Examples with CreateSignature org.apache.pdfbox.examples.signature.CreateSignature used on opensource projects

Example 1 with CreateSignature

use of org.apache.pdfbox.examples.signature.CreateSignature in project pdfbox by apache.

the class TestCreateSignature method testDetachedSHA256.

/**
 * Signs a PDF using the "adbe.pkcs7.detached" SubFilter with the SHA-256 digest.
 *
 * @throws IOException
 * @throws GeneralSecurityException
 * @throws CMSException
 * @throws OperatorCreationException
 */
@Test
public void testDetachedSHA256() throws IOException, CMSException, OperatorCreationException, GeneralSecurityException {
    // load the keystore
    KeyStore keystore = KeyStore.getInstance("PKCS12");
    keystore.load(new FileInputStream(keystorePath), password.toCharArray());
    // sign PDF
    CreateSignature signing = new CreateSignature(keystore, password.toCharArray());
    signing.setExternalSigning(externallySign);
    final String fileName = getOutputFileName("signed{0}.pdf");
    signing.signDetached(new File(inDir + "sign_me.pdf"), new File(outDir + fileName));
    checkSignature(new File(outDir + fileName));
}

Example 2 with CreateSignature

use of org.apache.pdfbox.examples.signature.CreateSignature in project pdfbox by apache.

the class TestCreateSignature method testPDFBox3978.

/**
 * Test when visually signing externally on an existing signature field on a file which has
 * been signed before.
 *
 * @throws IOException
 * @throws NoSuchAlgorithmException
 * @throws KeyStoreException
 * @throws CertificateException
 * @throws UnrecoverableKeyException
 * @throws CMSException
 * @throws OperatorCreationException
 * @throws GeneralSecurityException
 */
@Test
public void testPDFBox3978() throws IOException, NoSuchAlgorithmException, KeyStoreException, CertificateException, UnrecoverableKeyException, CMSException, OperatorCreationException, GeneralSecurityException {
    String filename = outDir + "EmptySignatureForm.pdf";
    String filenameSigned1 = outDir + "EmptySignatureForm-signed1.pdf";
    String filenameSigned2 = outDir + "EmptySignatureForm-signed2.pdf";
    if (!externallySign) {
        return;
    }
    // load the keystore
    KeyStore keystore = KeyStore.getInstance("PKCS12");
    keystore.load(new FileInputStream(keystorePath), password.toCharArray());
    // create file with empty signature
    CreateEmptySignatureForm.main(new String[] { filename });
    // sign PDF
    CreateSignature signing1 = new CreateSignature(keystore, password.toCharArray());
    signing1.setExternalSigning(false);
    signing1.signDetached(new File(filename), new File(filenameSigned1));
    checkSignature(new File(filenameSigned1));
    try (PDDocument doc1 = PDDocument.load(new File(filenameSigned1))) {
        List<PDSignature> signatureDictionaries = doc1.getSignatureDictionaries();
        Assert.assertEquals(1, signatureDictionaries.size());
    }
    // do visual signing in the field
    try (FileInputStream fis = new FileInputStream(jpegPath)) {
        CreateVisibleSignature signing2 = new CreateVisibleSignature(keystore, password.toCharArray());
        signing2.setVisibleSignDesigner(filenameSigned1, 0, 0, -50, fis, 1);
        signing2.setVisibleSignatureProperties("name", "location", "Security", 0, 1, true);
        signing2.setExternalSigning(externallySign);
        signing2.signPDF(new File(filenameSigned1), new File(filenameSigned2), null, "Signature1");
    }
    checkSignature(new File(filenameSigned2));
    try (PDDocument doc2 = PDDocument.load(new File(filenameSigned2))) {
        List<PDSignature> signatureDictionaries = doc2.getSignatureDictionaries();
        Assert.assertEquals(2, signatureDictionaries.size());
    }
}

Example 3 with CreateSignature

use of org.apache.pdfbox.examples.signature.CreateSignature in project pdfbox by apache.

the class TestCreateSignature method testDetachedSHA256WithTSA.

/**
 * Signs a PDF using the "adbe.pkcs7.detached" SubFilter with the SHA-256 digest and a signed
 * timestamp from a Time Stamping Authority (TSA) server.
 *
 * This is not a complete test because we don't have the ability to return a valid response, so
 * we return a cached response which is well-formed, but does not match the timestamp or nonce
 * in the request. This allows us to test the basic TSA mechanism and test the nonce, which is a
 * good start.
 *
 * @throws IOException
 * @throws GeneralSecurityException
 * @throws CMSException
 * @throws OperatorCreationException
 */
@Test
public void testDetachedSHA256WithTSA() throws IOException, CMSException, OperatorCreationException, GeneralSecurityException {
    byte[] content;
    // mock TSA response content
    try (InputStream input = new FileInputStream(inDir + "tsa_response.asn1")) {
        content = IOUtils.toByteArray(input);
    }
    // mock TSA server (RFC 3161)
    MockHttpServer mockServer = new MockHttpServer(15371);
    mockServer.startServer();
    String tsaUrl = "http://localhost:" + mockServer.getServerPort() + "/";
    MockHttpServer.MockHttpServerResponse response = new MockHttpServer.MockHttpServerResponse();
    response.setMockResponseContent(content);
    response.setMockResponseContentType("application/timestamp-reply");
    response.setMockResponseCode(200);
    mockServer.setMockHttpServerResponses(response);
    // load the keystore
    KeyStore keystore = KeyStore.getInstance("PKCS12");
    keystore.load(new FileInputStream(keystorePath), password.toCharArray());
    // sign PDF (will fail due to nonce and timestamp differing)
    try {
        String inPath = inDir + "sign_me_tsa.pdf";
        String outPath = outDir + getOutputFileName("signed{0}_tsa.pdf");
        CreateSignature signing = new CreateSignature(keystore, password.toCharArray());
        signing.setExternalSigning(externallySign);
        signing.signDetached(new File(inPath), new File(outPath), tsaUrl);
    } catch (IOException e) {
        Assert.assertTrue(e.getCause() instanceof TSPValidationException);
    }
// TODO verify the signed PDF file
// TODO create a file signed with TSA
}