Class PdfPKCS7


  • public class PdfPKCS7
    extends java.lang.Object
    This class does all the processing related to signing and verifying a PKCS#7 signature.
    • Field Summary

      Fields 
      Modifier and Type Field Description
      private org.bouncycastle.cert.ocsp.BasicOCSPResp basicResp
      BouncyCastle BasicOCSPResp
      private java.util.Collection<java.security.cert.Certificate> certs
      All the X.509 certificates in no particular order.
      private java.util.Collection<java.security.cert.CRL> crls  
      private byte[] digest
      The signed digest as calculated by this class (or extracted from an existing PDF)
      private java.lang.String digestAlgorithmOid
      The ID of the digest algorithm, e.g.
      private java.util.Set<java.lang.String> digestalgos
      The digest algorithms
      private byte[] digestAttr
      The digest attributes
      private java.lang.String digestEncryptionAlgorithmOid
      The encryption algorithm.
      private java.security.MessageDigest encContDigest
      encrypted digest
      private byte[] externalDigest
      The signed digest if created outside this class
      private byte[] externalRSAdata
      External RSA data
      private PdfName filterSubtype  
      private ExternalDigest interfaceDigest  
      private boolean isCades
      True if it's a CAdES signature type.
      private boolean isTsp
      True if there's a PAdES LTV time stamp.
      private java.lang.String location
      Holds value of property location.
      private java.security.MessageDigest messageDigest
      The object that will create the digest
      private java.lang.String provider
      The encryption provider, e.g.
      private java.lang.String reason
      Holds value of property reason.
      private byte[] RSAdata
      The RSA data
      private java.security.Signature sig
      Class from the Java SDK that provides the functionality of a digital signature algorithm.
      private byte[] sigAttr
      Signature attributes
      private byte[] sigAttrDer
      Signature attributes (maybe not necessary, but we use it as fallback)
      private org.bouncycastle.asn1.esf.SignaturePolicyIdentifier signaturePolicyIdentifier  
      private java.security.cert.X509Certificate signCert
      The X.509 certificate that is used to sign the digest.
      private java.util.Collection<java.security.cert.Certificate> signCerts
      All the X.509 certificates used for the main signature.
      private java.util.Calendar signDate
      Holds value of property signDate.
      private int signerversion
      Version of the PKCS#7 "SignerInfo" object.
      private java.lang.String signName
      Holds value of property signName.
      private org.bouncycastle.tsp.TimeStampToken timeStampToken
      BouncyCastle TimeStampToken.
      private boolean verified
      Indicates if a signature has already been verified
      private boolean verifyResult
      The result of the verification
      private int version
      Version of the PKCS#7 object
    • Constructor Summary

      Constructors 
      Constructor Description
      PdfPKCS7​(byte[] contentsKey, byte[] certsKey, java.lang.String provider)
      Use this constructor if you want to verify a signature using the sub-filter adbe.x509.rsa_sha1.
      PdfPKCS7​(byte[] contentsKey, PdfName filterSubtype, java.lang.String provider)
      Use this constructor if you want to verify a signature.
      PdfPKCS7​(java.security.PrivateKey privKey, java.security.cert.Certificate[] certChain, java.lang.String hashAlgorithm, java.lang.String provider, ExternalDigest interfaceDigest, boolean hasRSAdata)
      Assembles all the elements needed to create a signature, except for the data.
    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      private org.bouncycastle.asn1.ASN1EncodableVector buildUnauthenticatedAttributes​(byte[] timeStampToken)
      Added by Aiken Sam, 2006-11-15, modifed by Martin Brunecky 07/12/2007 to start with the timeStampToken (signedData 1.2.840.113549.1.7.2).
      private void findCRL​(org.bouncycastle.asn1.ASN1Sequence seq)
      Helper method that tries to construct the CRLs.
      private void findOcsp​(org.bouncycastle.asn1.ASN1Sequence seq)
      Helper method that creates the BasicOCSPResp object.
      byte[] getAuthenticatedAttributeBytes​(byte[] secondDigest, byte[] ocsp, java.util.Collection<byte[]> crlBytes, MakeSignature.CryptoStandard sigtype)
      When using authenticatedAttributes the authentication process is different.
      private org.bouncycastle.asn1.DERSet getAuthenticatedAttributeSet​(byte[] secondDigest, byte[] ocsp, java.util.Collection<byte[]> crlBytes, MakeSignature.CryptoStandard sigtype)
      This method provides that encoding and the parameters must be exactly the same as in getEncodedPKCS7(byte[]).
      java.security.cert.Certificate[] getCertificates()
      Get all the X.509 certificates associated with this PKCS#7 object in no particular order.
      java.util.Collection<java.security.cert.CRL> getCRLs()
      Get the X.509 certificate revocation lists associated with this PKCS#7 object
      java.lang.String getDigestAlgorithm()
      Get the algorithm used to calculate the message digest, e.g.
      java.lang.String getDigestAlgorithmOid()
      Getter for the ID of the digest algorithm, e.g.
      java.lang.String getDigestEncryptionAlgorithmOid()
      Getter for the digest encryption algorithm
      byte[] getEncodedPKCS1()
      Gets the bytes for the PKCS#1 object.
      byte[] getEncodedPKCS7()
      Gets the bytes for the PKCS7SignedData object.
      byte[] getEncodedPKCS7​(byte[] secondDigest)
      Gets the bytes for the PKCS7SignedData object.
      byte[] getEncodedPKCS7​(byte[] secondDigest, TSAClient tsaClient, byte[] ocsp, java.util.Collection<byte[]> crlBytes, MakeSignature.CryptoStandard sigtype)
      Gets the bytes for the PKCS7SignedData object.
      java.lang.String getEncryptionAlgorithm()
      Returns the encryption algorithm
      PdfName getFilterSubtype()
      Returns the filter subtype.
      java.lang.String getHashAlgorithm()
      Returns the name of the digest algorithm, e.g.
      java.lang.String getLocation()
      Getter for property location.
      org.bouncycastle.cert.ocsp.BasicOCSPResp getOcsp()
      Gets the OCSP basic response if there is one.
      java.lang.String getReason()
      Getter for property reason.
      java.security.cert.Certificate[] getSignCertificateChain()
      Get the X.509 sign certificate chain associated with this PKCS#7 object.
      java.util.Calendar getSignDate()
      Getter for property signDate.
      java.security.cert.X509Certificate getSigningCertificate()
      Get the X.509 certificate actually used to sign the digest.
      int getSigningInfoVersion()
      Get the version of the PKCS#7 "SignerInfo" object.
      java.lang.String getSignName()
      Getter for property sigName.
      java.util.Calendar getTimeStampDate()
      Gets the timestamp date
      org.bouncycastle.tsp.TimeStampToken getTimeStampToken()
      Gets the timestamp token if there is one.
      int getVersion()
      Get the version of the PKCS#7 object.
      private java.security.Signature initSignature​(java.security.PrivateKey key)  
      private java.security.Signature initSignature​(java.security.PublicKey key)  
      boolean isRevocationValid()
      Checks if OCSP revocation refers to the document signing certificate.
      boolean isTsp()
      Check if it's a PAdES-LTV time stamp.
      void setExternalDigest​(byte[] digest, byte[] RSAdata, java.lang.String digestEncryptionAlgorithm)
      Sets the digest/signature to an external calculated value.
      void setLocation​(java.lang.String location)
      Setter for property location.
      void setReason​(java.lang.String reason)
      Setter for property reason.
      void setSignaturePolicy​(SignaturePolicyInfo signaturePolicy)  
      void setSignaturePolicy​(org.bouncycastle.asn1.esf.SignaturePolicyIdentifier signaturePolicy)  
      void setSignDate​(java.util.Calendar signDate)
      Setter for property signDate.
      void setSignName​(java.lang.String signName)
      Setter for property sigName.
      private void signCertificateChain()
      Helper method that creates the collection of certificates used for the main signature based on the complete list of certificates and the sign certificate.
      void update​(byte[] buf, int off, int len)
      Update the digest with the specified bytes.
      boolean verify()
      Verify the digest.
      private boolean verifySigAttributes​(byte[] attr)  
      boolean verifyTimestampImprint()
      Checks if the timestamp refers to this document.
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
    • Field Detail

      • provider

        private java.lang.String provider
        The encryption provider, e.g. "BC" if you use BouncyCastle.
      • signaturePolicyIdentifier

        private org.bouncycastle.asn1.esf.SignaturePolicyIdentifier signaturePolicyIdentifier
      • signName

        private java.lang.String signName
        Holds value of property signName.
      • reason

        private java.lang.String reason
        Holds value of property reason.
      • location

        private java.lang.String location
        Holds value of property location.
      • signDate

        private java.util.Calendar signDate
        Holds value of property signDate.
      • version

        private int version
        Version of the PKCS#7 object
      • signerversion

        private int signerversion
        Version of the PKCS#7 "SignerInfo" object.
      • digestAlgorithmOid

        private java.lang.String digestAlgorithmOid
        The ID of the digest algorithm, e.g. "2.16.840.1.101.3.4.2.1".
      • messageDigest

        private java.security.MessageDigest messageDigest
        The object that will create the digest
      • digestalgos

        private java.util.Set<java.lang.String> digestalgos
        The digest algorithms
      • digestAttr

        private byte[] digestAttr
        The digest attributes
      • filterSubtype

        private PdfName filterSubtype
      • digestEncryptionAlgorithmOid

        private java.lang.String digestEncryptionAlgorithmOid
        The encryption algorithm.
      • externalDigest

        private byte[] externalDigest
        The signed digest if created outside this class
      • externalRSAdata

        private byte[] externalRSAdata
        External RSA data
      • sig

        private java.security.Signature sig
        Class from the Java SDK that provides the functionality of a digital signature algorithm.
      • digest

        private byte[] digest
        The signed digest as calculated by this class (or extracted from an existing PDF)
      • RSAdata

        private byte[] RSAdata
        The RSA data
      • sigAttr

        private byte[] sigAttr
        Signature attributes
      • sigAttrDer

        private byte[] sigAttrDer
        Signature attributes (maybe not necessary, but we use it as fallback)
      • encContDigest

        private java.security.MessageDigest encContDigest
        encrypted digest
      • verified

        private boolean verified
        Indicates if a signature has already been verified
      • verifyResult

        private boolean verifyResult
        The result of the verification
      • certs

        private java.util.Collection<java.security.cert.Certificate> certs
        All the X.509 certificates in no particular order.
      • signCerts

        private java.util.Collection<java.security.cert.Certificate> signCerts
        All the X.509 certificates used for the main signature.
      • signCert

        private java.security.cert.X509Certificate signCert
        The X.509 certificate that is used to sign the digest.
      • crls

        private java.util.Collection<java.security.cert.CRL> crls
      • basicResp

        private org.bouncycastle.cert.ocsp.BasicOCSPResp basicResp
        BouncyCastle BasicOCSPResp
      • isTsp

        private boolean isTsp
        True if there's a PAdES LTV time stamp.
      • isCades

        private boolean isCades
        True if it's a CAdES signature type.
      • timeStampToken

        private org.bouncycastle.tsp.TimeStampToken timeStampToken
        BouncyCastle TimeStampToken.
    • Constructor Detail

      • PdfPKCS7

        public PdfPKCS7​(java.security.PrivateKey privKey,
                        java.security.cert.Certificate[] certChain,
                        java.lang.String hashAlgorithm,
                        java.lang.String provider,
                        ExternalDigest interfaceDigest,
                        boolean hasRSAdata)
                 throws java.security.InvalidKeyException,
                        java.security.NoSuchProviderException,
                        java.security.NoSuchAlgorithmException
        Assembles all the elements needed to create a signature, except for the data.
        Parameters:
        privKey - the private key
        certChain - the certificate chain
        interfaceDigest - the interface digest
        hashAlgorithm - the hash algorithm
        provider - the provider or null for the default provider
        hasRSAdata - true if the sub-filter is adbe.pkcs7.sha1
        Throws:
        java.security.InvalidKeyException - on error
        java.security.NoSuchProviderException - on error
        java.security.NoSuchAlgorithmException - on error
      • PdfPKCS7

        public PdfPKCS7​(byte[] contentsKey,
                        byte[] certsKey,
                        java.lang.String provider)
        Use this constructor if you want to verify a signature using the sub-filter adbe.x509.rsa_sha1.
        Parameters:
        contentsKey - the /Contents key
        certsKey - the /Cert key
        provider - the provider or null for the default provider
      • PdfPKCS7

        public PdfPKCS7​(byte[] contentsKey,
                        PdfName filterSubtype,
                        java.lang.String provider)
        Use this constructor if you want to verify a signature.
        Parameters:
        contentsKey - the /Contents key
        filterSubtype - the filtersubtype
        provider - the provider or null for the default provider
    • Method Detail

      • setSignaturePolicy

        public void setSignaturePolicy​(org.bouncycastle.asn1.esf.SignaturePolicyIdentifier signaturePolicy)
      • getSignName

        public java.lang.String getSignName()
        Getter for property sigName.
        Returns:
        Value of property sigName.
      • setSignName

        public void setSignName​(java.lang.String signName)
        Setter for property sigName.
        Parameters:
        signName - New value of property sigName.
      • getReason

        public java.lang.String getReason()
        Getter for property reason.
        Returns:
        Value of property reason.
      • setReason

        public void setReason​(java.lang.String reason)
        Setter for property reason.
        Parameters:
        reason - New value of property reason.
      • getLocation

        public java.lang.String getLocation()
        Getter for property location.
        Returns:
        Value of property location.
      • setLocation

        public void setLocation​(java.lang.String location)
        Setter for property location.
        Parameters:
        location - New value of property location.
      • getSignDate

        public java.util.Calendar getSignDate()
        Getter for property signDate.
        Returns:
        Value of property signDate.
      • setSignDate

        public void setSignDate​(java.util.Calendar signDate)
        Setter for property signDate.
        Parameters:
        signDate - New value of property signDate.
      • getVersion

        public int getVersion()
        Get the version of the PKCS#7 object.
        Returns:
        the version of the PKCS#7 object.
      • getSigningInfoVersion

        public int getSigningInfoVersion()
        Get the version of the PKCS#7 "SignerInfo" object.
        Returns:
        the version of the PKCS#7 "SignerInfo" object.
      • getDigestAlgorithmOid

        public java.lang.String getDigestAlgorithmOid()
        Getter for the ID of the digest algorithm, e.g. "2.16.840.1.101.3.4.2.1"
      • getHashAlgorithm

        public java.lang.String getHashAlgorithm()
        Returns the name of the digest algorithm, e.g. "SHA256".
        Returns:
        the digest algorithm name, e.g. "SHA256"
      • getDigestEncryptionAlgorithmOid

        public java.lang.String getDigestEncryptionAlgorithmOid()
        Getter for the digest encryption algorithm
      • getDigestAlgorithm

        public java.lang.String getDigestAlgorithm()
        Get the algorithm used to calculate the message digest, e.g. "SHA1withRSA".
        Returns:
        the algorithm used to calculate the message digest
      • setExternalDigest

        public void setExternalDigest​(byte[] digest,
                                      byte[] RSAdata,
                                      java.lang.String digestEncryptionAlgorithm)
        Sets the digest/signature to an external calculated value.
        Parameters:
        digest - the digest. This is the actual signature
        RSAdata - the extra data that goes into the data tag in PKCS#7
        digestEncryptionAlgorithm - the encryption algorithm. It may must be null if the digest is also null. If the digest is not null then it may be "RSA" or "DSA"
      • initSignature

        private java.security.Signature initSignature​(java.security.PrivateKey key)
                                               throws java.security.NoSuchAlgorithmException,
                                                      java.security.NoSuchProviderException,
                                                      java.security.InvalidKeyException
        Throws:
        java.security.NoSuchAlgorithmException
        java.security.NoSuchProviderException
        java.security.InvalidKeyException
      • initSignature

        private java.security.Signature initSignature​(java.security.PublicKey key)
                                               throws java.security.NoSuchAlgorithmException,
                                                      java.security.NoSuchProviderException,
                                                      java.security.InvalidKeyException
        Throws:
        java.security.NoSuchAlgorithmException
        java.security.NoSuchProviderException
        java.security.InvalidKeyException
      • update

        public void update​(byte[] buf,
                           int off,
                           int len)
                    throws java.security.SignatureException
        Update the digest with the specified bytes. This method is used both for signing and verifying
        Parameters:
        buf - the data buffer
        off - the offset in the data buffer
        len - the data length
        Throws:
        java.security.SignatureException - on error
      • getEncodedPKCS1

        public byte[] getEncodedPKCS1()
        Gets the bytes for the PKCS#1 object.
        Returns:
        a byte array
      • getEncodedPKCS7

        public byte[] getEncodedPKCS7()
        Gets the bytes for the PKCS7SignedData object.
        Returns:
        the bytes for the PKCS7SignedData object
      • getEncodedPKCS7

        public byte[] getEncodedPKCS7​(byte[] secondDigest)
        Gets the bytes for the PKCS7SignedData object. Optionally the authenticatedAttributes in the signerInfo can also be set. If either of the parameters is null, none will be used.
        Parameters:
        secondDigest - the digest in the authenticatedAttributes
        Returns:
        the bytes for the PKCS7SignedData object
      • getEncodedPKCS7

        public byte[] getEncodedPKCS7​(byte[] secondDigest,
                                      TSAClient tsaClient,
                                      byte[] ocsp,
                                      java.util.Collection<byte[]> crlBytes,
                                      MakeSignature.CryptoStandard sigtype)
        Gets the bytes for the PKCS7SignedData object. Optionally the authenticatedAttributes in the signerInfo can also be set, OR a time-stamp-authority client may be provided.
        Parameters:
        secondDigest - the digest in the authenticatedAttributes
        tsaClient - TSAClient - null or an optional time stamp authority client
        Returns:
        byte[] the bytes for the PKCS7SignedData object
        Since:
        2.1.6
      • buildUnauthenticatedAttributes

        private org.bouncycastle.asn1.ASN1EncodableVector buildUnauthenticatedAttributes​(byte[] timeStampToken)
                                                                                  throws java.io.IOException
        Added by Aiken Sam, 2006-11-15, modifed by Martin Brunecky 07/12/2007 to start with the timeStampToken (signedData 1.2.840.113549.1.7.2). Token is the TSA response without response status, which is usually handled by the (vendor supplied) TSA request/response interface).
        Parameters:
        timeStampToken - byte[] - time stamp token, DER encoded signedData
        Returns:
        ASN1EncodableVector
        Throws:
        java.io.IOException
      • getAuthenticatedAttributeBytes

        public byte[] getAuthenticatedAttributeBytes​(byte[] secondDigest,
                                                     byte[] ocsp,
                                                     java.util.Collection<byte[]> crlBytes,
                                                     MakeSignature.CryptoStandard sigtype)
        When using authenticatedAttributes the authentication process is different. The document digest is generated and put inside the attribute. The signing is done over the DER encoded authenticatedAttributes. This method provides that encoding and the parameters must be exactly the same as in getEncodedPKCS7(byte[]).

        A simple example:

         Calendar cal = Calendar.getInstance();
         PdfPKCS7 pk7 = new PdfPKCS7(key, chain, null, "SHA1", null, false);
         MessageDigest messageDigest = MessageDigest.getInstance("SHA1");
         byte buf[] = new byte[8192];
         int n;
         InputStream inp = sap.getRangeStream();
         while ((n = inp.read(buf)) > 0) {
            messageDigest.update(buf, 0, n);
         }
         byte hash[] = messageDigest.digest();
         byte sh[] = pk7.getAuthenticatedAttributeBytes(hash, cal);
         pk7.update(sh, 0, sh.length);
         byte sg[] = pk7.getEncodedPKCS7(hash, cal);
         
        Parameters:
        secondDigest - the content digest
        Returns:
        the byte array representation of the authenticatedAttributes ready to be signed
      • getAuthenticatedAttributeSet

        private org.bouncycastle.asn1.DERSet getAuthenticatedAttributeSet​(byte[] secondDigest,
                                                                          byte[] ocsp,
                                                                          java.util.Collection<byte[]> crlBytes,
                                                                          MakeSignature.CryptoStandard sigtype)
        This method provides that encoding and the parameters must be exactly the same as in getEncodedPKCS7(byte[]).
        Parameters:
        secondDigest - the content digest
        Returns:
        the byte array representation of the authenticatedAttributes ready to be signed
      • verify

        public boolean verify()
                       throws java.security.GeneralSecurityException
        Verify the digest.
        Returns:
        true if the signature checks out, false otherwise
        Throws:
        java.security.SignatureException - on error
        java.security.GeneralSecurityException
      • verifySigAttributes

        private boolean verifySigAttributes​(byte[] attr)
                                     throws java.security.GeneralSecurityException
        Throws:
        java.security.GeneralSecurityException
      • verifyTimestampImprint

        public boolean verifyTimestampImprint()
                                       throws java.security.GeneralSecurityException
        Checks if the timestamp refers to this document.
        Returns:
        true if it checks false otherwise
        Throws:
        java.security.GeneralSecurityException - on error
        Since:
        2.1.6
      • getCertificates

        public java.security.cert.Certificate[] getCertificates()
        Get all the X.509 certificates associated with this PKCS#7 object in no particular order. Other certificates, from OCSP for example, will also be included.
        Returns:
        the X.509 certificates associated with this PKCS#7 object
      • getSignCertificateChain

        public java.security.cert.Certificate[] getSignCertificateChain()
        Get the X.509 sign certificate chain associated with this PKCS#7 object. Only the certificates used for the main signature will be returned, with the signing certificate first.
        Returns:
        the X.509 certificates associated with this PKCS#7 object
        Since:
        2.1.6
      • getSigningCertificate

        public java.security.cert.X509Certificate getSigningCertificate()
        Get the X.509 certificate actually used to sign the digest.
        Returns:
        the X.509 certificate actually used to sign the digest
      • signCertificateChain

        private void signCertificateChain()
        Helper method that creates the collection of certificates used for the main signature based on the complete list of certificates and the sign certificate.
      • getCRLs

        public java.util.Collection<java.security.cert.CRL> getCRLs()
        Get the X.509 certificate revocation lists associated with this PKCS#7 object
        Returns:
        the X.509 certificate revocation lists associated with this PKCS#7 object
      • findCRL

        private void findCRL​(org.bouncycastle.asn1.ASN1Sequence seq)
        Helper method that tries to construct the CRLs.
      • getOcsp

        public org.bouncycastle.cert.ocsp.BasicOCSPResp getOcsp()
        Gets the OCSP basic response if there is one.
        Returns:
        the OCSP basic response or null
        Since:
        2.1.6
      • isRevocationValid

        public boolean isRevocationValid()
        Checks if OCSP revocation refers to the document signing certificate.
        Returns:
        true if it checks, false otherwise
        Since:
        2.1.6
      • findOcsp

        private void findOcsp​(org.bouncycastle.asn1.ASN1Sequence seq)
                       throws java.io.IOException
        Helper method that creates the BasicOCSPResp object.
        Parameters:
        seq -
        Throws:
        java.io.IOException
      • isTsp

        public boolean isTsp()
        Check if it's a PAdES-LTV time stamp.
        Returns:
        true if it's a PAdES-LTV time stamp, false otherwise
      • getTimeStampToken

        public org.bouncycastle.tsp.TimeStampToken getTimeStampToken()
        Gets the timestamp token if there is one.
        Returns:
        the timestamp token or null
        Since:
        2.1.6
      • getTimeStampDate

        public java.util.Calendar getTimeStampDate()
        Gets the timestamp date
        Returns:
        a date
        Since:
        2.1.6
      • getFilterSubtype

        public PdfName getFilterSubtype()
        Returns the filter subtype.
      • getEncryptionAlgorithm

        public java.lang.String getEncryptionAlgorithm()
        Returns the encryption algorithm
        Returns:
        the name of an encryption algorithm