Package com.itextpdf.text.pdf.security

Class PdfPKCS7

java.lang.Object

com.itextpdf.text.pdf.security.PdfPKCS7

public class PdfPKCS7
extends java.lang.Object

This class does all the processing related to signing and verifying a PKCS#7 signature.

Field Summary

Fields

Modifier and Type	Field	Description
private org.bouncycastle.cert.ocsp.BasicOCSPResp	basicResp	BouncyCastle BasicOCSPResp
private java.util.Collection<java.security.cert.Certificate>	certs	All the X.509 certificates in no particular order.
private java.util.Collection<java.security.cert.CRL>	crls
private byte[]	digest	The signed digest as calculated by this class (or extracted from an existing PDF)
private java.lang.String	digestAlgorithmOid	The ID of the digest algorithm, e.g.
private java.util.Set<java.lang.String>	digestalgos	The digest algorithms
private byte[]	digestAttr	The digest attributes
private java.lang.String	digestEncryptionAlgorithmOid	The encryption algorithm.
private java.security.MessageDigest	encContDigest	encrypted digest
private byte[]	externalDigest	The signed digest if created outside this class
private byte[]	externalRSAdata	External RSA data
private PdfName	filterSubtype
private ExternalDigest	interfaceDigest
private boolean	isCades	True if it's a CAdES signature type.
private boolean	isTsp	True if there's a PAdES LTV time stamp.
private java.lang.String	location	Holds value of property location.
private java.security.MessageDigest	messageDigest	The object that will create the digest
private java.lang.String	provider	The encryption provider, e.g.
private java.lang.String	reason	Holds value of property reason.
private byte[]	RSAdata	The RSA data
private java.security.Signature	sig	Class from the Java SDK that provides the functionality of a digital signature algorithm.
private byte[]	sigAttr	Signature attributes
private byte[]	sigAttrDer	Signature attributes (maybe not necessary, but we use it as fallback)
private org.bouncycastle.asn1.esf.SignaturePolicyIdentifier	signaturePolicyIdentifier
private java.security.cert.X509Certificate	signCert	The X.509 certificate that is used to sign the digest.
private java.util.Collection<java.security.cert.Certificate>	signCerts	All the X.509 certificates used for the main signature.
private java.util.Calendar	signDate	Holds value of property signDate.
private int	signerversion	Version of the PKCS#7 "SignerInfo" object.
private java.lang.String	signName	Holds value of property signName.
private org.bouncycastle.tsp.TimeStampToken	timeStampToken	BouncyCastle TimeStampToken.
private boolean	verified	Indicates if a signature has already been verified
private boolean	verifyResult	The result of the verification
private int	version	Version of the PKCS#7 object

Constructor Summary

Constructors

Constructor	Description
PdfPKCS7(byte[] contentsKey, byte[] certsKey, java.lang.String provider)	Use this constructor if you want to verify a signature using the sub-filter adbe.x509.rsa_sha1.
PdfPKCS7(byte[] contentsKey, PdfName filterSubtype, java.lang.String provider)	Use this constructor if you want to verify a signature.
PdfPKCS7(java.security.PrivateKey privKey, java.security.cert.Certificate[] certChain, java.lang.String hashAlgorithm, java.lang.String provider, ExternalDigest interfaceDigest, boolean hasRSAdata)	Assembles all the elements needed to create a signature, except for the data.

Method Summary

Modifier and Type	Method	Description
private org.bouncycastle.asn1.ASN1EncodableVector	buildUnauthenticatedAttributes(byte[] timeStampToken)	Added by Aiken Sam, 2006-11-15, modifed by Martin Brunecky 07/12/2007 to start with the timeStampToken (signedData 1.2.840.113549.1.7.2).
private void	findCRL(org.bouncycastle.asn1.ASN1Sequence seq)	Helper method that tries to construct the CRLs.
private void	findOcsp(org.bouncycastle.asn1.ASN1Sequence seq)	Helper method that creates the BasicOCSPResp object.
byte[]	getAuthenticatedAttributeBytes(byte[] secondDigest, byte[] ocsp, java.util.Collection<byte[]> crlBytes, MakeSignature.CryptoStandard sigtype)	When using authenticatedAttributes the authentication process is different.
private org.bouncycastle.asn1.DERSet	getAuthenticatedAttributeSet(byte[] secondDigest, byte[] ocsp, java.util.Collection<byte[]> crlBytes, MakeSignature.CryptoStandard sigtype)	This method provides that encoding and the parameters must be exactly the same as in getEncodedPKCS7(byte[]).
java.security.cert.Certificate[]	getCertificates()	Get all the X.509 certificates associated with this PKCS#7 object in no particular order.
java.util.Collection<java.security.cert.CRL>	getCRLs()	Get the X.509 certificate revocation lists associated with this PKCS#7 object
java.lang.String	getDigestAlgorithm()	Get the algorithm used to calculate the message digest, e.g.
java.lang.String	getDigestAlgorithmOid()	Getter for the ID of the digest algorithm, e.g.
java.lang.String	getDigestEncryptionAlgorithmOid()	Getter for the digest encryption algorithm
byte[]	getEncodedPKCS1()	Gets the bytes for the PKCS#1 object.
byte[]	getEncodedPKCS7()	Gets the bytes for the PKCS7SignedData object.
byte[]	getEncodedPKCS7(byte[] secondDigest)	Gets the bytes for the PKCS7SignedData object.
byte[]	getEncodedPKCS7(byte[] secondDigest, TSAClient tsaClient, byte[] ocsp, java.util.Collection<byte[]> crlBytes, MakeSignature.CryptoStandard sigtype)	Gets the bytes for the PKCS7SignedData object.
java.lang.String	getEncryptionAlgorithm()	Returns the encryption algorithm
PdfName	getFilterSubtype()	Returns the filter subtype.
java.lang.String	getHashAlgorithm()	Returns the name of the digest algorithm, e.g.
java.lang.String	getLocation()	Getter for property location.
org.bouncycastle.cert.ocsp.BasicOCSPResp	getOcsp()	Gets the OCSP basic response if there is one.
java.lang.String	getReason()	Getter for property reason.
java.security.cert.Certificate[]	getSignCertificateChain()	Get the X.509 sign certificate chain associated with this PKCS#7 object.
java.util.Calendar	getSignDate()	Getter for property signDate.
java.security.cert.X509Certificate	getSigningCertificate()	Get the X.509 certificate actually used to sign the digest.
int	getSigningInfoVersion()	Get the version of the PKCS#7 "SignerInfo" object.
java.lang.String	getSignName()	Getter for property sigName.
java.util.Calendar	getTimeStampDate()	Gets the timestamp date
org.bouncycastle.tsp.TimeStampToken	getTimeStampToken()	Gets the timestamp token if there is one.
int	getVersion()	Get the version of the PKCS#7 object.
private java.security.Signature	initSignature(java.security.PrivateKey key)
private java.security.Signature	initSignature(java.security.PublicKey key)
boolean	isRevocationValid()	Checks if OCSP revocation refers to the document signing certificate.
boolean	isTsp()	Check if it's a PAdES-LTV time stamp.
void	setExternalDigest(byte[] digest, byte[] RSAdata, java.lang.String digestEncryptionAlgorithm)	Sets the digest/signature to an external calculated value.
void	setLocation(java.lang.String location)	Setter for property location.
void	setReason(java.lang.String reason)	Setter for property reason.
void	setSignaturePolicy(SignaturePolicyInfo signaturePolicy)
void	setSignaturePolicy(org.bouncycastle.asn1.esf.SignaturePolicyIdentifier signaturePolicy)
void	setSignDate(java.util.Calendar signDate)	Setter for property signDate.
void	setSignName(java.lang.String signName)	Setter for property sigName.
private void	signCertificateChain()	Helper method that creates the collection of certificates used for the main signature based on the complete list of certificates and the sign certificate.
void	update(byte[] buf, int off, int len)	Update the digest with the specified bytes.
boolean	verify()	Verify the digest.
private boolean	verifySigAttributes(byte[] attr)
boolean	verifyTimestampImprint()	Checks if the timestamp refers to this document.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

provider

private java.lang.String provider

The encryption provider, e.g. "BC" if you use BouncyCastle.

signaturePolicyIdentifier

private org.bouncycastle.asn1.esf.SignaturePolicyIdentifier signaturePolicyIdentifier

signName

private java.lang.String signName

Holds value of property signName.

reason

private java.lang.String reason

Holds value of property reason.

location

private java.lang.String location

Holds value of property location.

signDate

private java.util.Calendar signDate

Holds value of property signDate.

version

private int version

Version of the PKCS#7 object

signerversion

private int signerversion

Version of the PKCS#7 "SignerInfo" object.

digestAlgorithmOid

private java.lang.String digestAlgorithmOid

The ID of the digest algorithm, e.g. "2.16.840.1.101.3.4.2.1".

messageDigest

private java.security.MessageDigest messageDigest

The object that will create the digest

digestalgos

private java.util.Set<java.lang.String> digestalgos

The digest algorithms

digestAttr

private byte[] digestAttr

The digest attributes

filterSubtype

private PdfName filterSubtype

digestEncryptionAlgorithmOid

private java.lang.String digestEncryptionAlgorithmOid

The encryption algorithm.

interfaceDigest

private ExternalDigest interfaceDigest

externalDigest

private byte[] externalDigest

The signed digest if created outside this class

externalRSAdata

private byte[] externalRSAdata

External RSA data

sig

private java.security.Signature sig

Class from the Java SDK that provides the functionality of a digital signature algorithm.

digest

private byte[] digest

The signed digest as calculated by this class (or extracted from an existing PDF)

RSAdata

private byte[] RSAdata

The RSA data

sigAttr

private byte[] sigAttr

Signature attributes

sigAttrDer

private byte[] sigAttrDer

Signature attributes (maybe not necessary, but we use it as fallback)

encContDigest

private java.security.MessageDigest encContDigest

encrypted digest

verified

private boolean verified

Indicates if a signature has already been verified

verifyResult

private boolean verifyResult

The result of the verification

certs

private java.util.Collection<java.security.cert.Certificate> certs

All the X.509 certificates in no particular order.

signCerts

private java.util.Collection<java.security.cert.Certificate> signCerts

All the X.509 certificates used for the main signature.

signCert

private java.security.cert.X509Certificate signCert

The X.509 certificate that is used to sign the digest.

crls

private java.util.Collection<java.security.cert.CRL> crls

basicResp

private org.bouncycastle.cert.ocsp.BasicOCSPResp basicResp

BouncyCastle BasicOCSPResp

isTsp

private boolean isTsp

True if there's a PAdES LTV time stamp.

isCades

private boolean isCades

True if it's a CAdES signature type.

timeStampToken

private org.bouncycastle.tsp.TimeStampToken timeStampToken

BouncyCastle TimeStampToken.

Constructor Detail

PdfPKCS7

public PdfPKCS7(java.security.PrivateKey privKey,
                java.security.cert.Certificate[] certChain,
                java.lang.String hashAlgorithm,
                java.lang.String provider,
                ExternalDigest interfaceDigest,
                boolean hasRSAdata)
         throws java.security.InvalidKeyException,
                java.security.NoSuchProviderException,
                java.security.NoSuchAlgorithmException

Assembles all the elements needed to create a signature, except for the data.

Parameters:

privKey - the private key

certChain - the certificate chain

interfaceDigest - the interface digest

hashAlgorithm - the hash algorithm

provider - the provider or null for the default provider

hasRSAdata - true if the sub-filter is adbe.pkcs7.sha1

Throws:

java.security.InvalidKeyException - on error

java.security.NoSuchProviderException - on error

java.security.NoSuchAlgorithmException - on error

PdfPKCS7

public PdfPKCS7(byte[] contentsKey,
                byte[] certsKey,
                java.lang.String provider)

Use this constructor if you want to verify a signature using the sub-filter adbe.x509.rsa_sha1.

Parameters:

contentsKey - the /Contents key

certsKey - the /Cert key

provider - the provider or null for the default provider

PdfPKCS7

public PdfPKCS7(byte[] contentsKey,
                PdfName filterSubtype,
                java.lang.String provider)

Use this constructor if you want to verify a signature.

Parameters:

contentsKey - the /Contents key

filterSubtype - the filtersubtype

provider - the provider or null for the default provider

Method Detail

setSignaturePolicy

public void setSignaturePolicy(SignaturePolicyInfo signaturePolicy)

setSignaturePolicy

public void setSignaturePolicy(org.bouncycastle.asn1.esf.SignaturePolicyIdentifier signaturePolicy)

getSignName

public java.lang.String getSignName()

Getter for property sigName.

Returns:

Value of property sigName.

setSignName

public void setSignName(java.lang.String signName)

Setter for property sigName.

Parameters:

signName - New value of property sigName.

getReason

public java.lang.String getReason()

Getter for property reason.

Returns:

Value of property reason.

setReason

public void setReason(java.lang.String reason)

Setter for property reason.

Parameters:

reason - New value of property reason.

getLocation

public java.lang.String getLocation()

Getter for property location.

Returns:

Value of property location.

setLocation

public void setLocation(java.lang.String location)

Setter for property location.

Parameters:

location - New value of property location.

getSignDate

public java.util.Calendar getSignDate()

Getter for property signDate.

Returns:

Value of property signDate.

setSignDate

public void setSignDate(java.util.Calendar signDate)

Setter for property signDate.

Parameters:

signDate - New value of property signDate.

getVersion

public int getVersion()

Get the version of the PKCS#7 object.

Returns:

the version of the PKCS#7 object.

getSigningInfoVersion

public int getSigningInfoVersion()

Get the version of the PKCS#7 "SignerInfo" object.

Returns:

the version of the PKCS#7 "SignerInfo" object.

getDigestAlgorithmOid

public java.lang.String getDigestAlgorithmOid()

Getter for the ID of the digest algorithm, e.g. "2.16.840.1.101.3.4.2.1"

getHashAlgorithm

public java.lang.String getHashAlgorithm()

Returns the name of the digest algorithm, e.g. "SHA256".

Returns:

the digest algorithm name, e.g. "SHA256"

getDigestEncryptionAlgorithmOid

public java.lang.String getDigestEncryptionAlgorithmOid()

Getter for the digest encryption algorithm

getDigestAlgorithm

public java.lang.String getDigestAlgorithm()

Get the algorithm used to calculate the message digest, e.g. "SHA1withRSA".

Returns:

the algorithm used to calculate the message digest

setExternalDigest

public void setExternalDigest(byte[] digest,
                              byte[] RSAdata,
                              java.lang.String digestEncryptionAlgorithm)

Sets the digest/signature to an external calculated value.

Parameters:

digest - the digest. This is the actual signature

RSAdata - the extra data that goes into the data tag in PKCS#7

digestEncryptionAlgorithm - the encryption algorithm. It may must be null if the digest is also null. If the digest is not null then it may be "RSA" or "DSA"

initSignature

private java.security.Signature initSignature(java.security.PrivateKey key)
                                       throws java.security.NoSuchAlgorithmException,
                                              java.security.NoSuchProviderException,
                                              java.security.InvalidKeyException

Throws:

java.security.NoSuchAlgorithmException

java.security.NoSuchProviderException

java.security.InvalidKeyException

initSignature

private java.security.Signature initSignature(java.security.PublicKey key)
                                       throws java.security.NoSuchAlgorithmException,
                                              java.security.NoSuchProviderException,
                                              java.security.InvalidKeyException

Throws:

java.security.NoSuchAlgorithmException

java.security.NoSuchProviderException

java.security.InvalidKeyException

update

public void update(byte[] buf,
                   int off,
                   int len)
            throws java.security.SignatureException

Update the digest with the specified bytes. This method is used both for signing and verifying

Parameters:

buf - the data buffer

off - the offset in the data buffer

len - the data length

Throws:

java.security.SignatureException - on error

getEncodedPKCS1

public byte[] getEncodedPKCS1()

Gets the bytes for the PKCS#1 object.

Returns:

a byte array

getEncodedPKCS7

public byte[] getEncodedPKCS7()

Gets the bytes for the PKCS7SignedData object.

Returns:

the bytes for the PKCS7SignedData object

getEncodedPKCS7

public byte[] getEncodedPKCS7(byte[] secondDigest)

Gets the bytes for the PKCS7SignedData object. Optionally the authenticatedAttributes in the signerInfo can also be set. If either of the parameters is null, none will be used.

Parameters:

secondDigest - the digest in the authenticatedAttributes

Returns:

the bytes for the PKCS7SignedData object

getEncodedPKCS7

public byte[] getEncodedPKCS7(byte[] secondDigest,
                              TSAClient tsaClient,
                              byte[] ocsp,
                              java.util.Collection<byte[]> crlBytes,
                              MakeSignature.CryptoStandard sigtype)

Gets the bytes for the PKCS7SignedData object. Optionally the authenticatedAttributes in the signerInfo can also be set, OR a time-stamp-authority client may be provided.

Parameters:

secondDigest - the digest in the authenticatedAttributes

tsaClient - TSAClient - null or an optional time stamp authority client

Returns:

byte[] the bytes for the PKCS7SignedData object

Since:

2.1.6

buildUnauthenticatedAttributes

private org.bouncycastle.asn1.ASN1EncodableVector buildUnauthenticatedAttributes(byte[] timeStampToken)
                                                                          throws java.io.IOException

Added by Aiken Sam, 2006-11-15, modifed by Martin Brunecky 07/12/2007 to start with the timeStampToken (signedData 1.2.840.113549.1.7.2). Token is the TSA response without response status, which is usually handled by the (vendor supplied) TSA request/response interface).

Parameters:

timeStampToken - byte[] - time stamp token, DER encoded signedData

Returns:

ASN1EncodableVector

Throws:

java.io.IOException

getAuthenticatedAttributeBytes

public byte[] getAuthenticatedAttributeBytes(byte[] secondDigest,
                                             byte[] ocsp,
                                             java.util.Collection<byte[]> crlBytes,
                                             MakeSignature.CryptoStandard sigtype)

When using authenticatedAttributes the authentication process is different. The document digest is generated and put inside the attribute. The signing is done over the DER encoded authenticatedAttributes. This method provides that encoding and the parameters must be exactly the same as in getEncodedPKCS7(byte[]).

A simple example:

 Calendar cal = Calendar.getInstance();
 PdfPKCS7 pk7 = new PdfPKCS7(key, chain, null, "SHA1", null, false);
 MessageDigest messageDigest = MessageDigest.getInstance("SHA1");
 byte buf[] = new byte[8192];
 int n;
 InputStream inp = sap.getRangeStream();
 while ((n = inp.read(buf)) > 0) {
    messageDigest.update(buf, 0, n);
 }
 byte hash[] = messageDigest.digest();
 byte sh[] = pk7.getAuthenticatedAttributeBytes(hash, cal);
 pk7.update(sh, 0, sh.length);
 byte sg[] = pk7.getEncodedPKCS7(hash, cal);
 

Parameters:

secondDigest - the content digest

Returns:

the byte array representation of the authenticatedAttributes ready to be signed

getAuthenticatedAttributeSet

private org.bouncycastle.asn1.DERSet getAuthenticatedAttributeSet(byte[] secondDigest,
                                                                  byte[] ocsp,
                                                                  java.util.Collection<byte[]> crlBytes,
                                                                  MakeSignature.CryptoStandard sigtype)

This method provides that encoding and the parameters must be exactly the same as in getEncodedPKCS7(byte[]).

Parameters:

secondDigest - the content digest

Returns:

the byte array representation of the authenticatedAttributes ready to be signed

verify

public boolean verify()
               throws java.security.GeneralSecurityException

Verify the digest.

Returns:

true if the signature checks out, false otherwise

Throws:

java.security.SignatureException - on error

java.security.GeneralSecurityException

verifySigAttributes

private boolean verifySigAttributes(byte[] attr)
                             throws java.security.GeneralSecurityException

Throws:

java.security.GeneralSecurityException

verifyTimestampImprint

public boolean verifyTimestampImprint()
                               throws java.security.GeneralSecurityException

Checks if the timestamp refers to this document.

Returns:

true if it checks false otherwise

Throws:

java.security.GeneralSecurityException - on error

Since:

2.1.6

getCertificates

public java.security.cert.Certificate[] getCertificates()

Get all the X.509 certificates associated with this PKCS#7 object in no particular order. Other certificates, from OCSP for example, will also be included.

Returns:

the X.509 certificates associated with this PKCS#7 object

getSignCertificateChain

public java.security.cert.Certificate[] getSignCertificateChain()

Get the X.509 sign certificate chain associated with this PKCS#7 object. Only the certificates used for the main signature will be returned, with the signing certificate first.

Returns:

the X.509 certificates associated with this PKCS#7 object

Since:

2.1.6

getSigningCertificate

public java.security.cert.X509Certificate getSigningCertificate()

Get the X.509 certificate actually used to sign the digest.

Returns:

the X.509 certificate actually used to sign the digest

signCertificateChain

private void signCertificateChain()

Helper method that creates the collection of certificates used for the main signature based on the complete list of certificates and the sign certificate.

getCRLs

public java.util.Collection<java.security.cert.CRL> getCRLs()

Get the X.509 certificate revocation lists associated with this PKCS#7 object

Returns:

the X.509 certificate revocation lists associated with this PKCS#7 object

findCRL

private void findCRL(org.bouncycastle.asn1.ASN1Sequence seq)

Helper method that tries to construct the CRLs.

getOcsp

public org.bouncycastle.cert.ocsp.BasicOCSPResp getOcsp()

Gets the OCSP basic response if there is one.

Returns:

the OCSP basic response or null

Since:

2.1.6

isRevocationValid

public boolean isRevocationValid()

Checks if OCSP revocation refers to the document signing certificate.

Returns:

true if it checks, false otherwise

Since:

2.1.6

findOcsp

private void findOcsp(org.bouncycastle.asn1.ASN1Sequence seq)
               throws java.io.IOException

Helper method that creates the BasicOCSPResp object.

Parameters:

seq -

Throws:

java.io.IOException

isTsp

public boolean isTsp()

Check if it's a PAdES-LTV time stamp.

Returns:

true if it's a PAdES-LTV time stamp, false otherwise

getTimeStampToken

public org.bouncycastle.tsp.TimeStampToken getTimeStampToken()

Gets the timestamp token if there is one.

Returns:

the timestamp token or null

Since:

2.1.6

getTimeStampDate

public java.util.Calendar getTimeStampDate()

Gets the timestamp date

Returns:

a date

Since:

2.1.6

getFilterSubtype

public PdfName getFilterSubtype()

Returns the filter subtype.

getEncryptionAlgorithm

public java.lang.String getEncryptionAlgorithm()

Returns the encryption algorithm

Returns:

the name of an encryption algorithm