Class MakeSignature


  • public class MakeSignature
    extends java.lang.Object
    Class that signs your PDF.
    • Field Detail

      • LOGGER

        private static final Logger LOGGER
        The Logger instance.
    • Constructor Detail

      • MakeSignature

        public MakeSignature()
    • Method Detail

      • signDetached

        public static void signDetached​(PdfSignatureAppearance sap,
                                        ExternalDigest externalDigest,
                                        ExternalSignature externalSignature,
                                        java.security.cert.Certificate[] chain,
                                        java.util.Collection<CrlClient> crlList,
                                        OcspClient ocspClient,
                                        TSAClient tsaClient,
                                        int estimatedSize,
                                        MakeSignature.CryptoStandard sigtype)
                                 throws java.io.IOException,
                                        DocumentException,
                                        java.security.GeneralSecurityException
        Signs the document using the detached mode, CMS or CAdES equivalent.
        Parameters:
        sap - the PdfSignatureAppearance
        externalSignature - the interface providing the actual signing
        chain - the certificate chain
        crlList - the CRL list
        ocspClient - the OCSP client
        tsaClient - the Timestamp client
        externalDigest - an implementation that provides the digest
        estimatedSize - the reserved size for the signature. It will be estimated if 0
        sigtype - Either Signature.CMS or Signature.CADES
        Throws:
        DocumentException
        java.io.IOException
        java.security.GeneralSecurityException
        java.security.NoSuchAlgorithmException
        java.lang.Exception
      • signDetached

        public static void signDetached​(PdfSignatureAppearance sap,
                                        ExternalDigest externalDigest,
                                        ExternalSignature externalSignature,
                                        java.security.cert.Certificate[] chain,
                                        java.util.Collection<CrlClient> crlList,
                                        OcspClient ocspClient,
                                        TSAClient tsaClient,
                                        int estimatedSize,
                                        MakeSignature.CryptoStandard sigtype,
                                        SignaturePolicyInfo signaturePolicy)
                                 throws java.io.IOException,
                                        DocumentException,
                                        java.security.GeneralSecurityException
        Signs the document using the detached mode, CMS or CAdES equivalent.
        Parameters:
        sap - the PdfSignatureAppearance
        externalSignature - the interface providing the actual signing
        chain - the certificate chain
        crlList - the CRL list
        ocspClient - the OCSP client
        tsaClient - the Timestamp client
        externalDigest - an implementation that provides the digest
        estimatedSize - the reserved size for the signature. It will be estimated if 0
        sigtype - Either Signature.CMS or Signature.CADES
        signaturePolicy - the signature policy (for EPES signatures)
        Throws:
        DocumentException
        java.io.IOException
        java.security.GeneralSecurityException
        java.security.NoSuchAlgorithmException
        java.lang.Exception
      • signDetached

        public static void signDetached​(PdfSignatureAppearance sap,
                                        ExternalDigest externalDigest,
                                        ExternalSignature externalSignature,
                                        java.security.cert.Certificate[] chain,
                                        java.util.Collection<CrlClient> crlList,
                                        OcspClient ocspClient,
                                        TSAClient tsaClient,
                                        int estimatedSize,
                                        MakeSignature.CryptoStandard sigtype,
                                        org.bouncycastle.asn1.esf.SignaturePolicyIdentifier signaturePolicy)
                                 throws java.io.IOException,
                                        DocumentException,
                                        java.security.GeneralSecurityException
        Signs the document using the detached mode, CMS or CAdES equivalent.
        Parameters:
        sap - the PdfSignatureAppearance
        externalSignature - the interface providing the actual signing
        chain - the certificate chain
        crlList - the CRL list
        ocspClient - the OCSP client
        tsaClient - the Timestamp client
        externalDigest - an implementation that provides the digest
        estimatedSize - the reserved size for the signature. It will be estimated if 0
        sigtype - Either Signature.CMS or Signature.CADES
        signaturePolicy - the signature policy (for EPES signatures)
        Throws:
        DocumentException
        java.io.IOException
        java.security.GeneralSecurityException
        java.security.NoSuchAlgorithmException
        java.lang.Exception
      • processCrl

        public static java.util.Collection<byte[]> processCrl​(java.security.cert.Certificate cert,
                                                              java.util.Collection<CrlClient> crlList)
        Processes a CRL list.
        Parameters:
        cert - a Certificate if one of the CrlList implementations needs to retrieve the CRL URL from it.
        crlList - a list of CrlClient implementations
        Returns:
        a collection of CRL bytes that can be embedded in a PDF.
      • signExternalContainer

        public static void signExternalContainer​(PdfSignatureAppearance sap,
                                                 ExternalSignatureContainer externalSignatureContainer,
                                                 int estimatedSize)
                                          throws java.security.GeneralSecurityException,
                                                 java.io.IOException,
                                                 DocumentException
        Sign the document using an external container, usually a PKCS7. The signature is fully composed externally, iText will just put the container inside the document.
        Parameters:
        sap - the PdfSignatureAppearance
        externalSignatureContainer - the interface providing the actual signing
        estimatedSize - the reserved size for the signature
        Throws:
        java.security.GeneralSecurityException
        java.io.IOException
        DocumentException
      • signDeferred

        public static void signDeferred​(PdfReader reader,
                                        java.lang.String fieldName,
                                        java.io.OutputStream outs,
                                        ExternalSignatureContainer externalSignatureContainer)
                                 throws DocumentException,
                                        java.io.IOException,
                                        java.security.GeneralSecurityException
        Signs a PDF where space was already reserved.
        Parameters:
        reader - the original PDF
        fieldName - the field to sign. It must be the last field
        outs - the output PDF
        externalSignatureContainer - the signature container doing the actual signing. Only the method ExternalSignatureContainer.sign is used
        Throws:
        DocumentException
        java.io.IOException
        java.security.GeneralSecurityException