Class CreateEmbeddedTimeStamp
java.lang.Object
org.apache.pdfbox.examples.signature.CreateEmbeddedTimeStamp
An example for timestamp-signing a PDF for PADeS-Specification. The document will only be changed
in its existing signature by a signed timestamp (A timestamp and the Hash-Value of the document
are signed by a Time Stamp Authority (TSA)).
This method only changes the unsigned parameters of a signature, so that it is kept valid.
Use case: sign offline to avoid zero-day attacks against the signing machine. Once the signature
is there and the pdf is transferred to a network connected machine, one is likely to want to add
a timestamp. (Ralf Hauser)
-
Field Summary
FieldsModifier and TypeFieldDescriptionprivate byte[]private PDDocumentprivate PDSignatureprivate final String -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionprivate voidembedNewSignatureIntoDocument(byte[] docBytes, OutputStream output) Embeds the new signature into the document, by copying the rest of the documentvoidembedTimeStamp(File file) Embeds the given PDF file with signed timestamp(s).voidembedTimeStamp(File inFile, File outFile) Embeds signed timestamp(s) into existing signatures of the given documentstatic voidprivate voidprocessRelevantSignatures(byte[] documentBytes) Create changed Signature with embedded TimeStamp from TSAprivate voidprocessTimeStamping(File inFile, File outFile) Processes the time-stamping of the signature.private static voidusage()
-
Field Details
-
tsaUrl
-
document
-
signature
-
changedEncodedSignature
private byte[] changedEncodedSignature
-
-
Constructor Details
-
CreateEmbeddedTimeStamp
-
-
Method Details
-
embedTimeStamp
Embeds the given PDF file with signed timestamp(s). Alters the original file on disk.- Parameters:
file- the PDF file to sign and to overwrite- Throws:
IOExceptionURISyntaxException
-
embedTimeStamp
Embeds signed timestamp(s) into existing signatures of the given document- Parameters:
inFile- The pdf file possibly containing signaturesoutFile- Where the changed document will be saved- Throws:
IOExceptionURISyntaxException
-
processTimeStamping
Processes the time-stamping of the signature.- Parameters:
inFile- The existing PDF fileoutFile- Where the new file will be written to- Throws:
IOExceptionURISyntaxException
-
processRelevantSignatures
private void processRelevantSignatures(byte[] documentBytes) throws IOException, org.bouncycastle.cms.CMSException, NoSuchAlgorithmException, URISyntaxException Create changed Signature with embedded TimeStamp from TSA- Parameters:
documentBytes- byte[] of the input file- Throws:
IOExceptionorg.bouncycastle.cms.CMSExceptionNoSuchAlgorithmExceptionURISyntaxException
-
embedNewSignatureIntoDocument
Embeds the new signature into the document, by copying the rest of the document- Parameters:
docBytes- byte array of the documentoutput- target, where the file will be written- Throws:
IOException
-
main
- Throws:
IOExceptionURISyntaxException
-
usage
private static void usage()
-