Package com.itextpdf.signatures
Class PKCS7ExternalSignatureContainer
- java.lang.Object
-
- com.itextpdf.signatures.PKCS7ExternalSignatureContainer
-
- All Implemented Interfaces:
IExternalSignatureContainer
public class PKCS7ExternalSignatureContainer extends java.lang.Object implements IExternalSignatureContainer
Implementation class forIExternalSignatureContainer
. This external signature container is implemented based on PCS7 standard andPdfPKCS7
class.
-
-
Field Summary
Fields Modifier and Type Field Description private java.security.cert.Certificate[]
chain
private ICrlClient
crlClient
private java.lang.String
hashAlgorithm
private IOcspClient
ocspClient
private java.security.PrivateKey
privateKey
private SignaturePolicyInfo
signaturePolicy
private PdfSigner.CryptoStandard
sigType
private ITSAClient
tsaClient
-
Constructor Summary
Constructors Constructor Description PKCS7ExternalSignatureContainer(java.security.PrivateKey privateKey, java.security.cert.Certificate[] chain, java.lang.String hashAlgorithm)
Creates an instance of PKCS7ExternalSignatureContainer
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
modifySigningDictionary(PdfDictionary signDic)
Modifies the signature dictionary to suit the container.void
setCrlClient(ICrlClient crlClient)
Set the CrlClient if you want revocation data collected trough Crl to be added to the signaturevoid
setOcspClient(IOcspClient ocspClient)
Set the OcspClient if you want revocation data collected trough Ocsp to be added to the signaturevoid
setSignaturePolicy(SignaturePolicyInfo signaturePolicy)
Set the signature policy if you want it to be added to the signaturevoid
setSignatureType(PdfSigner.CryptoStandard sigType)
Set a custom signature type, default valuePdfSigner.CryptoStandard.CMS
void
setTsaClient(ITSAClient tsaClient)
Set the TsaClient if you want a TSA timestamp added to the signaturebyte[]
sign(java.io.InputStream data)
Produces the container with the signature.
-
-
-
Field Detail
-
chain
private final java.security.cert.Certificate[] chain
-
privateKey
private final java.security.PrivateKey privateKey
-
hashAlgorithm
private final java.lang.String hashAlgorithm
-
ocspClient
private IOcspClient ocspClient
-
crlClient
private ICrlClient crlClient
-
tsaClient
private ITSAClient tsaClient
-
sigType
private PdfSigner.CryptoStandard sigType
-
signaturePolicy
private SignaturePolicyInfo signaturePolicy
-
-
Constructor Detail
-
PKCS7ExternalSignatureContainer
public PKCS7ExternalSignatureContainer(java.security.PrivateKey privateKey, java.security.cert.Certificate[] chain, java.lang.String hashAlgorithm)
Creates an instance of PKCS7ExternalSignatureContainer- Parameters:
privateKey
- The private key to sign withchain
- The certificate chainhashAlgorithm
- The hash algorithm to use
-
-
Method Detail
-
sign
public byte[] sign(java.io.InputStream data) throws java.security.GeneralSecurityException
Produces the container with the signature.- Specified by:
sign
in interfaceIExternalSignatureContainer
- Parameters:
data
- the data to sign- Returns:
- a container with the signature and other objects, like CRL and OCSP. The container will generally be a PKCS7 one.
- Throws:
java.security.GeneralSecurityException
- the general security exception
-
modifySigningDictionary
public void modifySigningDictionary(PdfDictionary signDic)
Modifies the signature dictionary to suit the container. At least the keysPdfName.Filter
andPdfName.SubFilter
will have to be set.- Specified by:
modifySigningDictionary
in interfaceIExternalSignatureContainer
- Parameters:
signDic
- the signature dictionary
-
setOcspClient
public void setOcspClient(IOcspClient ocspClient)
Set the OcspClient if you want revocation data collected trough Ocsp to be added to the signature- Parameters:
ocspClient
- the client to be used
-
setCrlClient
public void setCrlClient(ICrlClient crlClient)
Set the CrlClient if you want revocation data collected trough Crl to be added to the signature- Parameters:
crlClient
- the client to be used
-
setTsaClient
public void setTsaClient(ITSAClient tsaClient)
Set the TsaClient if you want a TSA timestamp added to the signature- Parameters:
tsaClient
- the client to use
-
setSignaturePolicy
public void setSignaturePolicy(SignaturePolicyInfo signaturePolicy)
Set the signature policy if you want it to be added to the signature- Parameters:
signaturePolicy
- the signature to be set.
-
setSignatureType
public void setSignatureType(PdfSigner.CryptoStandard sigType)
Set a custom signature type, default valuePdfSigner.CryptoStandard.CMS
- Parameters:
sigType
- the type of signature to be created
-
-