Package com.itextpdf.text.pdf.security
Class MakeSignature
- java.lang.Object
-
- com.itextpdf.text.pdf.security.MakeSignature
-
public class MakeSignature extends java.lang.Object
Class that signs your PDF.
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static class
MakeSignature.CryptoStandard
-
Constructor Summary
Constructors Constructor Description MakeSignature()
-
Method Summary
All Methods Static Methods Concrete Methods Modifier and Type Method Description static java.util.Collection<byte[]>
processCrl(java.security.cert.Certificate cert, java.util.Collection<CrlClient> crlList)
Processes a CRL list.static void
signDeferred(PdfReader reader, java.lang.String fieldName, java.io.OutputStream outs, ExternalSignatureContainer externalSignatureContainer)
Signs a PDF where space was already reserved.static void
signDetached(PdfSignatureAppearance sap, ExternalDigest externalDigest, ExternalSignature externalSignature, java.security.cert.Certificate[] chain, java.util.Collection<CrlClient> crlList, OcspClient ocspClient, TSAClient tsaClient, int estimatedSize, MakeSignature.CryptoStandard sigtype)
Signs the document using the detached mode, CMS or CAdES equivalent.static void
signDetached(PdfSignatureAppearance sap, ExternalDigest externalDigest, ExternalSignature externalSignature, java.security.cert.Certificate[] chain, java.util.Collection<CrlClient> crlList, OcspClient ocspClient, TSAClient tsaClient, int estimatedSize, MakeSignature.CryptoStandard sigtype, SignaturePolicyInfo signaturePolicy)
Signs the document using the detached mode, CMS or CAdES equivalent.static void
signDetached(PdfSignatureAppearance sap, ExternalDigest externalDigest, ExternalSignature externalSignature, java.security.cert.Certificate[] chain, java.util.Collection<CrlClient> crlList, OcspClient ocspClient, TSAClient tsaClient, int estimatedSize, MakeSignature.CryptoStandard sigtype, org.bouncycastle.asn1.esf.SignaturePolicyIdentifier signaturePolicy)
Signs the document using the detached mode, CMS or CAdES equivalent.static void
signExternalContainer(PdfSignatureAppearance sap, ExternalSignatureContainer externalSignatureContainer, int estimatedSize)
Sign the document using an external container, usually a PKCS7.
-
-
-
Field Detail
-
LOGGER
private static final Logger LOGGER
The Logger instance.
-
-
Method Detail
-
signDetached
public static void signDetached(PdfSignatureAppearance sap, ExternalDigest externalDigest, ExternalSignature externalSignature, java.security.cert.Certificate[] chain, java.util.Collection<CrlClient> crlList, OcspClient ocspClient, TSAClient tsaClient, int estimatedSize, MakeSignature.CryptoStandard sigtype) throws java.io.IOException, DocumentException, java.security.GeneralSecurityException
Signs the document using the detached mode, CMS or CAdES equivalent.- Parameters:
sap
- the PdfSignatureAppearanceexternalSignature
- the interface providing the actual signingchain
- the certificate chaincrlList
- the CRL listocspClient
- the OCSP clienttsaClient
- the Timestamp clientexternalDigest
- an implementation that provides the digestestimatedSize
- the reserved size for the signature. It will be estimated if 0sigtype
- Either Signature.CMS or Signature.CADES- Throws:
DocumentException
java.io.IOException
java.security.GeneralSecurityException
java.security.NoSuchAlgorithmException
java.lang.Exception
-
signDetached
public static void signDetached(PdfSignatureAppearance sap, ExternalDigest externalDigest, ExternalSignature externalSignature, java.security.cert.Certificate[] chain, java.util.Collection<CrlClient> crlList, OcspClient ocspClient, TSAClient tsaClient, int estimatedSize, MakeSignature.CryptoStandard sigtype, SignaturePolicyInfo signaturePolicy) throws java.io.IOException, DocumentException, java.security.GeneralSecurityException
Signs the document using the detached mode, CMS or CAdES equivalent.- Parameters:
sap
- the PdfSignatureAppearanceexternalSignature
- the interface providing the actual signingchain
- the certificate chaincrlList
- the CRL listocspClient
- the OCSP clienttsaClient
- the Timestamp clientexternalDigest
- an implementation that provides the digestestimatedSize
- the reserved size for the signature. It will be estimated if 0sigtype
- Either Signature.CMS or Signature.CADESsignaturePolicy
- the signature policy (for EPES signatures)- Throws:
DocumentException
java.io.IOException
java.security.GeneralSecurityException
java.security.NoSuchAlgorithmException
java.lang.Exception
-
signDetached
public static void signDetached(PdfSignatureAppearance sap, ExternalDigest externalDigest, ExternalSignature externalSignature, java.security.cert.Certificate[] chain, java.util.Collection<CrlClient> crlList, OcspClient ocspClient, TSAClient tsaClient, int estimatedSize, MakeSignature.CryptoStandard sigtype, org.bouncycastle.asn1.esf.SignaturePolicyIdentifier signaturePolicy) throws java.io.IOException, DocumentException, java.security.GeneralSecurityException
Signs the document using the detached mode, CMS or CAdES equivalent.- Parameters:
sap
- the PdfSignatureAppearanceexternalSignature
- the interface providing the actual signingchain
- the certificate chaincrlList
- the CRL listocspClient
- the OCSP clienttsaClient
- the Timestamp clientexternalDigest
- an implementation that provides the digestestimatedSize
- the reserved size for the signature. It will be estimated if 0sigtype
- Either Signature.CMS or Signature.CADESsignaturePolicy
- the signature policy (for EPES signatures)- Throws:
DocumentException
java.io.IOException
java.security.GeneralSecurityException
java.security.NoSuchAlgorithmException
java.lang.Exception
-
processCrl
public static java.util.Collection<byte[]> processCrl(java.security.cert.Certificate cert, java.util.Collection<CrlClient> crlList)
Processes a CRL list.- Parameters:
cert
- a Certificate if one of the CrlList implementations needs to retrieve the CRL URL from it.crlList
- a list of CrlClient implementations- Returns:
- a collection of CRL bytes that can be embedded in a PDF.
-
signExternalContainer
public static void signExternalContainer(PdfSignatureAppearance sap, ExternalSignatureContainer externalSignatureContainer, int estimatedSize) throws java.security.GeneralSecurityException, java.io.IOException, DocumentException
Sign the document using an external container, usually a PKCS7. The signature is fully composed externally, iText will just put the container inside the document.- Parameters:
sap
- the PdfSignatureAppearanceexternalSignatureContainer
- the interface providing the actual signingestimatedSize
- the reserved size for the signature- Throws:
java.security.GeneralSecurityException
java.io.IOException
DocumentException
-
signDeferred
public static void signDeferred(PdfReader reader, java.lang.String fieldName, java.io.OutputStream outs, ExternalSignatureContainer externalSignatureContainer) throws DocumentException, java.io.IOException, java.security.GeneralSecurityException
Signs a PDF where space was already reserved.- Parameters:
reader
- the original PDFfieldName
- the field to sign. It must be the last fieldouts
- the output PDFexternalSignatureContainer
- the signature container doing the actual signing. Only the method ExternalSignatureContainer.sign is used- Throws:
DocumentException
java.io.IOException
java.security.GeneralSecurityException
-
-