Class PdfSigner
- java.lang.Object
-
- com.itextpdf.signatures.PdfSigner
-
public class PdfSigner extends java.lang.Object
Takes care of the cryptographic options and appearances that form a signature.
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static class
PdfSigner.CryptoStandard
Enum containing the Cryptographic Standards.(package private) static interface
PdfSigner.ISignatureDataProvider
static interface
PdfSigner.ISignatureEvent
An interface to retrieve the signature dictionary for modification.(package private) static class
PdfSigner.SignatureApplier
-
Field Summary
Fields Modifier and Type Field Description private PdfAcroForm
acroForm
AcroForm for the PdfDocument.protected PdfSignatureAppearance
appearance
The signature appearance.protected byte[]
bout
The bytes of the file right before the signature is added (if raf is null).protected int
certificationLevel
The certification level.static int
CERTIFIED_FORM_FILLING
Author signature, form filling allowed.static int
CERTIFIED_FORM_FILLING_AND_ANNOTATIONS
Author signature, form filling and annotations allowed.static int
CERTIFIED_NO_CHANGES_ALLOWED
Author signature, no changes allowed.protected boolean
closed
Boolean to check if this PdfSigner instance has been closed already or not.protected PdfSignature
cryptoDictionary
The crypto dictionary.protected PdfDocument
document
The PdfDocument.protected java.util.Map<PdfName,PdfLiteral>
exclusionLocations
Name and content of keys that can only be added in the close() method.protected PdfSigFieldLock
fieldLock
Signature field lock dictionary.protected java.lang.String
fieldName
The name of the field.static int
NOT_CERTIFIED
Approval signature.protected java.io.OutputStream
originalOS
OutputStream for the bytes of the document.protected boolean
preClosed
Indicates if the pdf document has already been pre-closed.protected java.io.RandomAccessFile
raf
The file right before the signature is added (can be null).protected long[]
range
Array containing the byte positions of the bytes that need to be hashed.protected PdfSigner.ISignatureEvent
signatureEvent
Holds value of property signatureEvent.protected java.util.Calendar
signDate
Holds value of property signDate.protected java.io.File
tempFile
Tempfile to hold the output temporarily.protected java.io.ByteArrayOutputStream
temporaryOS
Outputstream that temporarily holds the output in memory.
-
Constructor Summary
Constructors Constructor Description PdfSigner(PdfDocument document, java.io.OutputStream outputStream, java.io.ByteArrayOutputStream temporaryOS, java.io.File tempFile)
PdfSigner(PdfReader reader, java.io.OutputStream outputStream, StampingProperties properties)
Creates a PdfSigner instance.PdfSigner(PdfReader reader, java.io.OutputStream outputStream, java.lang.String path, StampingProperties properties)
Creates a PdfSigner instance.PdfSigner(PdfReader reader, java.io.OutputStream outputStream, java.lang.String path, StampingProperties stampingProperties, SignerProperties signerProperties)
Creates a PdfSigner instance.
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Deprecated Methods Modifier and Type Method Description protected void
addDeveloperExtension(PdfDeveloperExtension extension)
Add developer extension to the currentPdfDocument
.protected void
addDocMDP(PdfSignature crypto)
Adds keys to the signature dictionary that define the certification level and the permissions.protected void
addFieldMDP(PdfSignature crypto, PdfSigFieldLock fieldLock)
Adds keys to the signature dictionary that define the field permissions.private void
applyDefaultPropertiesForTheNewField(PdfSignatureFormField sigField)
protected void
close(PdfDictionary update)
This is the last method to be called when using external signatures.protected PdfSigFieldLock
createNewSignatureFormField(PdfAcroForm acroForm, java.lang.String name)
Creates new signature form field and adds it to the acroForm object.(package private) PdfSignature
createSignatureDictionary(boolean includeDate)
protected boolean
documentContainsCertificationOrApprovalSignatures()
Check if current document instance already contains certification or approval signatures.int
getCertificationLevel()
Returns the document's certification level.java.lang.String
getContact()
Returns the signing contact.PdfDocument
getDocument()
Gets the PdfDocument associated with this instance.PdfSigFieldLock
getFieldLockDict()
Getter for the field lock dictionary.java.lang.String
getFieldName()
Gets the field name.java.lang.String
getLocation()
Returns the signing location.java.lang.String
getNewSigFieldName()
Gets a new signature field name that doesn't clash with any existing name.int
getPageNumber()
Provides the page number of the signature field which this signature appearance is associated with.Rectangle
getPageRect()
Provides the rectangle that represent the position and dimension of the signature field in the page.protected java.io.InputStream
getRangeStream()
Gets the document bytes that are hashable when using external signatures.java.lang.String
getReason()
Returns the signing reason.PdfSignatureAppearance
getSignatureAppearance()
Deprecated.java.lang.String
getSignatureCreator()
Returns the signature creator.PdfSignature
getSignatureDictionary()
Returns the user made signature dictionary.PdfSigner.ISignatureEvent
getSignatureEvent()
Getter for property signatureEvent.PdfSignatureFormField
getSignatureField()
Gets the signature field to be signed.java.util.Calendar
getSignDate()
Gets the signature date.protected IRandomAccessSource
getUnderlyingSource()
Returns the underlying source.protected int
getWidgetPageNumber(PdfWidgetAnnotation widget)
Get the page number associated to the provided widget.protected Rectangle
getWidgetRectangle(PdfWidgetAnnotation widget)
Get the rectangle associated to the provided widget.protected PdfDocument
initDocument(PdfReader reader, PdfWriter writer, StampingProperties properties)
Initialize newPdfDocument
instance by using provided parameters.private boolean
isDocumentPdf2()
protected boolean
isPreClosed()
Checks if the document is in the process of closing.protected PdfSigFieldLock
populateExistingSignatureFormField(PdfAcroForm acroForm)
Populates already existing signature form field in the acroForm object.protected void
preClose(java.util.Map<PdfName,java.lang.Integer> exclusionSizes)
This is the first method to be called when using external signatures.protected java.util.Collection<byte[]>
processCrl(java.security.cert.Certificate cert, java.util.Collection<ICrlClient> crlList)
Processes a CRL list.void
setCertificationLevel(int certificationLevel)
Sets the document's certification level.void
setCertificationLevel(AccessPermissions accessPermissions)
Sets the document's certification level.PdfSigner
setContact(java.lang.String contact)
Sets the signing contact.protected void
setDocument(PdfDocument document)
Sets the PdfDocument.void
setFieldLockDict(PdfSigFieldLock fieldLock)
Setter for the field lock dictionary.void
setFieldName(java.lang.String fieldName)
Sets the name indicating the field to be signed.PdfSigner
setLocation(java.lang.String location)
Sets the signing location.void
setOriginalOutputStream(java.io.OutputStream originalOS)
Setter for the OutputStream.PdfSigner
setPageNumber(int pageNumber)
Sets the page number of the signature field which this signature appearance is associated with.PdfSigner
setPageRect(Rectangle pageRect)
Sets the rectangle that represent the position and dimension of the signature field in the page.PdfSigner
setReason(java.lang.String reason)
Sets the signing reason.void
setSignatureAppearance(SignatureFieldAppearance appearance)
Sets the signature field layout element to customize the appearance of the signature.PdfSigner
setSignatureCreator(java.lang.String signatureCreator)
Sets the name of the application used to create the signature.void
setSignatureEvent(PdfSigner.ISignatureEvent signatureEvent)
Sets the signature event to allow modification of the signature dictionary.void
setSignDate(java.util.Calendar signDate)
Sets the signature date.static void
signDeferred(PdfDocument document, java.lang.String fieldName, java.io.OutputStream outs, IExternalSignatureContainer externalSignatureContainer)
Signs a PDF where space was already reserved.void
signDetached(IExternalDigest externalDigest, IExternalSignature externalSignature, java.security.cert.Certificate[] chain, java.util.Collection<ICrlClient> crlList, IOcspClient ocspClient, ITSAClient tsaClient, int estimatedSize, PdfSigner.CryptoStandard sigtype)
Signs the document using the detached mode, CMS or CAdES equivalent.void
signDetached(IExternalDigest externalDigest, IExternalSignature externalSignature, java.security.cert.Certificate[] chain, java.util.Collection<ICrlClient> crlList, IOcspClient ocspClient, ITSAClient tsaClient, int estimatedSize, PdfSigner.CryptoStandard sigtype, ISignaturePolicyIdentifier signaturePolicy)
Signs the document using the detached mode, CMS or CAdES equivalent.void
signDetached(IExternalDigest externalDigest, IExternalSignature externalSignature, java.security.cert.Certificate[] chain, java.util.Collection<ICrlClient> crlList, IOcspClient ocspClient, ITSAClient tsaClient, int estimatedSize, PdfSigner.CryptoStandard sigtype, SignaturePolicyInfo signaturePolicy)
Signs the document using the detached mode, CMS or CAdES equivalent.void
signDetached(IExternalSignature externalSignature, java.security.cert.Certificate[] chain, java.util.Collection<ICrlClient> crlList, IOcspClient ocspClient, ITSAClient tsaClient, int estimatedSize, PdfSigner.CryptoStandard sigtype)
Signs the document using the detached mode, CMS or CAdES equivalent.void
signDetached(IExternalSignature externalSignature, java.security.cert.Certificate[] chain, java.util.Collection<ICrlClient> crlList, IOcspClient ocspClient, ITSAClient tsaClient, int estimatedSize, PdfSigner.CryptoStandard sigtype, ISignaturePolicyIdentifier signaturePolicy)
Signs the document using the detached mode, CMS or CAdES equivalent.void
signDetached(IExternalSignature externalSignature, java.security.cert.Certificate[] chain, java.util.Collection<ICrlClient> crlList, IOcspClient ocspClient, ITSAClient tsaClient, int estimatedSize, PdfSigner.CryptoStandard sigtype, SignaturePolicyInfo signaturePolicy)
Signs the document using the detached mode, CMS or CAdES equivalent.void
signExternalContainer(IExternalSignatureContainer externalSignatureContainer, int estimatedSize)
Sign the document using an external container, usually a PKCS7.void
timestamp(ITSAClient tsa, java.lang.String signatureName)
Signs a document with a PAdES-LTV Timestamp.private void
updateFieldName(java.lang.String fieldName)
-
-
-
Field Detail
-
NOT_CERTIFIED
public static final int NOT_CERTIFIED
Approval signature.- See Also:
- Constant Field Values
-
CERTIFIED_NO_CHANGES_ALLOWED
public static final int CERTIFIED_NO_CHANGES_ALLOWED
Author signature, no changes allowed.- See Also:
- Constant Field Values
-
CERTIFIED_FORM_FILLING
public static final int CERTIFIED_FORM_FILLING
Author signature, form filling allowed.- See Also:
- Constant Field Values
-
CERTIFIED_FORM_FILLING_AND_ANNOTATIONS
public static final int CERTIFIED_FORM_FILLING_AND_ANNOTATIONS
Author signature, form filling and annotations allowed.- See Also:
- Constant Field Values
-
certificationLevel
protected int certificationLevel
The certification level.
-
fieldName
protected java.lang.String fieldName
The name of the field.
-
raf
protected java.io.RandomAccessFile raf
The file right before the signature is added (can be null).
-
bout
protected byte[] bout
The bytes of the file right before the signature is added (if raf is null).
-
range
protected long[] range
Array containing the byte positions of the bytes that need to be hashed.
-
document
protected PdfDocument document
The PdfDocument.
-
cryptoDictionary
protected PdfSignature cryptoDictionary
The crypto dictionary.
-
signatureEvent
protected PdfSigner.ISignatureEvent signatureEvent
Holds value of property signatureEvent.
-
originalOS
protected java.io.OutputStream originalOS
OutputStream for the bytes of the document.
-
temporaryOS
protected java.io.ByteArrayOutputStream temporaryOS
Outputstream that temporarily holds the output in memory.
-
tempFile
protected java.io.File tempFile
Tempfile to hold the output temporarily.
-
exclusionLocations
protected java.util.Map<PdfName,PdfLiteral> exclusionLocations
Name and content of keys that can only be added in the close() method.
-
preClosed
protected boolean preClosed
Indicates if the pdf document has already been pre-closed.
-
fieldLock
protected PdfSigFieldLock fieldLock
Signature field lock dictionary.
-
appearance
protected PdfSignatureAppearance appearance
The signature appearance.
-
signDate
protected java.util.Calendar signDate
Holds value of property signDate.
-
closed
protected boolean closed
Boolean to check if this PdfSigner instance has been closed already or not.
-
acroForm
private final PdfAcroForm acroForm
AcroForm for the PdfDocument.
-
-
Constructor Detail
-
PdfSigner
public PdfSigner(PdfReader reader, java.io.OutputStream outputStream, StampingProperties properties) throws java.io.IOException
Creates a PdfSigner instance. Uses aByteArrayOutputStream
instead of a temporary file.- Parameters:
reader
- PdfReader that reads the PDF fileoutputStream
- OutputStream to write the signed PDF fileproperties
-StampingProperties
for the signing document. Note that encryption will be preserved regardless of what is set in properties.- Throws:
java.io.IOException
- if some I/O problem occurs
-
PdfSigner
public PdfSigner(PdfReader reader, java.io.OutputStream outputStream, java.lang.String path, StampingProperties stampingProperties, SignerProperties signerProperties) throws java.io.IOException
Creates a PdfSigner instance. Uses aByteArrayOutputStream
instead of a temporary file.- Parameters:
reader
- PdfReader that reads the PDF fileoutputStream
- OutputStream to write the signed PDF filepath
- File to which the output is temporarily writtenstampingProperties
-StampingProperties
for the signing document. Note that encryption will be preserved regardless of what is set in properties.signerProperties
-SignerProperties
bundled properties to be used in signing operations.- Throws:
java.io.IOException
- if some I/O problem occurs
-
PdfSigner
public PdfSigner(PdfReader reader, java.io.OutputStream outputStream, java.lang.String path, StampingProperties properties) throws java.io.IOException
Creates a PdfSigner instance. Uses aByteArrayOutputStream
instead of a temporary file.- Parameters:
reader
- PdfReader that reads the PDF fileoutputStream
- OutputStream to write the signed PDF filepath
- File to which the output is temporarily writtenproperties
-StampingProperties
for the signing document. Note that encryption will be preserved regardless of what is set in properties.- Throws:
java.io.IOException
- if some I/O problem occurs
-
PdfSigner
PdfSigner(PdfDocument document, java.io.OutputStream outputStream, java.io.ByteArrayOutputStream temporaryOS, java.io.File tempFile)
-
-
Method Detail
-
initDocument
protected PdfDocument initDocument(PdfReader reader, PdfWriter writer, StampingProperties properties)
Initialize newPdfDocument
instance by using provided parameters.- Parameters:
reader
-PdfReader
to be used as a reader in the new documentwriter
-PdfWriter
to be used as a writer in the new documentproperties
-StampingProperties
to be provided in the new document- Returns:
- new
PdfDocument
instance
-
getSignDate
public java.util.Calendar getSignDate()
Gets the signature date.- Returns:
- Calendar set to the signature date
-
setSignDate
public void setSignDate(java.util.Calendar signDate)
Sets the signature date.- Parameters:
signDate
- the signature date
-
getSignatureAppearance
@Deprecated public PdfSignatureAppearance getSignatureAppearance()
Deprecated.Provides access to a signature appearance object. Use it to customize the appearance of the signature.Be aware:
- If you create new signature field (either use
setFieldName(java.lang.String)
with the name that doesn't exist in the document or don't specify it at all) then the signature is invisible by default. - If you sign already existing field, then the signature appearance object
is modified to have all the properties (page num., rect etc.) consistent with
the state of the field (if you customized the appearance object
before the
setFieldName(java.lang.String)
call you'll have to do it again)
- Returns:
PdfSignatureAppearance
object.
- If you create new signature field (either use
-
setSignatureAppearance
public void setSignatureAppearance(SignatureFieldAppearance appearance)
Sets the signature field layout element to customize the appearance of the signature. Signer's sign date will be set.- Parameters:
appearance
- theSignatureFieldAppearance
layout element.
-
getCertificationLevel
public int getCertificationLevel()
Returns the document's certification level. For possible values seesetCertificationLevel(int)
.- Returns:
- The certified status.
-
setCertificationLevel
public void setCertificationLevel(int certificationLevel)
Sets the document's certification level. This method overrides the value set bysetCertificationLevel(AccessPermissions)
.- Parameters:
certificationLevel
- a new certification level for a document. Possible values are:
-
setCertificationLevel
public void setCertificationLevel(AccessPermissions accessPermissions)
Sets the document's certification level. This method overrides the value set bysetCertificationLevel(int)
.- Parameters:
accessPermissions
-AccessPermissions
enum which specifies which certification level shall be used
-
getFieldName
public java.lang.String getFieldName()
Gets the field name.- Returns:
- the field name
-
getSignatureDictionary
public PdfSignature getSignatureDictionary()
Returns the user made signature dictionary. This is the dictionary at the /V key of the signature field.- Returns:
- The user made signature dictionary.
-
getSignatureEvent
public PdfSigner.ISignatureEvent getSignatureEvent()
Getter for property signatureEvent.- Returns:
- Value of property signatureEvent.
-
setSignatureEvent
public void setSignatureEvent(PdfSigner.ISignatureEvent signatureEvent)
Sets the signature event to allow modification of the signature dictionary.- Parameters:
signatureEvent
- the signature event
-
getNewSigFieldName
public java.lang.String getNewSigFieldName()
Gets a new signature field name that doesn't clash with any existing name.- Returns:
- A new signature field name.
-
setFieldName
public void setFieldName(java.lang.String fieldName)
Sets the name indicating the field to be signed. The field can already be presented in the document but shall not be signed. If the field is not presented in the document, it will be created.- Parameters:
fieldName
- The name indicating the field to be signed.
-
getDocument
public PdfDocument getDocument()
Gets the PdfDocument associated with this instance.- Returns:
- the PdfDocument associated with this instance
-
setDocument
protected void setDocument(PdfDocument document)
Sets the PdfDocument.- Parameters:
document
- The PdfDocument
-
getPageNumber
public int getPageNumber()
Provides the page number of the signature field which this signature appearance is associated with.- Returns:
- The page number of the signature field which this signature appearance is associated with.
-
setPageNumber
public PdfSigner setPageNumber(int pageNumber)
Sets the page number of the signature field which this signature appearance is associated with. Implicitly callssetPageRect(com.itextpdf.kernel.geom.Rectangle)
which considers page number to process the rectangle correctly.- Parameters:
pageNumber
- The page number of the signature field which this signature appearance is associated with.- Returns:
- this instance to support fluent interface.
-
getPageRect
public Rectangle getPageRect()
Provides the rectangle that represent the position and dimension of the signature field in the page.- Returns:
- the rectangle that represent the position and dimension of the signature field in the page
-
setPageRect
public PdfSigner setPageRect(Rectangle pageRect)
Sets the rectangle that represent the position and dimension of the signature field in the page.- Parameters:
pageRect
- The rectangle that represents the position and dimension of the signature field in the page.- Returns:
- this instance to support fluent interface.
-
setOriginalOutputStream
public void setOriginalOutputStream(java.io.OutputStream originalOS)
Setter for the OutputStream.- Parameters:
originalOS
- OutputStream for the bytes of the document
-
getFieldLockDict
public PdfSigFieldLock getFieldLockDict()
Getter for the field lock dictionary.- Returns:
- Field lock dictionary.
-
setFieldLockDict
public void setFieldLockDict(PdfSigFieldLock fieldLock)
Setter for the field lock dictionary.Be aware: if a signature is created on an existing signature field, then its /Lock dictionary takes the precedence (if it exists).
- Parameters:
fieldLock
- Field lock dictionary
-
getSignatureCreator
public java.lang.String getSignatureCreator()
Returns the signature creator.- Returns:
- The signature creator.
-
setSignatureCreator
public PdfSigner setSignatureCreator(java.lang.String signatureCreator)
Sets the name of the application used to create the signature.- Parameters:
signatureCreator
- A new name of the application signing a document.- Returns:
- this instance to support fluent interface.
-
getContact
public java.lang.String getContact()
Returns the signing contact.- Returns:
- The signing contact.
-
setContact
public PdfSigner setContact(java.lang.String contact)
Sets the signing contact.- Parameters:
contact
- A new signing contact.- Returns:
- this instance to support fluent interface.
-
getReason
public java.lang.String getReason()
Returns the signing reason.- Returns:
- The signing reason.
-
setReason
public PdfSigner setReason(java.lang.String reason)
Sets the signing reason.- Parameters:
reason
- A new signing reason.- Returns:
- this instance to support fluent interface.
-
getLocation
public java.lang.String getLocation()
Returns the signing location.- Returns:
- The signing location.
-
setLocation
public PdfSigner setLocation(java.lang.String location)
Sets the signing location.- Parameters:
location
- A new signing location.- Returns:
- this instance to support fluent interface.
-
getSignatureField
public PdfSignatureFormField getSignatureField()
Gets the signature field to be signed. The field can already be presented in the document. If the field is not presented in the document, it will be created.This field instance is expected to be used for setting appearance related properties such as
PdfSignatureFormField.setReuseAppearance(boolean)
,PdfSignatureFormField.setBackgroundLayer(com.itextpdf.kernel.pdf.xobject.PdfFormXObject)
andPdfSignatureFormField.setSignatureAppearanceLayer(com.itextpdf.kernel.pdf.xobject.PdfFormXObject)
.- Returns:
- the
PdfSignatureFormField
instance.
-
signDetached
public void signDetached(IExternalDigest externalDigest, IExternalSignature externalSignature, java.security.cert.Certificate[] chain, java.util.Collection<ICrlClient> crlList, IOcspClient ocspClient, ITSAClient tsaClient, int estimatedSize, PdfSigner.CryptoStandard sigtype) throws java.io.IOException, java.security.GeneralSecurityException
Signs the document using the detached mode, CMS or CAdES equivalent.
NOTE: This method closes the underlying pdf document. This means, that current instance of PdfSigner cannot be used after this method call.- Parameters:
externalSignature
- the interface providing the actual signingchain
- the certificate chaincrlList
- the CRL listocspClient
- the OCSP clienttsaClient
- the Timestamp clientexternalDigest
- an implementation that provides the digestestimatedSize
- the reserved size for the signature. It will be estimated if 0sigtype
- Either Signature.CMS or Signature.CADES- Throws:
java.io.IOException
- if some I/O problem occursjava.security.GeneralSecurityException
- if some problem during apply security algorithms occurs
-
signDetached
public void signDetached(IExternalSignature externalSignature, java.security.cert.Certificate[] chain, java.util.Collection<ICrlClient> crlList, IOcspClient ocspClient, ITSAClient tsaClient, int estimatedSize, PdfSigner.CryptoStandard sigtype) throws java.io.IOException, java.security.GeneralSecurityException
Signs the document using the detached mode, CMS or CAdES equivalent.
NOTE: This method closes the underlying pdf document. This means, that current instance of PdfSigner cannot be used after this method call.- Parameters:
externalSignature
- the interface providing the actual signingchain
- the certificate chaincrlList
- the CRL listocspClient
- the OCSP clienttsaClient
- the Timestamp clientestimatedSize
- the reserved size for the signature. It will be estimated if 0sigtype
- Either Signature.CMS or Signature.CADES- Throws:
java.io.IOException
- if some I/O problem occursjava.security.GeneralSecurityException
- if some problem during apply security algorithms occurs
-
signDetached
public void signDetached(IExternalDigest externalDigest, IExternalSignature externalSignature, java.security.cert.Certificate[] chain, java.util.Collection<ICrlClient> crlList, IOcspClient ocspClient, ITSAClient tsaClient, int estimatedSize, PdfSigner.CryptoStandard sigtype, SignaturePolicyInfo signaturePolicy) throws java.io.IOException, java.security.GeneralSecurityException
Signs the document using the detached mode, CMS or CAdES equivalent.
NOTE: This method closes the underlying pdf document. This means, that current instance of PdfSigner cannot be used after this method call.- Parameters:
externalSignature
- the interface providing the actual signingchain
- the certificate chaincrlList
- the CRL listocspClient
- the OCSP clienttsaClient
- the Timestamp clientexternalDigest
- an implementation that provides the digestestimatedSize
- the reserved size for the signature. It will be estimated if 0sigtype
- Either Signature.CMS or Signature.CADESsignaturePolicy
- the signature policy (for EPES signatures)- Throws:
java.io.IOException
- if some I/O problem occursjava.security.GeneralSecurityException
- if some problem during apply security algorithms occurs
-
signDetached
public void signDetached(IExternalSignature externalSignature, java.security.cert.Certificate[] chain, java.util.Collection<ICrlClient> crlList, IOcspClient ocspClient, ITSAClient tsaClient, int estimatedSize, PdfSigner.CryptoStandard sigtype, SignaturePolicyInfo signaturePolicy) throws java.io.IOException, java.security.GeneralSecurityException
Signs the document using the detached mode, CMS or CAdES equivalent.
NOTE: This method closes the underlying pdf document. This means, that current instance of PdfSigner cannot be used after this method call.- Parameters:
externalSignature
- the interface providing the actual signingchain
- the certificate chaincrlList
- the CRL listocspClient
- the OCSP clienttsaClient
- the Timestamp clientestimatedSize
- the reserved size for the signature. It will be estimated if 0sigtype
- Either Signature.CMS or Signature.CADESsignaturePolicy
- the signature policy (for EPES signatures)- Throws:
java.io.IOException
- if some I/O problem occursjava.security.GeneralSecurityException
- if some problem during apply security algorithms occurs
-
signDetached
public void signDetached(IExternalSignature externalSignature, java.security.cert.Certificate[] chain, java.util.Collection<ICrlClient> crlList, IOcspClient ocspClient, ITSAClient tsaClient, int estimatedSize, PdfSigner.CryptoStandard sigtype, ISignaturePolicyIdentifier signaturePolicy) throws java.io.IOException, java.security.GeneralSecurityException
Signs the document using the detached mode, CMS or CAdES equivalent.
NOTE: This method closes the underlying pdf document. This means, that current instance of PdfSigner cannot be used after this method call.- Parameters:
externalSignature
- the interface providing the actual signingchain
- the certificate chaincrlList
- the CRL listocspClient
- the OCSP clienttsaClient
- the Timestamp clientestimatedSize
- the reserved size for the signature. It will be estimated if 0sigtype
- Either Signature.CMS or Signature.CADESsignaturePolicy
- the signature policy (for EPES signatures)- Throws:
java.io.IOException
- if some I/O problem occursjava.security.GeneralSecurityException
- if some problem during apply security algorithms occurs
-
signDetached
public void signDetached(IExternalDigest externalDigest, IExternalSignature externalSignature, java.security.cert.Certificate[] chain, java.util.Collection<ICrlClient> crlList, IOcspClient ocspClient, ITSAClient tsaClient, int estimatedSize, PdfSigner.CryptoStandard sigtype, ISignaturePolicyIdentifier signaturePolicy) throws java.io.IOException, java.security.GeneralSecurityException
Signs the document using the detached mode, CMS or CAdES equivalent.
NOTE: This method closes the underlying pdf document. This means, that current instance of PdfSigner cannot be used after this method call.- Parameters:
externalSignature
- the interface providing the actual signingchain
- the certificate chaincrlList
- the CRL listocspClient
- the OCSP clienttsaClient
- the Timestamp clientexternalDigest
- an implementation that provides the digestestimatedSize
- the reserved size for the signature. It will be estimated if 0sigtype
- Either Signature.CMS or Signature.CADESsignaturePolicy
- the signature policy (for EPES signatures)- Throws:
java.io.IOException
- if some I/O problem occursjava.security.GeneralSecurityException
- if some problem during apply security algorithms occurs
-
signExternalContainer
public void signExternalContainer(IExternalSignatureContainer externalSignatureContainer, int estimatedSize) throws java.security.GeneralSecurityException, java.io.IOException
Sign the document using an external container, usually a PKCS7. The signature is fully composed externally, iText will just put the container inside the document.
NOTE: This method closes the underlying pdf document. This means, that current instance of PdfSigner cannot be used after this method call.- Parameters:
externalSignatureContainer
- the interface providing the actual signingestimatedSize
- the reserved size for the signature- Throws:
java.security.GeneralSecurityException
- if some problem during apply security algorithms occursjava.io.IOException
- if some I/O problem occurs
-
timestamp
public void timestamp(ITSAClient tsa, java.lang.String signatureName) throws java.io.IOException, java.security.GeneralSecurityException
Signs a document with a PAdES-LTV Timestamp. The document is closed at the end.
NOTE: This method closes the underlying pdf document. This means, that current instance of PdfSigner cannot be used after this method call.- Parameters:
tsa
- the timestamp generatorsignatureName
- the signature name or null to have a name generated automatically- Throws:
java.io.IOException
- if some I/O problem occurs or estimation for timestamp signature, provided withITSAClient.getTokenSizeEstimate()
, is not big enoughjava.security.GeneralSecurityException
- if some problem during apply security algorithms occurs
-
signDeferred
public static void signDeferred(PdfDocument document, java.lang.String fieldName, java.io.OutputStream outs, IExternalSignatureContainer externalSignatureContainer) throws java.io.IOException, java.security.GeneralSecurityException
Signs a PDF where space was already reserved.- Parameters:
document
- the original PDFfieldName
- the field to sign. It must be the last fieldouts
- the output PDFexternalSignatureContainer
- the signature container doing the actual signing. Only the method ExternalSignatureContainer.sign is used- Throws:
java.io.IOException
- if some I/O problem occursjava.security.GeneralSecurityException
- if some problem during apply security algorithms occurs
-
processCrl
protected java.util.Collection<byte[]> processCrl(java.security.cert.Certificate cert, java.util.Collection<ICrlClient> crlList) throws java.security.cert.CertificateEncodingException
Processes a CRL list.- Parameters:
cert
- a Certificate if one of the CrlList implementations needs to retrieve the CRL URL from it.crlList
- a list of CrlClient implementations- Returns:
- a collection of CRL bytes that can be embedded in a PDF
- Throws:
java.security.cert.CertificateEncodingException
- if an encoding error occurs inCertificate
.
-
addDeveloperExtension
protected void addDeveloperExtension(PdfDeveloperExtension extension)
Add developer extension to the currentPdfDocument
.- Parameters:
extension
-PdfDeveloperExtension
to be added
-
isPreClosed
protected boolean isPreClosed()
Checks if the document is in the process of closing.- Returns:
- true if the document is in the process of closing, false otherwise
-
preClose
protected void preClose(java.util.Map<PdfName,java.lang.Integer> exclusionSizes) throws java.io.IOException
This is the first method to be called when using external signatures. The general sequence is: preClose(), getDocumentBytes() and close().exclusionSizes
must contain at least thePdfName.CONTENTS
key with the size that it will take in the document. Note that due to the hex string coding this size should be byte_size*2+2.- Parameters:
exclusionSizes
- Map with names and sizes to be excluded in the signature calculation. The key is a PdfName and the value an Integer. At least the /Contents must be present- Throws:
java.io.IOException
- on error
-
populateExistingSignatureFormField
protected PdfSigFieldLock populateExistingSignatureFormField(PdfAcroForm acroForm) throws java.io.IOException
Populates already existing signature form field in the acroForm object. This method is called during thepreClose(Map)
method if the signature field already exists.- Parameters:
acroForm
-PdfAcroForm
object in which the signature field will be populated- Returns:
- signature field lock dictionary
- Throws:
java.io.IOException
- if font for the appearance dictionary cannot be created
-
createNewSignatureFormField
protected PdfSigFieldLock createNewSignatureFormField(PdfAcroForm acroForm, java.lang.String name) throws java.io.IOException
Creates new signature form field and adds it to the acroForm object. This method is called during thepreClose(Map)
method if the signature field doesn't exist.- Parameters:
acroForm
-PdfAcroForm
object in which new signature field will be addedname
- the name of the field- Returns:
- signature field lock dictionary
- Throws:
java.io.IOException
- if font for the appearance dictionary cannot be created
-
getRangeStream
protected java.io.InputStream getRangeStream() throws java.io.IOException
Gets the document bytes that are hashable when using external signatures. The general sequence is:preClose(Map)
,getRangeStream()
andclose(PdfDictionary)
.- Returns:
- The
InputStream
of bytes to be signed. - Throws:
java.io.IOException
- if some I/O problem occurs
-
close
protected void close(PdfDictionary update) throws java.io.IOException
This is the last method to be called when using external signatures. The general sequence is: preClose(), getDocumentBytes() and close().update is a PdfDictionary that must have exactly the same keys as the ones provided in
preClose(Map)
.- Parameters:
update
- a PdfDictionary with the key/value that will fill the holes defined inpreClose(Map)
- Throws:
java.io.IOException
- on error
-
getUnderlyingSource
protected IRandomAccessSource getUnderlyingSource() throws java.io.IOException
Returns the underlying source.- Returns:
- the underlying source
- Throws:
java.io.IOException
- if some I/O problem occurs
-
addDocMDP
protected void addDocMDP(PdfSignature crypto)
Adds keys to the signature dictionary that define the certification level and the permissions. This method is only used for Certifying signatures.- Parameters:
crypto
- the signature dictionary
-
addFieldMDP
protected void addFieldMDP(PdfSignature crypto, PdfSigFieldLock fieldLock)
Adds keys to the signature dictionary that define the field permissions. This method is only used for signatures that lock fields.- Parameters:
crypto
- the signature dictionaryfieldLock
- thePdfSigFieldLock
instance specified the field lock to be set
-
documentContainsCertificationOrApprovalSignatures
protected boolean documentContainsCertificationOrApprovalSignatures()
Check if current document instance already contains certification or approval signatures.- Returns:
true
if document contains certification or approval signatures,false
otherwise
-
getWidgetRectangle
protected Rectangle getWidgetRectangle(PdfWidgetAnnotation widget)
Get the rectangle associated to the provided widget.- Parameters:
widget
- PdfWidgetAnnotation to extract the rectangle from- Returns:
- Rectangle
-
getWidgetPageNumber
protected int getWidgetPageNumber(PdfWidgetAnnotation widget)
Get the page number associated to the provided widget.- Parameters:
widget
- PdfWidgetAnnotation from which to extract the page number- Returns:
- page number
-
updateFieldName
private void updateFieldName(java.lang.String fieldName)
-
isDocumentPdf2
private boolean isDocumentPdf2()
-
createSignatureDictionary
PdfSignature createSignatureDictionary(boolean includeDate)
-
applyDefaultPropertiesForTheNewField
private void applyDefaultPropertiesForTheNewField(PdfSignatureFormField sigField)
-
-