Package org.apache.pdfbox.examples.signature

Class ShowSignature

  • public final class ShowSignature
extends java.lang.Object
    This will get the signature(s) from the document, do some verifications and show the signature(s) and the certificates. This is a complex topic - the code here is an example and not a production-ready solution.

    • Field Summary

      Fields 
      Modifier and Type Field Description
      private static org.apache.commons.logging.Log LOG  
      private java.text.SimpleDateFormat sdf  

    • Constructor Summary

      Constructors 
      Modifier Constructor Description
      private ShowSignature()  

    • Method Summary

      All Methods Static Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      private void analyseDSS​(PDDocument document)
      Analyzes the DSS-Dictionary (Document Security Store) of the document.
      private void checkContentValueWithFile​(java.io.File file, int[] byteRange, byte[] contents)  
      private java.util.Set<java.security.cert.X509Certificate> getRootCertificates()  
      static void main​(java.lang.String[] args)
      This is the entry point for the application.
      private void printStreamsFromArray​(COSArray elements, java.lang.String description)
      Go through the elements of a COSArray containing each an COSStream to print in Hex.
      private void showSignature​(java.lang.String[] args)  
      private static void usage()
      This will print a usage message.
      private void verifyETSIdotRFC3161​(java.io.InputStream signedContentAsStream, byte[] contents)
      Verify ETSI.RFC3161 TimeStampToken
      private void verifyPKCS7​(java.io.InputStream signedContentAsStream, byte[] contents, PDSignature sig)
      Verify a PKCS7 signature.

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Field Detail

      • LOG

        private static final org.apache.commons.logging.Log LOG

      • sdf

        private final java.text.SimpleDateFormat sdf

    • Constructor Detail

      • ShowSignature

        private ShowSignature()

    • Method Detail

      • main

        public static void main​(java.lang.String[] args)
                 throws java.io.IOException,
                        org.bouncycastle.tsp.TSPException,
                        CertificateVerificationException,
                        java.security.GeneralSecurityException
        This is the entry point for the application.
        Parameters:
        args - The command-line arguments.
        Throws:
        java.io.IOException - If there is an error reading the file.
        org.bouncycastle.tsp.TSPException
        CertificateVerificationException
        java.security.GeneralSecurityException

      • showSignature

        private void showSignature​(java.lang.String[] args)
                    throws java.io.IOException,
                           java.security.GeneralSecurityException,
                           org.bouncycastle.tsp.TSPException,
                           CertificateVerificationException
        Throws:
        java.io.IOException
        java.security.GeneralSecurityException
        org.bouncycastle.tsp.TSPException
        CertificateVerificationException

      • checkContentValueWithFile

        private void checkContentValueWithFile​(java.io.File file,
                                       int[] byteRange,
                                       byte[] contents)
                                throws java.io.IOException
        Throws:
        java.io.IOException

      • verifyETSIdotRFC3161

        private void verifyETSIdotRFC3161​(java.io.InputStream signedContentAsStream,
                                  byte[] contents)
                           throws org.bouncycastle.cms.CMSException,
                                  java.security.NoSuchAlgorithmException,
                                  java.io.IOException,
                                  org.bouncycastle.tsp.TSPException,
                                  org.bouncycastle.operator.OperatorCreationException,
                                  CertificateVerificationException,
                                  java.security.cert.CertificateException
        Verify ETSI.RFC3161 TimeStampToken
        Parameters:
        signedContentAsStream - the byte sequence that has been signed
        contents - the /Contents field as a COSString
        Throws:
        org.bouncycastle.cms.CMSException
        java.security.NoSuchAlgorithmException
        java.io.IOException
        org.bouncycastle.tsp.TSPException
        org.bouncycastle.operator.OperatorCreationException
        CertificateVerificationException
        java.security.cert.CertificateException

      • verifyPKCS7

        private void verifyPKCS7​(java.io.InputStream signedContentAsStream,
                         byte[] contents,
                         PDSignature sig)
                  throws org.bouncycastle.cms.CMSException,
                         org.bouncycastle.operator.OperatorCreationException,
                         CertificateVerificationException,
                         java.security.GeneralSecurityException,
                         org.bouncycastle.tsp.TSPException,
                         java.io.IOException
        Verify a PKCS7 signature.
        Parameters:
        signedContentAsStream - the byte sequence that has been signed
        contents - the /Contents field as a COSString
        sig - the PDF signature (the /V dictionary)
        Throws:
        org.bouncycastle.cms.CMSException
        org.bouncycastle.operator.OperatorCreationException
        java.security.GeneralSecurityException
        CertificateVerificationException
        org.bouncycastle.tsp.TSPException
        java.io.IOException

      • getRootCertificates

        private java.util.Set<java.security.cert.X509Certificate> getRootCertificates()
                                                                       throws java.security.GeneralSecurityException,
                                                                              java.io.IOException
        Throws:
        java.security.GeneralSecurityException
        java.io.IOException

      • analyseDSS

        private void analyseDSS​(PDDocument document)
                 throws java.io.IOException
        Analyzes the DSS-Dictionary (Document Security Store) of the document. Which is used for signature validation. The DSS is defined in PAdES Part 4 - Long Term Validation.
        Parameters:
        document - PDDocument, to get the DSS from
        Throws:
        java.io.IOException

      • printStreamsFromArray

        private void printStreamsFromArray​(COSArray elements,
                                   java.lang.String description)
                            throws java.io.IOException
        Go through the elements of a COSArray containing each an COSStream to print in Hex.
        Parameters:
        elements - COSArray of elements containing a COS Stream
        description - to append on Print
        Throws:
        java.io.IOException

      • usage

        private static void usage()
        This will print a usage message.