Class PdfPadesSigner


  • public class PdfPadesSigner
    extends java.lang.Object
    This class performs signing with PaDES related profiles using provided parameters.
    • Field Detail

      • DEFAULT_DIGEST_ALGORITHM

        private static final java.lang.String DEFAULT_DIGEST_ALGORITHM
        See Also:
        Constant Field Values
      • LOCK_OBJECT

        private static final java.lang.Object LOCK_OBJECT
      • increment

        private static long increment
      • estimatedSize

        private int estimatedSize
      • timestampSignatureName

        private java.lang.String timestampSignatureName
      • temporaryDirectoryPath

        private java.lang.String temporaryDirectoryPath
      • stampingPropertiesWithMetaInfo

        private StampingProperties stampingPropertiesWithMetaInfo
      • tempOutputStream

        private java.io.ByteArrayOutputStream tempOutputStream
      • tempFile

        private java.io.File tempFile
      • tempFiles

        private final java.util.Set<java.io.File> tempFiles
      • outputStream

        private final java.io.OutputStream outputStream
    • Constructor Detail

      • PdfPadesSigner

        public PdfPadesSigner​(PdfReader reader,
                              java.io.OutputStream outputStream)
        Create an instance of PdfPadesSigner class. One instance shall be used for one signing operation.
        Parameters:
        reader - PdfReader instance to read original PDF file
        outputStream - OutputStream output stream to write the resulting PDF file into
    • Method Detail

      • signWithBaselineBProfile

        public void signWithBaselineBProfile​(SignerProperties signerProperties,
                                             java.security.cert.Certificate[] chain,
                                             IExternalSignature externalSignature)
                                      throws java.security.GeneralSecurityException,
                                             java.io.IOException
        Sign the document provided in PdfSigner instance with PaDES Baseline-B Profile.
        Parameters:
        signerProperties - SignerProperties properties to be used for main signing operation
        chain - the chain of certificates to be used for signing operation
        externalSignature - IExternalSignature instance to be used for main signing operation
        Throws:
        java.security.GeneralSecurityException - in case of signing related exceptions
        java.io.IOException - in case of files related exceptions
      • signWithBaselineBProfile

        public void signWithBaselineBProfile​(SignerProperties signerProperties,
                                             java.security.cert.Certificate[] chain,
                                             java.security.PrivateKey privateKey)
                                      throws java.security.GeneralSecurityException,
                                             java.io.IOException
        Sign the document provided in PdfSigner instance with PaDES Baseline-B Profile.
        Parameters:
        signerProperties - SignerProperties properties to be used for main signing operation
        chain - the chain of certificates to be used for signing operation
        privateKey - PrivateKey instance to be used for main signing operation
        Throws:
        java.security.GeneralSecurityException - in case of signing related exceptions
        java.io.IOException - in case of files related exceptions
      • signWithBaselineTProfile

        public void signWithBaselineTProfile​(SignerProperties signerProperties,
                                             java.security.cert.Certificate[] chain,
                                             IExternalSignature externalSignature,
                                             ITSAClient tsaClient)
                                      throws java.security.GeneralSecurityException,
                                             java.io.IOException
        Sign the document provided in PdfSigner instance with PaDES Baseline-T Profile.
        Parameters:
        signerProperties - SignerProperties properties to be used for main signing operation
        chain - the chain of certificates to be used for signing operation
        externalSignature - IExternalSignature instance to be used for main signing operation
        tsaClient - ITSAClient instance to be used for timestamp creation
        Throws:
        java.security.GeneralSecurityException - in case of signing related exceptions
        java.io.IOException - in case of files related exceptions
      • signWithBaselineTProfile

        public void signWithBaselineTProfile​(SignerProperties signerProperties,
                                             java.security.cert.Certificate[] chain,
                                             java.security.PrivateKey privateKey,
                                             ITSAClient tsaClient)
                                      throws java.security.GeneralSecurityException,
                                             java.io.IOException
        Sign the document provided in PdfSigner instance with PaDES Baseline-T Profile.
        Parameters:
        signerProperties - SignerProperties properties to be used for main signing operation
        chain - the chain of certificates to be used for signing operation
        privateKey - PrivateKey instance to be used for main signing operation
        tsaClient - ITSAClient instance to be used for timestamp creation
        Throws:
        java.security.GeneralSecurityException - in case of signing related exceptions
        java.io.IOException - in case of files related exceptions
      • signWithBaselineLTProfile

        public void signWithBaselineLTProfile​(SignerProperties signerProperties,
                                              java.security.cert.Certificate[] chain,
                                              IExternalSignature externalSignature,
                                              ITSAClient tsaClient)
                                       throws java.security.GeneralSecurityException,
                                              java.io.IOException
        Sign the document provided in PdfSigner instance with PaDES Baseline-LT Profile.
        Parameters:
        signerProperties - SignerProperties properties to be used for main signing operation
        chain - the chain of certificates to be used for signing operation
        externalSignature - IExternalSignature instance to be used for main signing operation
        tsaClient - ITSAClient instance to be used for timestamp creation
        Throws:
        java.security.GeneralSecurityException - in case of signing related exceptions
        java.io.IOException - in case of files related exceptions
      • signWithBaselineLTProfile

        public void signWithBaselineLTProfile​(SignerProperties signerProperties,
                                              java.security.cert.Certificate[] chain,
                                              java.security.PrivateKey privateKey,
                                              ITSAClient tsaClient)
                                       throws java.security.GeneralSecurityException,
                                              java.io.IOException
        Sign the document provided in PdfSigner instance with PaDES Baseline-LT Profile.
        Parameters:
        signerProperties - SignerProperties properties to be used for main signing operation
        chain - the chain of certificates to be used for signing operation
        privateKey - PrivateKey instance to be used for main signing operation
        tsaClient - ITSAClient instance to be used for timestamp creation
        Throws:
        java.security.GeneralSecurityException - in case of signing related exceptions
        java.io.IOException - in case of files related exceptions
      • signWithBaselineLTAProfile

        public void signWithBaselineLTAProfile​(SignerProperties signerProperties,
                                               java.security.cert.Certificate[] chain,
                                               IExternalSignature externalSignature,
                                               ITSAClient tsaClient)
                                        throws java.io.IOException,
                                               java.security.GeneralSecurityException
        Sign the document provided in PdfSigner instance with PaDES Baseline-LTA Profile.
        Parameters:
        signerProperties - SignerProperties properties to be used for main signing operation
        chain - the chain of certificates to be used for signing operation
        externalSignature - IExternalSignature instance to be used for main signing operation
        tsaClient - ITSAClient instance to be used for timestamp creation
        Throws:
        java.security.GeneralSecurityException - in case of signing related exceptions
        java.io.IOException - in case of files related exceptions
      • signWithBaselineLTAProfile

        public void signWithBaselineLTAProfile​(SignerProperties signerProperties,
                                               java.security.cert.Certificate[] chain,
                                               java.security.PrivateKey privateKey,
                                               ITSAClient tsaClient)
                                        throws java.security.GeneralSecurityException,
                                               java.io.IOException
        Sign the document provided in PdfSigner instance with PaDES Baseline-LTA Profile.
        Parameters:
        signerProperties - SignerProperties properties to be used for main signing operation
        chain - the chain of certificates to be used for signing operation
        privateKey - PrivateKey instance to be used for main signing operation
        tsaClient - ITSAClient instance to be used for timestamp creation
        Throws:
        java.security.GeneralSecurityException - in case of signing related exceptions
        java.io.IOException - in case of files related exceptions
      • prolongSignatures

        public void prolongSignatures​(ITSAClient tsaClient)
                               throws java.io.IOException,
                                      java.security.GeneralSecurityException
        Add revocation information for all the signatures which could be found in the provided document. Also add timestamp signature on top of that.
        Parameters:
        tsaClient - ITSAClient TSA Client to be used for timestamp signature creation
        Throws:
        java.io.IOException - in case of files related exceptions
        java.security.GeneralSecurityException - in case of signing related exceptions
      • prolongSignatures

        public void prolongSignatures()
                               throws java.io.IOException,
                                      java.security.GeneralSecurityException
        Add revocation information for all the signatures which could be found in the provided document.
        Throws:
        java.io.IOException - in case of files related exceptions
        java.security.GeneralSecurityException - in case of signing related exceptions
      • setTemporaryDirectoryPath

        public PdfPadesSigner setTemporaryDirectoryPath​(java.lang.String temporaryDirectoryPath)
        Set temporary directory to be used for temporary files creation.

        If none is set, temporary documents will be created in memory.

        Parameters:
        temporaryDirectoryPath - String representing relative or absolute path to the directory
        Returns:
        same instance of PdfPadesSigner
      • setStampingProperties

        public PdfPadesSigner setStampingProperties​(StampingProperties stampingProperties)
        Set stamping properties to be used during main signing operation.

        If none is set, stamping properties with append mode enabled will be used

        Parameters:
        stampingProperties - StampingProperties instance to be used during main signing operation
        Returns:
        same instance of PdfPadesSigner
      • setEstimatedSize

        public PdfPadesSigner setEstimatedSize​(int estimatedSize)
        Set estimated size of a signature to be applied.

        This parameter represents estimated amount of bytes to be preserved for the signature.

        If none is set, 0 will be used and the required space will be calculated during the signing.

        Parameters:
        estimatedSize - amount of bytes to be used as estimated value
        Returns:
        same instance of PdfPadesSigner
      • setOcspClient

        public PdfPadesSigner setOcspClient​(IOcspClient ocspClient)
        Set IOcspClient to be used for LTV Verification.

        This setter is only relevant if Baseline-LT Profile level or higher is used.

        If none is set, there will be an attempt to create default OCSP Client instance using the certificate chain.

        Parameters:
        ocspClient - IOcspClient instance to be used for LTV Verification
        Returns:
        same instance of PdfPadesSigner
      • setCrlClient

        public PdfPadesSigner setCrlClient​(ICrlClient crlClient)
        Set ICrlClient to be used for LTV Verification.

        This setter is only relevant if Baseline-LT Profile level or higher is used.

        If none is set, there will be an attempt to create default CRL Client instance using the certificate chain.

        Parameters:
        crlClient - ICrlClient instance to be used for LTV Verification
        Returns:
        same instance of PdfPadesSigner
      • setTrustedCertificates

        public PdfPadesSigner setTrustedCertificates​(java.util.List<java.security.cert.Certificate> certificateList)
        Set certificate list to be used by the IIssuingCertificateRetriever to retrieve missing certificates.
        Parameters:
        certificateList - certificate list for getting missing certificates in chain or CRL response issuer certificates.
        Returns:
        same instance of PdfPadesSigner.
      • performTimestamping

        void performTimestamping​(PdfDocument document,
                                 java.io.OutputStream outputStream,
                                 ITSAClient tsaClient)
                          throws java.io.IOException,
                                 java.security.GeneralSecurityException
        Throws:
        java.io.IOException
        java.security.GeneralSecurityException
      • createPdfSigner

        PdfSigner createPdfSigner​(SignerProperties signerProperties,
                                  boolean isFinal)
                           throws java.io.IOException
        Throws:
        java.io.IOException
      • performLtvVerification

        void performLtvVerification​(PdfDocument pdfDocument,
                                    java.util.List<java.lang.String> signatureNames,
                                    LtvVerification.RevocationDataNecessity revocationDataNecessity)
                             throws java.io.IOException,
                                    java.security.GeneralSecurityException
        Throws:
        java.io.IOException
        java.security.GeneralSecurityException
      • deleteTempFiles

        void deleteTempFiles()
      • createOutputStream

        java.io.OutputStream createOutputStream()
                                         throws java.io.FileNotFoundException
        Throws:
        java.io.FileNotFoundException
      • createInputStream

        java.io.InputStream createInputStream()
                                       throws java.io.IOException
        Throws:
        java.io.IOException
      • createRevocationClients

        void createRevocationClients​(java.security.cert.Certificate signingCert,
                                     boolean clientsRequired)
      • performSignDetached

        private void performSignDetached​(SignerProperties signerProperties,
                                         boolean isFinal,
                                         IExternalSignature externalSignature,
                                         java.security.cert.Certificate[] chain,
                                         ITSAClient tsaClient)
                                  throws java.security.GeneralSecurityException,
                                         java.io.IOException
        Throws:
        java.security.GeneralSecurityException
        java.io.IOException
      • getNextTempFile

        private java.io.File getNextTempFile()
      • getDigestAlgorithm

        private java.lang.String getDigestAlgorithm​(java.security.PrivateKey privateKey)