Java Code Examples for org.apache.pdfbox.pdmodel.PDDocument#addSignature()

The following examples show how to use org.apache.pdfbox.pdmodel.PDDocument#addSignature() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: CreateSignature.java    From testarea-pdfbox2 with Apache License 2.0 6 votes vote down vote up
/**
 * <a href="http://stackoverflow.com/questions/41767351/create-pkcs7-signature-from-file-digest">
 * Create pkcs7 signature from file digest
 * </a>
 * <p>
 * A minimal signing frame work merely requiring a {@link SignatureInterface}
 * instance.
 * </p>
 */
void sign(PDDocument document, OutputStream output, SignatureInterface signatureInterface) throws IOException
{
    PDSignature signature = new PDSignature();
    signature.setFilter(PDSignature.FILTER_ADOBE_PPKLITE);
    signature.setSubFilter(PDSignature.SUBFILTER_ADBE_PKCS7_DETACHED);
    signature.setName("Example User");
    signature.setLocation("Los Angeles, CA");
    signature.setReason("Testing");
    signature.setSignDate(Calendar.getInstance());
    document.addSignature(signature);
    ExternalSigningSupport externalSigning =
            document.saveIncrementalForExternalSigning(output);
    // invoke external signature service
    byte[] cmsSignature = signatureInterface.sign(externalSigning.getContent());
    // set signature bytes received from the service
    externalSigning.setSignature(cmsSignature);
}
 
Example 2
Source File: CreateSignature.java    From testarea-pdfbox2 with Apache License 2.0 6 votes vote down vote up
/**
 * <a href="https://stackoverflow.com/questions/52757037/how-to-generate-pkcs7-signature-from-digest">
 * How to generate PKCS#7 signature from digest?
 * </a>
 * <p>
 * Like {@link #sign(PDDocument, OutputStream, SignatureInterface)}, merely
 * the subfilter now indicates a PAdES signature, not a legacy ISO 32000-1
 * signature. The generated signature is invalid as it does not have an ESS
 * signing certificate attribute. 
 * </p>
 * @see #testSignPAdESWithSeparatedHashing()
 */
void signPAdES(PDDocument document, OutputStream output, SignatureInterface signatureInterface) throws IOException
{
    PDSignature signature = new PDSignature();
    signature.setFilter(PDSignature.FILTER_ADOBE_PPKLITE);
    signature.setSubFilter(PDSignature.SUBFILTER_ETSI_CADES_DETACHED);
    signature.setName("Example User");
    signature.setLocation("Los Angeles, CA");
    signature.setReason("Testing");
    signature.setSignDate(Calendar.getInstance());
    document.addSignature(signature);
    ExternalSigningSupport externalSigning =
            document.saveIncrementalForExternalSigning(output);
    // invoke external signature service
    byte[] cmsSignature = signatureInterface.sign(externalSigning.getContent());
    // set signature bytes received from the service
    externalSigning.setSignature(cmsSignature);
}
 
Example 3
Source File: CreateSignature.java    From testarea-pdfbox2 with Apache License 2.0 5 votes vote down vote up
/**
 * <p>
 * A minimal signing frame work merely requiring a {@link SignatureInterface}
 * instance signing an existing field.
 * </p>
 * @see #testSignWithLocking()
 */
void signExistingFieldWithLock(PDDocument document, OutputStream output, SignatureInterface signatureInterface) throws IOException
{
    PDSignatureField signatureField = document.getSignatureFields().get(0);
    PDSignature signature = new PDSignature();
    signatureField.setValue(signature);

    COSBase lock = signatureField.getCOSObject().getDictionaryObject(COS_NAME_LOCK);
    if (lock instanceof COSDictionary)
    {
        COSDictionary lockDict = (COSDictionary) lock;
        COSDictionary transformParams = new COSDictionary(lockDict);
        transformParams.setItem(COSName.TYPE, COSName.getPDFName("TransformParams"));
        transformParams.setItem(COSName.V, COSName.getPDFName("1.2"));
        transformParams.setDirect(true);
        COSDictionary sigRef = new COSDictionary();
        sigRef.setItem(COSName.TYPE, COSName.getPDFName("SigRef"));
        sigRef.setItem(COSName.getPDFName("TransformParams"), transformParams);
        sigRef.setItem(COSName.getPDFName("TransformMethod"), COSName.getPDFName("FieldMDP"));
        sigRef.setItem(COSName.getPDFName("Data"), document.getDocumentCatalog());
        sigRef.setDirect(true);
        COSArray referenceArray = new COSArray();
        referenceArray.add(sigRef);
        signature.getCOSObject().setItem(COSName.getPDFName("Reference"), referenceArray);
    }

    signature.setFilter(PDSignature.FILTER_ADOBE_PPKLITE);
    signature.setSubFilter(PDSignature.SUBFILTER_ADBE_PKCS7_DETACHED);
    signature.setName("blablabla");
    signature.setLocation("blablabla");
    signature.setReason("blablabla");
    signature.setSignDate(Calendar.getInstance());
    document.addSignature(signature);
    ExternalSigningSupport externalSigning =
            document.saveIncrementalForExternalSigning(output);
    // invoke external signature service
    byte[] cmsSignature = signatureInterface.sign(externalSigning.getContent());
    // set signature bytes received from the service
    externalSigning.setSignature(cmsSignature);
}
 
Example 4
Source File: VisibleSignature.java    From testarea-pdfbox2 with Apache License 2.0 4 votes vote down vote up
public static byte[] sign(PDDocument doc, String CERT_FILE, char[] ALIAS_PASS, String IMAGE_FILE) throws KeyStoreException, NoSuchAlgorithmException, CertificateException,
            IOException, UnrecoverableKeyException {
        System.out.println("Document pages ? " + doc.getNumberOfPages());
        KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
//        ks.load(VisibleSignature.class.getResourceAsStream(CERT_FILE), ALIAS_PASS);
        ks.load(new FileInputStream(CERT_FILE), ALIAS_PASS);
        System.out.println("KeyStore is null ? " + (ks == null));
        VisibleSignature vs = new VisibleSignature(ks, ALIAS_PASS.clone());
        InputStream is = VisibleSignature.class.getResourceAsStream(IMAGE_FILE);
        int page = 1;
        vs.setVisibleSignDesigner(doc, 0, 0, -50, is, page);
        is.close();
        vs.setVisibleSignatureProperties("Test", "Test", "Test", 0, page, true);
        PDSignature signature = new PDSignature();
        PDAcroForm acroForm = doc.getDocumentCatalog().getAcroForm();
        System.out.println("Acroform is null ? " + (acroForm == null));
        if (acroForm != null)
            System.out.println("Acroform getNeedAppearances ? " + (acroForm.getNeedAppearances()));
        if (acroForm != null && acroForm.getNeedAppearances())
            if (acroForm.getFields().isEmpty())
                acroForm.getCOSObject().removeItem(COSName.NEED_APPEARANCES);
            else
                System.out.println("/NeedAppearances is set, signature may be ignored by Adobe Reader");
        signature.setFilter(PDSignature.FILTER_ADOBE_PPKLITE);
        signature.setSubFilter(PDSignature.SUBFILTER_ADBE_PKCS7_DETACHED);
        if (vs.visibleSignatureProperties != null) {
            vs.visibleSignatureProperties.buildSignature();
            signature.setName(vs.visibleSignatureProperties.getSignerName());
            signature.setLocation(vs.visibleSignatureProperties.getSignerLocation());
            signature.setReason(vs.visibleSignatureProperties.getSignatureReason());
            System.out.println("SignerName " + vs.visibleSignatureProperties.getSignerName());
        }
        signature.setSignDate(Calendar.getInstance());
        vs.signatureOptions = new SignatureOptions();
        vs.signatureOptions.setVisualSignature(vs.visibleSignatureProperties.getVisibleSignature());
        vs.signatureOptions.setPage(vs.visibleSignatureProperties.getPage() - 1);
//        doc.addSignature(signature, vs.signatureOptions);
        // using this overload instead fixes the issue.
        doc.addSignature(signature, vs, vs.signatureOptions);
        ByteArrayOutputStream baos = new ByteArrayOutputStream();
        doc.saveIncremental(baos);
        doc.close();
        IOUtils.closeQuietly(vs.signatureOptions);
        byte[] content = baos.toByteArray();
        System.out.println("Content length: >>>>>>>>>>>>>>>>>>> " + content.length);
        return content;
    }
 
Example 5
Source File: CreateSignature.java    From testarea-pdfbox2 with Apache License 2.0 4 votes vote down vote up
/**
 * <p>
 * A minimal signing frame work merely requiring a {@link SignatureInterface}
 * instance signing an existing field and actually locking fields the transform
 * requires to be locked.
 * </p>
 * @see #signExistingFieldWithLock(PDDocument, OutputStream, SignatureInterface)
 */
void signAndLockExistingFieldWithLock(PDDocument document, OutputStream output, SignatureInterface signatureInterface) throws IOException
{
    PDSignatureField signatureField = document.getSignatureFields().get(0);
    PDSignature signature = new PDSignature();
    signatureField.setValue(signature);

    COSBase lock = signatureField.getCOSObject().getDictionaryObject(COS_NAME_LOCK);
    if (lock instanceof COSDictionary)
    {
        COSDictionary lockDict = (COSDictionary) lock;
        COSDictionary transformParams = new COSDictionary(lockDict);
        transformParams.setItem(COSName.TYPE, COSName.getPDFName("TransformParams"));
        transformParams.setItem(COSName.V, COSName.getPDFName("1.2"));
        transformParams.setDirect(true);
        COSDictionary sigRef = new COSDictionary();
        sigRef.setItem(COSName.TYPE, COSName.getPDFName("SigRef"));
        sigRef.setItem(COSName.getPDFName("TransformParams"), transformParams);
        sigRef.setItem(COSName.getPDFName("TransformMethod"), COSName.getPDFName("FieldMDP"));
        sigRef.setItem(COSName.getPDFName("Data"), document.getDocumentCatalog());
        sigRef.setDirect(true);
        COSArray referenceArray = new COSArray();
        referenceArray.add(sigRef);
        signature.getCOSObject().setItem(COSName.getPDFName("Reference"), referenceArray);

        final Predicate<PDField> shallBeLocked;
        final COSArray fields = lockDict.getCOSArray(COSName.FIELDS);
        final List<String> fieldNames = fields == null ? Collections.emptyList() :
            fields.toList().stream().filter(c -> (c instanceof COSString)).map(s -> ((COSString)s).getString()).collect(Collectors.toList());
        final COSName action = lockDict.getCOSName(COSName.getPDFName("Action"));
        if (action.equals(COSName.getPDFName("Include"))) {
            shallBeLocked = f -> fieldNames.contains(f.getFullyQualifiedName());
        } else if (action.equals(COSName.getPDFName("Exclude"))) {
            shallBeLocked = f -> !fieldNames.contains(f.getFullyQualifiedName());
        } else if (action.equals(COSName.getPDFName("All"))) {
            shallBeLocked = f -> true;
        } else { // unknown action, lock nothing
            shallBeLocked = f -> false;
        }
        lockFields(document.getDocumentCatalog().getAcroForm().getFields(), shallBeLocked);
    }

    signature.setFilter(PDSignature.FILTER_ADOBE_PPKLITE);
    signature.setSubFilter(PDSignature.SUBFILTER_ADBE_PKCS7_DETACHED);
    signature.setName("blablabla");
    signature.setLocation("blablabla");
    signature.setReason("blablabla");
    signature.setSignDate(Calendar.getInstance());
    document.addSignature(signature);
    ExternalSigningSupport externalSigning =
            document.saveIncrementalForExternalSigning(output);
    // invoke external signature service
    byte[] cmsSignature = signatureInterface.sign(externalSigning.getContent());
    // set signature bytes received from the service
    externalSigning.setSignature(cmsSignature);
}
 
Example 6
Source File: PdfBoxSignatureService.java    From dss with GNU Lesser General Public License v2.1 4 votes vote down vote up
private byte[] signDocumentAndReturnDigest(final PAdESCommonParameters parameters, final byte[] signatureBytes,
		final OutputStream fileOutputStream, final PDDocument pdDocument) {

	final MessageDigest digest = DSSUtils.getMessageDigest(parameters.getDigestAlgorithm());
	SignatureInterface signatureInterface = new SignatureInterface() {

		@Override
		public byte[] sign(InputStream content) throws IOException {

			byte[] b = new byte[4096];
			int count;
			while ((count = content.read(b)) > 0) {
				digest.update(b, 0, count);
			}
			return signatureBytes;
		}
	};

	final PDSignature pdSignature = createSignatureDictionary(parameters, pdDocument);
	try (SignatureOptions options = new SignatureOptions()) {
		options.setPreferredSignatureSize(parameters.getContentSize());

		SignatureImageParameters imageParameters = parameters.getImageParameters();
		if (imageParameters != null && signatureDrawerFactory != null) {
			PdfBoxSignatureDrawer signatureDrawer = (PdfBoxSignatureDrawer) signatureDrawerFactory
					.getSignatureDrawer(imageParameters);
			signatureDrawer.init(imageParameters, pdDocument, options);
			signatureDrawer.draw();
		}

		pdDocument.addSignature(pdSignature, signatureInterface, options);

		// the document needs to have an ID, if not the current system time is used, 
		// and then the digest of the signed data will be different
		if (pdDocument.getDocumentId() == null) {
			pdDocument.setDocumentId(parameters.getSigningDate().getTime());
		}
		checkEncryptedAndSaveIncrementally(pdDocument, fileOutputStream, parameters);

		return digest.digest();
	} catch (IOException e) {
		throw new DSSException(e);
	}
}