Class SignatureUtil


  • public class SignatureUtil
    extends java.lang.Object
    Utility class that provides several convenience methods concerning digital signatures.
    • Field Detail

      • sigNames

        private java.util.Map<java.lang.String,​int[]> sigNames
      • orderedSignatureNames

        private java.util.List<java.lang.String> orderedSignatureNames
      • totalRevisions

        private int totalRevisions
    • Constructor Detail

      • SignatureUtil

        public SignatureUtil​(PdfDocument document)
        Creates a SignatureUtil instance. Sets the acroForm field to the acroForm in the PdfDocument. iText will create a new AcroForm if the PdfDocument doesn't contain one.
        Parameters:
        document - PdfDocument to be inspected
    • Method Detail

      • readSignatureData

        public PdfPKCS7 readSignatureData​(java.lang.String signatureFieldName)
        Prepares an PdfPKCS7 instance for the given signature. This method handles signature parsing and might throw an exception if signature is malformed.

        The returned PdfPKCS7 can be used to fetch additional info about the signature and also to perform integrity check of data signed by the given signature field.

        In order to validate the signature it is required to check if it covers the entire file, otherwise one cannot be sure that signature in question indeed signs the data that constitutes current PdfDocument with all its contents. In order to check that given signature covers the current PdfDocument please use signatureCoversWholeDocument(String) method.

        Parameters:
        signatureFieldName - the signature field name
        Returns:
        a PdfPKCS7 instance which can be used to fetch additional info about the signature and also to perform integrity check of data signed by the given signature field.
      • readSignatureData

        public PdfPKCS7 readSignatureData​(java.lang.String signatureFieldName,
                                          java.lang.String securityProvider)
        Prepares an PdfPKCS7 instance for the given signature. This method handles signature parsing and might throw an exception if signature is malformed.

        The returned PdfPKCS7 can be used to fetch additional info about the signature and also to perform integrity check of data signed by the given signature field.

        Prepared PdfPKCS7 instance calculates digest based on signature's /ByteRange entry. In order to check that /ByteRange is properly defined and given signature indeed covers the current PDF document revision please use signatureCoversWholeDocument(String) method.

        Parameters:
        signatureFieldName - the signature field name
        securityProvider - the security provider or null for the default provider
        Returns:
        a PdfPKCS7 instance which can be used to fetch additional info about the signature and also to perform integrity check of data signed by the given signature field.
      • getSignature

        public PdfSignature getSignature​(java.lang.String name)
        Get PdfSignature dictionary based on the provided name.
        Parameters:
        name - signature name
        Returns:
        PdfSignature instance corresponding to the provided name. null otherwise
      • getSignatureDictionary

        public PdfDictionary getSignatureDictionary​(java.lang.String name)
        Gets the signature dictionary, the one keyed by /V.
        Parameters:
        name - the field name
        Returns:
        the signature dictionary keyed by /V or null if the field is not a signature
      • getSignatureFormFieldDictionary

        public PdfDictionary getSignatureFormFieldDictionary​(java.lang.String name)
      • getSignatureNames

        public java.util.List<java.lang.String> getSignatureNames()
        Gets the field names that have signatures and are signed.
        Returns:
        List containing the field names that have signatures and are signed
      • getBlankSignatureNames

        public java.util.List<java.lang.String> getBlankSignatureNames()
        Gets the field names that have blank signatures.
        Returns:
        List containing the field names that have blank signatures
      • getTotalRevisions

        public int getTotalRevisions()
        Get the amount of signed document revisions.
        Returns:
        int amount of signed document revisions
      • getRevision

        public int getRevision​(java.lang.String field)
        Get signed document revision number, which corresponds to the provided signature name.
        Parameters:
        field - signature name
        Returns:
        int revision number
      • getTranslatedFieldName

        public java.lang.String getTranslatedFieldName​(java.lang.String name)
        Get field name, translated using XFA, if any present in the document.
        Parameters:
        name - field name to be translated
        Returns:
        translated field name if XFA is present, original name otherwise
      • extractRevision

        public java.io.InputStream extractRevision​(java.lang.String field)
        Extracts a revision from the document.
        Parameters:
        field - the signature field name
        Returns:
        an InputStream covering the revision. Returns null if it's not a signature field
      • signatureCoversWholeDocument

        public boolean signatureCoversWholeDocument​(java.lang.String name)
        Checks if the signature covers the entire document (except for signature's Contents) or just a part of it.

        If this method does not return true it means that signature in question does not cover the entire contents of current PdfDocument. Such signatures cannot be considered as verifying the PDF document, because content that is not covered by signature might have been modified since the signature creation.

        Parameters:
        name - the signature field name
        Returns:
        true if the signature covers the entire document, false if it doesn't
      • doesSignatureFieldExist

        public boolean doesSignatureFieldExist​(java.lang.String name)
        Checks whether a name exists as a signature field or not. It checks both signed fields and blank signatures.
        Parameters:
        name - name of the field
        Returns:
        boolean does the signature field exist
      • populateSignatureNames

        private void populateSignatureNames()