Example 1 with PrivateKeySignature
use of com.itextpdf.text.pdf.security.PrivateKeySignature in project commons by mosip.
the class PDFGeneratorImpl method signAndEncryptPDF.
@Override
public OutputStream signAndEncryptPDF(byte[] pdf, io.mosip.kernel.core.pdfgenerator.model.Rectangle rectangle, String reason, int pageNumber, Provider provider, CertificateEntry<X509Certificate, PrivateKey> certificateEntry, String password) throws IOException, GeneralSecurityException {
OutputStream outputStream = new ByteArrayOutputStream();
PdfReader pdfReader = null;
PdfStamper pdfStamper = null;
try {
pdfReader = new PdfReader(pdf);
pdfStamper = PdfStamper.createSignature(pdfReader, outputStream, '\0');
LOGGER.debug("certificate entry {}", certificateEntry);
LOGGER.info("provider {}", provider);
if (password != null && !password.trim().isEmpty()) {
pdfStamper.setEncryption(password.getBytes(), pdfOwnerPassword.getBytes(), com.itextpdf.text.pdf.PdfWriter.ALLOW_PRINTING, com.itextpdf.text.pdf.PdfWriter.ENCRYPTION_AES_256);
}
PdfSignatureAppearance signAppearance = pdfStamper.getSignatureAppearance();
signAppearance.setReason(reason);
// comment next line to have an invisible signature
signAppearance.setVisibleSignature(new Rectangle(rectangle.getLlx(), rectangle.getLly(), rectangle.getUrx(), rectangle.getUry()), pageNumber, null);
OcspClient ocspClient = new OcspClientBouncyCastle(null);
TSAClient tsaClient = null;
for (X509Certificate certificate : certificateEntry.getChain()) {
String tsaUrl = CertificateUtil.getTSAURL(certificate);
if (tsaUrl != null) {
tsaClient = new TSAClientBouncyCastle(tsaUrl);
break;
}
signAppearance.setCertificate(certificate);
}
List<CrlClient> crlList = new ArrayList<>();
crlList.add(new CrlClientOnline(certificateEntry.getChain()));
ExternalSignature pks = new PrivateKeySignature(certificateEntry.getPrivateKey(), SHA256, provider.getName());
ExternalDigest digest = new BouncyCastleDigest();
// Sign the document using the detached mode, CMS or CAdES equivalent.
MakeSignature.signDetached(signAppearance, digest, pks, certificateEntry.getChain(), crlList, ocspClient, tsaClient, 0, CryptoStandard.CMS);
} catch (DocumentException e) {
LOGGER.error("Document Exception occur {}", e.getCause());
throw new PDFGeneratorException(PDFGeneratorExceptionCodeConstant.PDF_EXCEPTION.getErrorCode(), e.getMessage(), e);
} finally {
outputStream.close();
if (pdfStamper != null) {
closeQuietly(pdfStamper);
}
if (pdfReader != null) {
pdfReader.close();
}
}
return outputStream;
}
Also used :
PrivateKeySignature(com.itextpdf.text.pdf.security.PrivateKeySignature)
OcspClient(com.itextpdf.text.pdf.security.OcspClient)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
OutputStream(java.io.OutputStream)
Rectangle(com.itextpdf.text.Rectangle)
ArrayList(java.util.ArrayList)
CrlClientOnline(com.itextpdf.text.pdf.security.CrlClientOnline)
PdfSignatureAppearance(com.itextpdf.text.pdf.PdfSignatureAppearance)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
PdfReader(com.itextpdf.text.pdf.PdfReader)
TSAClientBouncyCastle(com.itextpdf.text.pdf.security.TSAClientBouncyCastle)
X509Certificate(java.security.cert.X509Certificate)
PDFGeneratorException(io.mosip.kernel.core.pdfgenerator.exception.PDFGeneratorException)
TSAClient(com.itextpdf.text.pdf.security.TSAClient)
CrlClient(com.itextpdf.text.pdf.security.CrlClient)
ExternalDigest(com.itextpdf.text.pdf.security.ExternalDigest)
PdfStamper(com.itextpdf.text.pdf.PdfStamper)
DocumentException(com.itextpdf.text.DocumentException)
OcspClientBouncyCastle(com.itextpdf.text.pdf.security.OcspClientBouncyCastle)
ExternalSignature(com.itextpdf.text.pdf.security.ExternalSignature)
BouncyCastleDigest(com.itextpdf.text.pdf.security.BouncyCastleDigest)
Aggregations
DocumentException (com.itextpdf.text.DocumentException)1
Rectangle (com.itextpdf.text.Rectangle)1
PdfReader (com.itextpdf.text.pdf.PdfReader)1
PdfSignatureAppearance (com.itextpdf.text.pdf.PdfSignatureAppearance)1
PdfStamper (com.itextpdf.text.pdf.PdfStamper)1
BouncyCastleDigest (com.itextpdf.text.pdf.security.BouncyCastleDigest)1
CrlClient (com.itextpdf.text.pdf.security.CrlClient)1
CrlClientOnline (com.itextpdf.text.pdf.security.CrlClientOnline)1
ExternalDigest (com.itextpdf.text.pdf.security.ExternalDigest)1
ExternalSignature (com.itextpdf.text.pdf.security.ExternalSignature)1
OcspClient (com.itextpdf.text.pdf.security.OcspClient)1
OcspClientBouncyCastle (com.itextpdf.text.pdf.security.OcspClientBouncyCastle)1
PrivateKeySignature (com.itextpdf.text.pdf.security.PrivateKeySignature)1
TSAClient (com.itextpdf.text.pdf.security.TSAClient)1
TSAClientBouncyCastle (com.itextpdf.text.pdf.security.TSAClientBouncyCastle)1
PDFGeneratorException (io.mosip.kernel.core.pdfgenerator.exception.PDFGeneratorException)1
ByteArrayOutputStream (java.io.ByteArrayOutputStream)1
OutputStream (java.io.OutputStream)1
X509Certificate (java.security.cert.X509Certificate)1
ArrayList (java.util.ArrayList)1
