Package org.apache.pdfbox.examples.signature

Class CreateSignatureBase

java.lang.Object

org.apache.pdfbox.examples.signature.CreateSignatureBase

All Implemented Interfaces:

SignatureInterface

Direct Known Subclasses:

CreateSignature, CreateVisibleSignature, CreateVisibleSignature2

public abstract class CreateSignatureBase
extends Object
implements SignatureInterface

Field Summary

Fields

Modifier and Type	Field	Description
private Certificate[]	certificateChain
private boolean	externalSigning
private PrivateKey	privateKey
private String	tsaUrl

Constructor Summary

Constructors

Constructor	Description
CreateSignatureBase(KeyStore keystore, char[] pin)	Initialize the signature creator with a keystore (pkcs12) and pin that should be used for the signature.

Method Summary

Modifier and Type	Method	Description
Certificate[]	getCertificateChain()
boolean	isExternalSigning()
final void	setCertificateChain(Certificate[] certificateChain)
void	setExternalSigning(boolean externalSigning)	Set if external signing scenario should be used.
final void	setPrivateKey(PrivateKey privateKey)
void	setTsaUrl(String tsaUrl)
byte[]	sign(InputStream content)	SignatureInterface sample implementation.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

privateKey

private PrivateKey privateKey

certificateChain

private Certificate[] certificateChain

tsaUrl

private String tsaUrl

externalSigning

private boolean externalSigning

Constructor Details

CreateSignatureBase

public CreateSignatureBase(KeyStore keystore,
 char[] pin)
                    throws KeyStoreException,
UnrecoverableKeyException,
NoSuchAlgorithmException,
IOException,
CertificateException

Initialize the signature creator with a keystore (pkcs12) and pin that should be used for the signature.

Parameters:

keystore - is a pkcs12 keystore.

pin - is the pin for the keystore / private key

Throws:

KeyStoreException - if the keystore has not been initialized (loaded)

NoSuchAlgorithmException - if the algorithm for recovering the key cannot be found

UnrecoverableKeyException - if the given password is wrong

CertificateException - if the certificate is not valid as signing time

IOException - if no certificate could be found

Method Details

setPrivateKey

public final void setPrivateKey(PrivateKey privateKey)

setCertificateChain

public final void setCertificateChain(Certificate[] certificateChain)

getCertificateChain

public Certificate[] getCertificateChain()

setTsaUrl

public void setTsaUrl(String tsaUrl)

sign

public byte[] sign(InputStream content)
            throws IOException

SignatureInterface sample implementation.

This method will be called from inside of the pdfbox and create the PKCS #7 signature. The given InputStream contains the bytes that are given by the byte range.

This method is for internal use only.

Use your favorite cryptographic library to implement PKCS #7 signature creation. If you want to create the hash and the signature separately (e.g. to transfer only the hash to an external application), read this answer or this answer.

Specified by:

sign in interface SignatureInterface

Parameters:

content - is the content as a (Filter)InputStream

Returns:

signature as a byte array

Throws:

IOException

setExternalSigning

public void setExternalSigning(boolean externalSigning)

Set if external signing scenario should be used. If false, SignatureInterface would be used for signing.

Default: false

Parameters:

externalSigning - true if external signing should be performed

isExternalSigning

public boolean isExternalSigning()