string(doc, "filename"));
        
        String objtype;
        int fieldcount = (int) p.pcos_get_number(doc, "length:signaturefields");

        if (fieldcount == 0)
        {
            System.out.println("no signature fields");
            return;
        }

        // -------------------------------------------------------------
        // Analyze all signature fields and dump details of signed fields

        for (int f = 0; f < fieldcount; f++) {
            boolean visible = (p.pcos_get_number(doc, "signaturefields[" + f + "]/visible") > 0);
            System.out.print(visible ? "Visible" : "Invisible");

            String res = p.pcos_get_string(doc,
                "signaturefields[" + f + "]/fullname");
            System.out.print(" signature field '" + res + "': ");
            
            String sigtype = p.pcos_get_string(doc, "signaturefields[" + f + "]/sigtype");

            if (sigtype.equals("none"))
            {
                System.out.println("unsigned");
                continue;
            }
            
            System.out.print(sigtype + " signature");

            if (sigtype.equals("certification"))
            {
                String permissions = p.pcos_get_string(doc, "signaturefields[" + f + "]/permissions");
                System.out.print(" (changes allowed: " + permissions + ")");
            }
            System.out.println();
            
            // Old-style CMS signature or newer CAdES signature?
            if (p.pcos_get_number(doc, "signaturefields[" + f + "]/cades") > 0)
                System.out.println("CAdES/PAdES signature");
            else
                System.out.println("CMS signature");

            /* Dump various pieces of other signature information if present*/
            objtype = p.pcos_get_string(doc,
                "type:signaturefields[" + f + "]/V/Name");
            if (objtype.equals("string")) {
                res = p.pcos_get_string(doc,
                    "signaturefields[" + f + "]/V/Name");
                System.out.println("Name of signer: '" + res + "'");
            }
            objtype = p.pcos_get_string(doc,
                "type:signaturefields[" + f + "]/V/Reason");
            if (objtype.equals("string")) {
                res = p.pcos_get_string(doc,
                    "signaturefields[" + f + "]/V/Reason");
                System.out.println("Reason: '" + res + "'");
            }
            objtype = p.pcos_get_string(doc,
                "type:signaturefields[" + f + "]/V/M");
            if (objtype.equals("string")) {
                res = p.pcos_get_string(doc,
                    "signaturefields[" + f + "]/V/M");
                System.out.println("Time of signing: '" + res + "'");
            }

            System.out.println();
        }
        
        // -------------------------------------------------------------
        // Check Document Security Store (DSS)
        
        objtype = p.pcos_get_string(doc, "type:/Root/DSS");
        if (objtype.equals("dict"))
        {
            System.out.println("Document Security Store (DSS) present:");
            
            int val = 0;
            objtype = p.pcos_get_string(doc, "type:/Root/DSS/VRI");
            if (objtype.equals("dict"))
                val = (int) p.pcos_get_number(doc, "length:/Root/DSS/VRI");
            System.out.println("\t" + val +
                " VRI entries (validation-related information)");
            
            val = 0;
            objtype = p.pcos_get_string(doc, "type:/Root/DSS/Certs");
            if (objtype.equals("array"))
                val = (int) p.pcos_get_number(doc, "length:/Root/DSS/Certs");
            System.out.println("\t" + val + " certificate(s)");
            
            val = 0;
            objtype = p.pcos_get_string(doc, "type:/Root/DSS/OCSPs");
            if (objtype.equals("array"))
                val = (int) p.pcos_get_number(doc, "length:/Root/DSS/OCSPs");
            System.out.println("\t" + val + " OCSP response(s)");
            
            val = 0;
            objtype = p.pcos_get_string(doc, "type:/Root/DSS/CRLs");
            if (objtype.equals("array"))
                val = (int) p.pcos_get_number(doc, "length:/Root/DSS/CRLs");
            System.out.println("\t" + val + " CRL(s)");
        }

        // -------------------------------------------------------------
        // Check Reader-enabled document
        if (p.pcos_get_number(doc, "usagerights") > 0)
        {
            System.out.println("document contains signed usage rights (Reader-enabled)");
        }
    }

    public signatures(String[] argv, String readable_name, String search_path) {
        super(argv, readable_name, search_path);
    }

    public static void main(String argv[]) {
        signatures example = new signatures(argv, "Digital signature",
            SEARCH_PATH);
        example.execute();
    }
}