itext.sign This class allows you to sign with either an RSACryptoServiceProvider/DSACryptoServiceProvider from a X509Certificate2, or from manually created RSACryptoServiceProvider/DSACryptoServiceProvider. Depending on the certificate's CSP, sometimes you will not be able to sign with SHA-256/SHA-512 hash algorithm with RSACryptoServiceProvider taken directly from the certificate. This class allows you to use a workaround in this case and sign with certificate's private key and SHA-256/SHA-512 anyway. An example of a workaround for CSP that does not support SHA-256/SHA-512: if (certificate.PrivateKey is RSACryptoServiceProvider) { RSACryptoServiceProvider rsa = (RSACryptoServiceProvider)certificate.PrivateKey; // Modified by J. Arturo // Workaround for SHA-256 and SHA-512 if (rsa.CspKeyContainerInfo.ProviderName == "Microsoft Strong Cryptographic Provider" || rsa.CspKeyContainerInfo.ProviderName == "Microsoft Enhanced Cryptographic Provider v1.0" || rsa.CspKeyContainerInfo.ProviderName == "Microsoft Base Cryptographic Provider v1.0") { string providerName = "Microsoft Enhanced RSA and AES Cryptographic Provider"; int providerType = 24; Type CspKeyContainerInfo_Type = typeof(CspKeyContainerInfo); FieldInfo CspKeyContainerInfo_m_parameters = CspKeyContainerInfo_Type.GetField("m_parameters", BindingFlags.NonPublic | BindingFlags.Instance); CspParameters parameters = (CspParameters)CspKeyContainerInfo_m_parameters.GetValue(rsa.CspKeyContainerInfo); var cspparams = new CspParameters(providerType, providerName, rsa.CspKeyContainerInfo.KeyContainerName); cspparams.Flags = parameters.Flags; using (var rsaKey = new RSACryptoServiceProvider(cspparams)) { // use rsaKey now } } else { // Use rsa directly } } The hash algorithm. The encryption algorithm (obtained from the private key) Class containing static methods that allow you to get information from an X509 Certificate: the issuer and the subject. Class that holds an X509 name. Country code - StringType(SIZE(2)). Organization - StringType(SIZE(1..64)). Organizational unit name - StringType(SIZE(1..64)). Title. Common name - StringType(SIZE(1..64)). Device serial number name - StringType(SIZE(1..64)). Locality name - StringType(SIZE(1..64)). State, or province name - StringType(SIZE(1..64)). Naming attribute of type X520name. Naming attribute of type X520name. Naming attribute of type X520name. Naming attribute of type X520name. Naming attribute of type X520name. Email address (RSA PKCS#9 extension) - IA5String. Email address (RSA PKCS#9 extension) - IA5String. Note: if you're trying to be ultra orthodox, don't use this! It shouldn't be in here. Email address in Verisign certificates. Object identifier. LDAP User id. A Map with default symbols. A Map with values. Constructs an X509 name. an ASN1 Sequence Constructs an X509 name. a directory name Gets the first entry from the field array retrieved from the values Map. the field name the (first) field value Gets a field array from the values Map. The field name List Getter for values. Map with the fields of the X509 name Class for breaking up an X500 Name into it's component tokens, similar to . Class for breaking up an X500 Name into it's component tokens, similar to . We need this class as some of the lightweight Java environments don't support classes such as StringTokenizer. Creates an X509NameTokenizer. the oid that needs to be parsed Checks if the tokenizer has any tokens left. true if there are any tokens left, false if there aren't Returns the next token. the next token Get the issuer fields from an X509 Certificate. an X509Certificate an X500Name Get the "issuer" from the TBSCertificate bytes that are passed in. a TBSCertificate in a byte array an ASN1Primitive Get the subject fields from an X509 Certificate. an X509Certificate an X500Name Get the "subject" from the TBSCertificate bytes that are passed in. A TBSCertificate in a byte array a ASN1Primitive This class contains a series of static methods that allow you to retrieve information from a Certificate. Gets a CRL from an X509 certificate. the X509Certificate to extract the CRL from CRL or null if there's no CRL available Gets the URL of the Certificate Revocation List for a Certificate the Certificate the String where you can check if the certificate was revoked Gets the CRL object using a CRL URL. the URL where the CRL is located CRL object Retrieves the OCSP URL from the given certificate. the certificate the URL or null Gets the URL of the TSA if it's available on the certificate a certificate a TSA URL the certificate from which we need the ExtensionValue the Object Identifier value for the extension. the extension value as an ASN1Primitive object Gets a String from an ASN1Primitive the ASN1Primitive a human-readable String This class consists of some methods that allow you to verify certificates. The Logger instance. Verifies a single certificate for the current date. the certificate to verify the certificate revocation list or null a String with the error description or null if no error Verifies a single certificate. the certificate to verify the certificate revocation list or null the date, shall not be null a String with the error description or null if no error Verifies a certificate chain against a KeyStore for the current date. the certificate chain the KeyStore the certificate revocation list or null empty list if the certificate chain could be validated or a Object[]{cert,error} where cert is the failed certificate and error is the error message Verifies a certificate chain against a KeyStore. the certificate chain the KeyStore the certificate revocation list or null the date, shall not be null empty list if the certificate chain could be validated or a Object[]{cert,error} where cert is the failed certificate and error is the error message Verifies a certificate chain against a KeyStore for the current date. the certificate chain the KeyStore null if the certificate chain could be validated or a Object[]{cert,error} where cert is the failed certificate and error is the error message Verifies a certificate chain against a KeyStore. the certificate chain the KeyStore the date, shall not be null null if the certificate chain could be validated or a Object[]{cert,error} where cert is the failed certificate and error is the error message Verifies an OCSP response against a KeyStore. the OCSP response the KeyStore true is a certificate was found Verifies a time stamp against a KeyStore. the time stamp the KeyStore true is a certificate was found Superclass for a series of certificate verifiers that will typically be used in a chain. Superclass for a series of certificate verifiers that will typically be used in a chain. It wraps another CertificateVerifier that is the next element in the chain of which the verify() method will be called. The previous CertificateVerifier in the chain of verifiers. Indicates if going online to verify a certificate is allowed. Creates the final CertificateVerifier in a chain of verifiers. the previous verifier in the chain Decide whether or not online checking is allowed. a boolean indicating whether the certificate can be verified using online verification results. Checks the validity of the certificate, and calls the next verifier in the chain, if any. the certificate that needs to be checked its issuer the date the certificate needs to be valid a list of VerificationOK objects. The list will be empty if the certificate couldn't be verified. An implementation of the CrlClient that handles offline Certificate Revocation Lists. Paulo Soares The CRL as a byte array. Creates an instance of a CrlClient in case you have a local cache of the Certificate Revocation List. the CRL bytes Creates an instance of a CrlClient in case you have a local cache of the Certificate Revocation List. a CRL object Returns the CRL bytes (the parameters are ignored). An implementation of the CrlClient that fetches the CRL bytes from an URL. Paulo Soares The Logger instance. The URLs of the CRLs. Creates a CrlClientOnline instance that will try to find a single CRL by walking through the certificate chain. Creates a CrlClientOnline instance using one or more URLs. Creates a CrlClientOnline instance using one or more URLs. Creates a CrlClientOnline instance using a certificate chain. Fetches the CRL bytes from an URL. Fetches the CRL bytes from an URL. If no url is passed as parameter, the url will be obtained from the certificate. If you want to load a CRL from a local file, subclass this method and pass an URL with the path to the local file to this method. An other option is to use the CrlClientOffline class. Adds an URL to the list of CRL URLs an URL in the form of a String Adds an URL to the list of CRL URLs an URL object Class that allows you to verify a certificate against one or more Certificate Revocation Lists. The Logger instance The list of CRLs to check for revocation date. Creates a CRLVerifier instance. the next verifier in the chain a list of CRLs Verifies if a a valid CRL is found for the certificate. Verifies if a a valid CRL is found for the certificate. If this method returns false, it doesn't mean the certificate isn't valid. It means we couldn't verify it against any CRL that was available. the certificate that needs to be checked its issuer a list of VerificationOK objects. The list will be empty if the certificate couldn't be verified. Verifies a certificate against a single CRL. the Certificate Revocation List a certificate that needs to be verified its issuer the sign date true if the verification succeeded Fetches a CRL for a specific certificate online (without further checking). the certificate its issuer an X509CRL object Checks if a CRL verifies against the issuer certificate or a trusted anchor. the CRL the trusted anchor true if the CRL can be trusted Class that contains a map with the different message digest algorithms. Algorithm available for signatures since PDF 1.3. Algorithm available for signatures since PDF 1.6. Algorithm available for signatures since PDF 1.7. Algorithm available for signatures since PDF 1.7. Algorithm available for signatures since PDF 1.7. Maps the digest IDs with the human-readable name of the digest algorithm. Maps digest algorithm that are unknown by the JDKs MessageDigest object to a known one. Maps the name of a digest algorithm with its ID. Get a digest algorithm. oid of the digest algorithm MessageDigest object Creates a MessageDigest object that can be used to create a hash. the algorithm you want to use to create a hash a MessageDigest object Creates a hash using a specific digest algorithm and a provider. the message of which you want to create a hash the algorithm used to create the hash the hash Create a digest based on the inputstream. data to be digested algorithm to be used digest of the data Gets the digest name for a certain id an id (for instance "1.2.840.113549.2.5") a digest name (for instance "MD5") Returns the id of a digest algorithms that is allowed in PDF, or null if it isn't allowed. The name of the digest algorithm. An oid. Class that contains a map with the different encryption algorithms. Maps IDs of encryption algorithms with its human-readable name. Gets the algorithm name for a certain id. an id (for instance "1.2.840.113549.1.1.1") an algorithm name (for instance "RSA") Produces a blank (or empty) signature. Produces a blank (or empty) signature. Useful for deferred signing with MakeSignature.signExternalContainer(). Paulo Soares Creates an ExternalBlankSignatureContainer. PdfDictionary containing signature iformation. /SubFilter and /Filter aren't set in this constructor. Creates an ExternalBlankSignatureContainer. Creates an ExternalBlankSignatureContainer. This constructor will create the PdfDictionary for the signature information and will insert the /Filter and /SubFilter values into this dictionary. PdfName of the signature handler to use when validating this signature PdfName that describes the encoding of the signature Interface that needs to be implemented if you want to embed Certificate Revocation Lists (CRL) into your PDF. Paulo Soares Gets an encoded byte array. The certificate which a CRL URL can be obtained from. A CRL url if you don't want to obtain it from the certificate. A collection of byte array each representing a crl. It may return null or an empty collection. Interface that needs to be implemented to do the actual signing. Interface that needs to be implemented to do the actual signing. For instance: you'll have to implement this interface if you want to sign a PDF using a smart card. Paulo Soares Returns the hash algorithm. The hash algorithm (e.g. "SHA-1", "SHA-256,..."). Returns the encryption algorithm used for signing. The encryption algorithm ("RSA" or "DSA"). Signs the given message using the encryption algorithm in combination with the hash algorithm. The message you want to be hashed and signed. A signed message digest. Interface to sign a document. Interface to sign a document. The signing is fully done externally, including the container composition. Paulo Soares Produces the container with the signature. the data to sign a container with the signature and other objects, like CRL and OCSP. The container will generally be a PKCS7 one. Modifies the signature dictionary to suit the container. Modifies the signature dictionary to suit the container. At least the keys and will have to be set. the signature dictionary Interface for the Online Certificate Status Protocol (OCSP) Client. Gets an encoded byte array with OCSP validation. Gets an encoded byte array with OCSP validation. The method should not throw an exception. Certificate to check. The parent certificate. The url to get the verification. It it's null it will be taken. from the check cert or from other implementation specific source A byte array with the validation or null if the validation could not be obtained Time Stamp Authority client (caller) interface. Time Stamp Authority client (caller) interface. Interface used by the PdfPKCS7 digital signature builder to call Time Stamp Authority providing RFC 3161 compliant time stamp token. Get the time stamp estimated token size. Get the time stamp estimated token size. Implementation must return value large enough to accommodate the entire token returned by prior to actual call. an estimate of the token size Returns the to digest the data imprint The object. Returns RFC 3161 timeStampToken. byte[] - data imprint to be time-stamped byte[] - encoded, TSA signed data of the timeStampToken Interface you can implement and pass to TSAClientBouncyCastle in case you want to do something with the information returned When a timestamp is created using TSAClientBouncyCastle, this method is triggered passing an object that contains info about the timestamp and the time stamping authority. a TimeStampTokenInfo object Add verification according to PAdES-LTV (part 4). Paulo Soares What type of verification to include. Include only OCSP. Include only CRL. Include both OCSP and CRL. Include CRL only if OCSP can't be read. Options for how many certificates to include. Include verification just for the signing certificate. Include verification for the whole chain of certificates. Certificate inclusion in the DSS and VRI dictionaries in the CERT and CERTS keys. Include certificates in the DSS and VRI dictionaries. Do not include certificates in the DSS and VRI dictionaries. The verification constructor. The verification constructor. This class should only be created with PdfStamper.getLtvVerification() otherwise the information will not be added to the Pdf. The to apply the validation to. Add verification for a particular signature. the signature to validate (it may be a timestamp) the interface to get the OCSP the interface to get the CRL options as to how many certificates to include the validation options to include certificate inclusion options true if a validation was generated, false otherwise Get the issuing certificate for a child certificate. the certificate for which we search the parent an array with certificates that contains the parent the parent certificate Adds verification to the signature. name of the signature collection of ocsp responses collection of crls collection of certificates boolean Merges the validation with any validation already in the document or creates a new one. Converts an array of bytes to a String of hexadecimal values a byte array the same bytes expressed as hexadecimal values Verifies the signatures in an LTV document. The Logger instance Option to specify level of verification; signing certificate only or the entire chain. Verify root. A document object for the revision that is being verified. The fields in the revision that is being verified. The date the revision was signed, or null for the highest revision. The signature that covers the revision. The PdfPKCS7 object for the signature. Indicates if we're working with the latest revision. The document security store for the revision that is being verified The meta info Creates a VerificationData object for a PdfReader The document we want to verify. Sets an extra verifier. the verifier to set Sets the certificate option. Either CertificateOption.SIGNING_CERTIFICATE (default) or CertificateOption.WHOLE_CHAIN Set the verifyRootCertificate to false if you can't verify the root certificate. Sets the that will be used during creation. meta info to set Verifies all the document-level timestamps and all the signatures in the document. Verifies a document level timestamp. Checks the certificates in a certificate chain: are they valid on a specific date, and do they chain up correctly? the certificate chain Verifies certificates against a list of CRLs and OCSP responses. the signing certificate the issuer's certificate a list of VerificationOK objects. The list will be empty if the certificate couldn't be verified. Switches to the previous revision. Gets a list of X509CRL objects from a Document Security Store. a list of CRLs Gets OCSP responses from the Document Security Store. a list of BasicOCSPResp objects Checks if the signature covers the whole document and throws an exception if the document was altered a PdfPKCS7 object OcspClient implementation using BouncyCastle. Paulo Soarees The Logger instance. Create OcspClient will be used for response verification. Gets OCSP response. Gets OCSP response. If was set, the response will be checked. to certificate to check the parent certificate to get the verification Gets an encoded byte array with OCSP validation. Gets an encoded byte array with OCSP validation. The method should not throw an exception. to certificate to check the parent certificate to get the verification. It it's null it will be taken from the check cert or from other implementation specific source a byte array with the validation or null if the validation could not be obtained Generates an OCSP request using BouncyCastle. certificate of the issues serial number an OCSP request Class that allows you to verify a certificate against one or more OCSP responses. The Logger instance The list of OCSP responses. Creates an OCSPVerifier instance. the next verifier in the chain a list of OCSP responses Verifies if a a valid OCSP response is found for the certificate. Verifies if a a valid OCSP response is found for the certificate. If this method returns false, it doesn't mean the certificate isn't valid. It means we couldn't verify it against any OCSP response that was available. the certificate that needs to be checked its issuer a list of VerificationOK objects. The list will be empty if the certificate couldn't be verified. Verifies a certificate against a single OCSP response the OCSP response the certificate that needs to be checked the certificate of CA (certificate that issued signCert). This certificate is considered trusted and valid by this method. sign date , in case successful check, otherwise false. Verifies if an OCSP response is genuine If it doesn't verify against the issuer certificate and response's certificates, it may verify using a trusted anchor or cert. the OCSP response the issuer certificate. This certificate is considered trusted and valid by this method. Verifies if an OCSP response is genuine If it doesn't verify against the issuer certificate and response's certificates, it may verify using a trusted anchor or cert. the OCSP response the issuer certificate. This certificate is considered trusted and valid by this method. sign date Checks if an OCSP response is genuine the OCSP response the responder certificate true if the OCSP response verifies against the responder certificate Gets an OCSP response online and returns it if the status is GOOD (without further checking!). the signing certificate the issuer certificate an OCSP response Class containing all the OID values used by iText. Contains all OIDs used by iText in the context of Certificate Extensions. One of the standard extensions from https://tools.ietf.org/html/rfc5280 One of the standard extensions from https://tools.ietf.org/html/rfc5280 "Conforming CAs MUST mark this extension as non-critical." One of the standard extensions from https://tools.ietf.org/html/rfc5280 One of the standard extensions from https://tools.ietf.org/html/rfc5280 "Conforming CAs MUST mark this extension as non-critical." One of the standard extensions from https://tools.ietf.org/html/rfc5280 One of the standard extensions from https://tools.ietf.org/html/rfc5280 One of the standard extensions from https://tools.ietf.org/html/rfc5280 One of the standard extensions from https://tools.ietf.org/html/rfc5280 One of the standard extensions from https://tools.ietf.org/html/rfc5280 One of the standard extensions from https://tools.ietf.org/html/rfc5280 One of the standard extensions from https://tools.ietf.org/html/rfc5280 "Conforming CAs MUST mark this extension as non-critical." One of the standard extensions from https://tools.ietf.org/html/rfc5280 One of the standard extensions from https://tools.ietf.org/html/rfc5280 One of the standard extensions from https://tools.ietf.org/html/rfc5280 One of the standard extensions from https://tools.ietf.org/html/rfc5280 One of the standard extensions from https://tools.ietf.org/html/rfc5280 One of the standard extensions from https://tools.ietf.org/html/rfc5280 One of the standard extensions from https://tools.ietf.org/html/rfc5280 One of the standard extensions from https://tools.ietf.org/html/rfc5280 "The extension MUST be marked as non-critical by conforming CAs." One of the Internet Certificate Extensions also from https://tools.ietf.org/html/rfc5280 One of the Internet Certificate Extensions also from https://tools.ietf.org/html/rfc5280 "The extension MUST be marked as non-critical by conforming CAs." One of the Internet Certificate Extensions also from https://tools.ietf.org/html/rfc5280 One of the Internet Certificate Extensions also from https://tools.ietf.org/html/rfc5280 "Conforming CAs MUST mark this extension as non-critical." One of the purposes from https://www.ietf.org/rfc/rfc2459.txt Extension for OCSP responder certificate from https://www.ietf.org/rfc/rfc2560.txt. According to https://tools.ietf.org/html/rfc5280 4.2. According to https://tools.ietf.org/html/rfc5280 4.2. "Certificate Extensions": "A certificate-using system MUST reject the certificate if it encounters a critical extension it does not recognize or a critical extension that contains information that it cannot process." This set consists of standard extensions which are defined in RFC specifications and are not mentioned as forbidden to be marked as critical. This class does all the processing related to signing and verifying a PKCS#7 signature. Holds value of property signName. Holds value of property reason. Holds value of property location. Holds value of property signDate. Assembles all the elements needed to create a signature, except for the data. the private key the certificate chain the interface digest the hash algorithm the provider or null for the default provider true if the sub-filter is adbe.pkcs7.sha1 Use this constructor if you want to verify a signature using the sub-filter adbe.x509.rsa_sha1. the /Contents key the /Cert key the provider or null for the default provider Use this constructor if you want to verify a signature. the /Contents key the filtersubtype the provider or null for the default provider Getter for property sigName. Value of property sigName. Setter for property sigName. New value of property sigName. Getter for property reason. Value of property reason. Setter for property reason. New value of property reason. Getter for property location. Value of property location. Setter for property location. New value of property location. Getter for property signDate. Value of property signDate. Setter for property signDate. New value of property signDate. Version of the PKCS#7 object Version of the PKCS#7 "SignerInfo" object. Get the version of the PKCS#7 object. the version of the PKCS#7 object. Get the version of the PKCS#7 "SignerInfo" object. the version of the PKCS#7 "SignerInfo" object. The ID of the digest algorithm, e.g. "2.16.840.1.101.3.4.2.1". The object that will create the digest The digest algorithms The digest attributes Getter for the ID of the digest algorithm, e.g. "2.16.840.1.101.3.4.2.1" Returns the name of the digest algorithm, e.g. "SHA256". the digest algorithm name, e.g. "SHA256" The encryption algorithm. Getter for the digest encryption algorithm Get the algorithm used to calculate the message digest, e.g. "SHA1withRSA". the algorithm used to calculate the message digest The signed digest if created outside this class External RSA data Sets the digest/signature to an external calculated value. the digest. This is the actual signature the extra data that goes into the data tag in PKCS#7 the encryption algorithm. It may must be null if the digest is also null. If the digest is not null then it may be "RSA" or "DSA" Class from the Java SDK that provides the functionality of a digital signature algorithm. The signed digest as calculated by this class (or extracted from an existing PDF) The RSA data Update the digest with the specified bytes. Update the digest with the specified bytes. This method is used both for signing and verifying the data buffer the offset in the data buffer the data length Gets the bytes for the PKCS#1 object. a byte array Gets the bytes for the PKCS7SignedData object. the bytes for the PKCS7SignedData object Gets the bytes for the PKCS7SignedData object. Gets the bytes for the PKCS7SignedData object. Optionally the authenticatedAttributes in the signerInfo can also be set. If either of the parameters is null, none will be used. the digest in the authenticatedAttributes the bytes for the PKCS7SignedData object Gets the bytes for the PKCS7SignedData object. Gets the bytes for the PKCS7SignedData object. Optionally the authenticatedAttributes in the signerInfo can also be set, and/or a time-stamp-authority client may be provided. the digest in the authenticatedAttributes TSAClient - null or an optional time stamp authority client DER-encoded OCSP response for the first certificate in the signature certificates chain, or null if OCSP revocation data is not to be added. collection of DER-encoded CRL for certificates from the signature certificates chain, or null if CRL revocation data is not to be added. specifies the PKCS7 standard flavor to which created PKCS7SignedData object will adhere: either basic CMS or CAdES byte[] the bytes for the PKCS7SignedData object Gets the bytes for the PKCS7SignedData object. Gets the bytes for the PKCS7SignedData object. Optionally the authenticatedAttributes in the signerInfo can also be set, and/or a time-stamp-authority client may be provided. the digest in the authenticatedAttributes specifies the PKCS7 standard flavor to which created PKCS7SignedData object will adhere: either basic CMS or CAdES TSAClient - null or an optional time stamp authority client collection of DER-encoded OCSP responses for the certificate in the signature certificates chain, or null if OCSP revocation data is not to be added. collection of DER-encoded CRL for certificates from the signature certificates chain, or null if CRL revocation data is not to be added. byte[] the bytes for the PKCS7SignedData object Added by Aiken Sam, 2006-11-15, modifed by Martin Brunecky 07/12/2007 to start with the timeStampToken (signedData 1.2.840.113549.1.7.2). Added by Aiken Sam, 2006-11-15, modifed by Martin Brunecky 07/12/2007 to start with the timeStampToken (signedData 1.2.840.113549.1.7.2). Token is the TSA response without response status, which is usually handled by the (vendor supplied) TSA request/response interface). byte[] - time stamp token, DER encoded signedData ASN1EncodableVector When using authenticatedAttributes the authentication process is different. When using authenticatedAttributes the authentication process is different. The document digest is generated and put inside the attribute. The signing is done over the DER encoded authenticatedAttributes. This method provides that encoding and the parameters must be exactly the same as in . A simple example:
            Calendar cal = Calendar.getInstance();
            PdfPKCS7 pk7 = new PdfPKCS7(key, chain, null, "SHA1", null, false);
            MessageDigest messageDigest = MessageDigest.getInstance("SHA1");
            byte[] buf = new byte[8192];
            int n;
            InputStream inp = sap.getRangeStream();
            while ((n = inp.read(buf)) > 0) {
            messageDigest.update(buf, 0, n);
            }
            byte[] hash = messageDigest.digest();
            byte[] sh = pk7.getAuthenticatedAttributeBytes(hash, cal);
            pk7.update(sh, 0, sh.length);
            byte[] sg = pk7.getEncodedPKCS7(hash, cal);
            
the content digest collection of DER-encoded OCSP responses for the certificate in the signature certificates chain, or null if OCSP revocation data is not to be added. collection of DER-encoded CRL for certificates from the signature certificates chain, or null if CRL revocation data is not to be added. specifies the PKCS7 standard flavor to which created PKCS7SignedData object will adhere: either basic CMS or CAdES the byte array representation of the authenticatedAttributes ready to be signed
When using authenticatedAttributes the authentication process is different. When using authenticatedAttributes the authentication process is different. The document digest is generated and put inside the attribute. The signing is done over the DER encoded authenticatedAttributes. This method provides that encoding and the parameters must be exactly the same as in . A simple example:
            Calendar cal = Calendar.getInstance();
            PdfPKCS7 pk7 = new PdfPKCS7(key, chain, null, "SHA1", null, false);
            MessageDigest messageDigest = MessageDigest.getInstance("SHA1");
            byte[] buf = new byte[8192];
            int n;
            InputStream inp = sap.getRangeStream();
            while ((n = inp.read(buf)) > 0) {
            messageDigest.update(buf, 0, n);
            }
            byte[] hash = messageDigest.digest();
            byte[] sh = pk7.getAuthenticatedAttributeBytes(hash, cal);
            pk7.update(sh, 0, sh.length);
            byte[] sg = pk7.getEncodedPKCS7(hash, cal);
            
the content digest specifies the PKCS7 standard flavor to which created PKCS7SignedData object will adhere: either basic CMS or CAdES collection of DER-encoded OCSP responses for the certificate in the signature certificates chain, or null if OCSP revocation data is not to be added. collection of DER-encoded CRL for certificates from the signature certificates chain, or null if CRL revocation data is not to be added. the byte array representation of the authenticatedAttributes ready to be signed
This method provides that encoding and the parameters must be exactly the same as in . the content digest the byte array representation of the authenticatedAttributes ready to be signed Signature attributes Signature attributes (maybe not necessary, but we use it as fallback) encrypted digest Indicates if a signature has already been verified The result of the verification Verify the digest. true if the signature checks out, false otherwise Verifies that signature integrity is intact (or in other words that signed data wasn't modified) by checking that embedded data digest corresponds to the calculated one. Verifies that signature integrity is intact (or in other words that signed data wasn't modified) by checking that embedded data digest corresponds to the calculated one. Also ensures that signature is genuine and is created by the owner of private key that corresponds to the declared public certificate. Even though signature can be authentic and signed data integrity can be intact, one shall also always check that signed data is not only a part of PDF contents but is actually a complete PDF file. In order to check that given signature covers the current please use method. true if the signature checks out, false otherwise Checks if the timestamp refers to this document. true if it checks false otherwise All the X.509 certificates in no particular order. All the X.509 certificates used for the main signature. The X.509 certificate that is used to sign the digest. Get all the X.509 certificates associated with this PKCS#7 object in no particular order. Get all the X.509 certificates associated with this PKCS#7 object in no particular order. Other certificates, from OCSP for example, will also be included. the X.509 certificates associated with this PKCS#7 object Get the X.509 sign certificate chain associated with this PKCS#7 object. Get the X.509 sign certificate chain associated with this PKCS#7 object. Only the certificates used for the main signature will be returned, with the signing certificate first. the X.509 certificates associated with this PKCS#7 object Get the X.509 certificate actually used to sign the digest. the X.509 certificate actually used to sign the digest Helper method that creates the collection of certificates used for the main signature based on the complete list of certificates and the sign certificate. Get the X.509 certificate revocation lists associated with this PKCS#7 object the X.509 certificate revocation lists associated with this PKCS#7 object Helper method that tries to construct the CRLs. BouncyCastle BasicOCSPResp Gets the OCSP basic response if there is one. the OCSP basic response or null Checks if OCSP revocation refers to the document signing certificate. true if it checks, false otherwise Helper method that creates the BasicOCSPResp object. True if there's a PAdES LTV time stamp. True if it's a CAdES signature type. BouncyCastle TimeStampToken. Check if it's a PAdES-LTV time stamp. true if it's a PAdES-LTV time stamp, false otherwise Gets the timestamp token if there is one. the timestamp token or null Gets the timestamp date a date Returns the filter subtype. Returns the encryption algorithm the name of an encryption algorithm Represents the signature dictionary. Paulo Soares Creates new PdfSignature. Creates new PdfSignature. PdfName of the signature handler to use when validating this signature PdfName that describes the encoding of the signature A name that describes the encoding of the signature value and key information in the signature dictionary. a which usually has a value either or . The type of PDF object that the wrapped dictionary describes; if present, shall be for a signature dictionary or for a timestamp signature dictionary. The type of PDF object that the wrapped dictionary describes; if present, shall be for a signature dictionary or for a timestamp signature dictionary. Shall be not null if it's value is . The default value is: . a that identifies type of the wrapped dictionary, returns null if it is not explicitly specified. Sets the /ByteRange. an array of pairs of integers that specifies the byte range used in the digest calculation. A pair consists of the starting byte offset and the length Gets the /ByteRange. an array of pairs of integers that specifies the byte range used in the digest calculation. A pair consists of the starting byte offset and the length. Sets the /Contents value to the specified byte[]. a byte[] representing the digest Gets the /Contents entry value. Sets the /Cert value of this signature. the byte[] representing the certificate chain Gets the /Cert entry value of this signature. Sets the /Name of the person signing the document. name of the person signing the document gets the /Name of the person signing the document. name of the person signing the document. Sets the /M value. Sets the /M value. Should only be used if the time of signing is not available in the signature. time of signing Gets the /M value. Gets the /M value. Should only be used if the time of signing is not available in the signature. which denotes time of signing. Sets the /Location value. physical location of signing Gets the /Location entry value. physical location of signing. Sets the /Reason value. reason for signing Sets the signature creator name in the dictionary. name of the signature creator Sets the /ContactInfo value. information to contact the person who signed this document Gets the instance if it exists, if not it adds a new one and returns this. A dictionary that stores the name of the application that signs the PDF. Creates a new PdfSignatureApp Creates a new PdfSignatureApp. PdfDictionary containing initial values Sets the signature created property in the Prop_Build dictionary's App dictionary. String name of the application creating the signature Provides convenient methods to make a signature appearance. Provides convenient methods to make a signature appearance. Use it in conjunction with . Extra space at the top. Margin for the content inside the signature rectangle. The document to be signed. The page where the signature will appear. The coordinates of the rectangle for a visible signature, or a zero-width, zero-height rectangle for an invisible signature. Rectangle that represent the position and dimension of the signature in the page. Zero level of the signature appearance. Second level of the signature appearance. Form containing all layers drawn on top of each other. The rendering mode chosen for visible signatures. The reason for signing. The caption for the reason for signing. Holds value of property location. The caption for the location of signing. Holds value of the application that creates the signature. The contact name of the signer. Holds value of property signDate. The signing certificate. The image that needs to be used for a visible signature. A background image for the text in layer 2. The scaling to be applied to the background image. The text that goes in Layer 2 of the signature appearance. Font for the text in Layer 2. Font size for the font of Layer 2. Font color for the font of Layer 2. Indicates the field to be signed if it is already presented in the document (signing existing field). Indicates the field to be signed if it is already presented in the document (signing existing field). Required for option. Indicates if we need to reuse the existing appearance as layer 0. Creates a PdfSignatureAppearance. PdfDocument Rectangle of the appearance Number of the page the appearance should be on Provides the page number of the signature field which this signature appearance is associated with. The page number of the signature field which this signature appearance is associated with. Sets the page number of the signature field which this signature appearance is associated with. Sets the page number of the signature field which this signature appearance is associated with. Implicitly calls which considers page number to process the rectangle correctly. The page number of the signature field which this signature appearance is associated with. Provides the rectangle that represent the position and dimension of the signature field in the page. the rectangle that represent the position and dimension of the signature field in the page Sets the rectangle that represent the position and dimension of the signature field in the page. The rectangle that represents the position and dimension of the signature field in the page. Get Layer 0 of the appearance. layer 0 Get Layer 2 of the appearance. layer 2 Gets the rendering mode for this signature. the rendering mode for this signature Sets the rendering mode for this signature. the rendering mode Returns the signing reason. reason for signing Sets the signing reason. signing reason. Sets the caption for the signing reason. A new signing reason caption Returns the signing location. signing location Sets the signing location. A new signing location Sets the caption for the signing location. A new signing location caption Returns the signature creator. The signature creator Sets the name of the application used to create the signature. A new name of the application signing a document Returns the signing contact. The signing contact Sets the signing contact. A new signing contact Sets the certificate used to provide the text in the appearance. Sets the certificate used to provide the text in the appearance. This certificate doesn't take part in the actual signing process. the certificate Get the signing certificate. the signing certificate Gets the Image object to render. the image Sets the Image object to render when Render is set to RenderingMode.GRAPHIC or RenderingMode.GRAPHIC_AND_DESCRIPTION. image rendered. If null the mode is defaulted to RenderingMode.DESCRIPTION Indicates that the existing appearances needs to be reused as layer 0. Gets the background image for the layer 2. the background image for the layer 2 Sets the background image for the layer 2. the background image for the layer 2 Gets the scaling to be applied to the background image. the scaling to be applied to the background image Sets the scaling to be applied to the background image. Sets the scaling to be applied to the background image. If it's zero the image will fully fill the rectangle. If it's less than zero the image will fill the rectangle but will keep the proportions. If it's greater than zero that scaling will be applied. In any of the cases the image will always be centered. It's zero by default. the scaling to be applied to the background image Sets the signature text identifying the signer. the signature text identifying the signer. If null or not set a standard description will be used Gets the signature text identifying the signer if set by setLayer2Text(). the signature text identifying the signer Gets the n2 and n4 layer font. the n2 and n4 layer font Sets the n2 and n4 layer font. Sets the n2 and n4 layer font. If the font size is zero, auto-fit will be used. the n2 and n4 font Sets the n2 and n4 layer font size. font size Gets the n2 and n4 layer font size. the n2 and n4 layer font size Sets the n2 and n4 layer font color. font color Gets the n2 and n4 layer font color. the n2 and n4 layer font color Gets the visibility status of the signature. the visibility status of the signature Constructs appearance (top-level) for a signature. PPKAppearances.pdf for further details a top-level signature appearance Returns the signature date. the signature date Sets the signature date. A new signature date Set the field name of the appearance. name of the field Signature rendering modes. The rendering mode is just the description. The rendering mode is the name of the signer and the description. The rendering mode is an image and the description. The rendering mode is just an image. Dictionary that stores signature build properties. Kwinten Pisman Creates new PdfSignatureBuildProperties. Creates new PdfSignatureBuildProperties with preset values. PdfDictionary containing preset values Sets the signatureCreator property in the underlying dictionary. Gets the from this dictionary. Gets the from this dictionary. If it does not exist, it adds a new and returns this instance. Takes care of the cryptographic options and appearances that form a signature. Enum containing the Cryptographic Standards. Enum containing the Cryptographic Standards. Possible values are "CMS" and "CADES". Cryptographic Message Syntax. CMS Advanced Electronic Signatures. Approval signature. Author signature, no changes allowed. Author signature, form filling allowed. Author signature, form filling and annotations allowed. The certification level. The name of the field. The file right before the signature is added (can be null). The bytes of the file right before the signature is added (if raf is null). Array containing the byte positions of the bytes that need to be hashed. The PdfDocument. The crypto dictionary. Holds value of property signatureEvent. OutputStream for the bytes of the document. Outputstream that temporarily holds the output in memory. Tempfile to hold the output temporarily. Name and content of keys that can only be added in the close() method. Indicates if the pdf document has already been pre-closed. Signature field lock dictionary. The signature appearance. Holds value of property signDate. Boolean to check if this PdfSigner instance has been closed already or not. Creates a PdfSigner instance. Creates a PdfSigner instance. Uses a instead of a temporary file. PdfReader that reads the PDF file OutputStream to write the signed PDF file boolean to indicate whether the signing should happen in append mode or not Creates a PdfSigner instance. Creates a PdfSigner instance. Uses a instead of a temporary file. PdfReader that reads the PDF file OutputStream to write the signed PDF file File to which the output is temporarily written boolean to indicate whether the signing should happen in append mode or not Creates a PdfSigner instance. Creates a PdfSigner instance. Uses a instead of a temporary file. PdfReader that reads the PDF file OutputStream to write the signed PDF file for the signing document. Note that encryption will be preserved regardless of what is set in properties. Creates a PdfSigner instance. Creates a PdfSigner instance. Uses a instead of a temporary file. PdfReader that reads the PDF file OutputStream to write the signed PDF file File to which the output is temporarily written for the signing document. Note that encryption will be preserved regardless of what is set in properties. Gets the signature date. Calendar set to the signature date Sets the signature date. the signature date Provides access to a signature appearance object. Provides access to a signature appearance object. Use it to customize the appearance of the signature. Be aware: If you create new signature field (either use with the name that doesn't exist in the document or don't specify it at all) then the signature is invisible by default. If you sign already existing field, then the signature appearance object is modified to have all the properties (page num., rect etc.) consistent with the state of the field (if you customized the appearance object before the call you'll have to do it again) object. Returns the document's certification level. Returns the document's certification level. For possible values see . The certified status. Sets the document's certification level. a new certification level for a document. Possible values are: Gets the field name. the field name Returns the user made signature dictionary. Returns the user made signature dictionary. This is the dictionary at the /V key of the signature field. The user made signature dictionary. Getter for property signatureEvent. Value of property signatureEvent. Sets the signature event to allow modification of the signature dictionary. the signature event Gets a new signature field name that doesn't clash with any existing name. A new signature field name. Sets the name indicating the field to be signed. Sets the name indicating the field to be signed. The field can already be presented in the document but shall not be signed. If the field is not presented in the document, it will be created. The name indicating the field to be signed. Gets the PdfDocument associated with this instance. the PdfDocument associated with this instance Sets the PdfDocument. The PdfDocument Setter for the OutputStream. OutputStream for the bytes of the document Getter for the field lock dictionary. Field lock dictionary. Setter for the field lock dictionary. Setter for the field lock dictionary. Be aware: if a signature is created on an existing signature field, then its /Lock dictionary takes the precedence (if it exists). Field lock dictionary Signs the document using the detached mode, CMS or CAdES equivalent. Signs the document using the detached mode, CMS or CAdES equivalent.

NOTE: This method closes the underlying pdf document. This means, that current instance of PdfSigner cannot be used after this method call.
the interface providing the actual signing the certificate chain the CRL list the OCSP client the Timestamp client the reserved size for the signature. It will be estimated if 0 Either Signature.CMS or Signature.CADES
Signs the document using the detached mode, CMS or CAdES equivalent. Signs the document using the detached mode, CMS or CAdES equivalent.

NOTE: This method closes the underlying pdf document. This means, that current instance of PdfSigner cannot be used after this method call.
the interface providing the actual signing the certificate chain the CRL list the OCSP client the Timestamp client the reserved size for the signature. It will be estimated if 0 Either Signature.CMS or Signature.CADES the signature policy (for EPES signatures)
Signs the document using the detached mode, CMS or CAdES equivalent. Signs the document using the detached mode, CMS or CAdES equivalent.

NOTE: This method closes the underlying pdf document. This means, that current instance of PdfSigner cannot be used after this method call.
the interface providing the actual signing the certificate chain the CRL list the OCSP client the Timestamp client the reserved size for the signature. It will be estimated if 0 Either Signature.CMS or Signature.CADES the signature policy (for EPES signatures)
Sign the document using an external container, usually a PKCS7. Sign the document using an external container, usually a PKCS7. The signature is fully composed externally, iText will just put the container inside the document.

NOTE: This method closes the underlying pdf document. This means, that current instance of PdfSigner cannot be used after this method call.
the interface providing the actual signing the reserved size for the signature
Signs a document with a PAdES-LTV Timestamp. Signs a document with a PAdES-LTV Timestamp. The document is closed at the end.

NOTE: This method closes the underlying pdf document. This means, that current instance of PdfSigner cannot be used after this method call.
the timestamp generator the signature name or null to have a name generated automatically
Signs a PDF where space was already reserved. the original PDF the field to sign. It must be the last field the output PDF the signature container doing the actual signing. Only the method ExternalSignatureContainer.sign is used Processes a CRL list. a Certificate if one of the CrlList implementations needs to retrieve the CRL URL from it. a list of CrlClient implementations a collection of CRL bytes that can be embedded in a PDF Checks if the document is in the process of closing. true if the document is in the process of closing, false otherwise This is the first method to be called when using external signatures. This is the first method to be called when using external signatures. The general sequence is: preClose(), getDocumentBytes() and close(). exclusionSizes must contain at least the PdfName.CONTENTS key with the size that it will take in the document. Note that due to the hex string coding this size should be byte_size*2+2. Map with names and sizes to be excluded in the signature calculation. The key is a PdfName and the value an Integer. At least the /Contents must be present Gets the document bytes that are hashable when using external signatures. Gets the document bytes that are hashable when using external signatures. The general sequence is: , and . The of bytes to be signed. This is the last method to be called when using external signatures. This is the last method to be called when using external signatures. The general sequence is: preClose(), getDocumentBytes() and close(). update is a PdfDictionary that must have exactly the same keys as the ones provided in . a PdfDictionary with the key/value that will fill the holes defined in Returns the underlying source. The underlying source Adds keys to the signature dictionary that define the certification level and the permissions. Adds keys to the signature dictionary that define the certification level and the permissions. This method is only used for Certifying signatures. the signature dictionary Adds keys to the signature dictionary that define the field permissions. Adds keys to the signature dictionary that define the field permissions. This method is only used for signatures that lock fields. the signature dictionary Get the rectangle associated to the provided widget. PdfWidgetAnnotation to extract the rectangle from Rectangle Get the page number associated to the provided widget. PdfWidgetAnnotation from which to extract the page number page number An interface to retrieve the signature dictionary for modification. Allows modification of the signature dictionary. The signature dictionary Implementation of the interface that can be used when you have a object. Paulo Soares The private key object. The hash algorithm. The encryption algorithm (obtained from the private key) Creates a instance. A object. A hash algorithm (e.g. "SHA-1", "SHA-256",...). A security provider (e.g. "BC"). Verifies a certificate against a KeyStore containing trusted anchors. A key store against which certificates can be verified. Creates a RootStoreVerifier in a chain of verifiers. the next verifier in the chain Sets the Key Store against which a certificate can be checked. a root store Verifies a single certificate against a key store (if present). the certificate to verify the issuer certificate the date the certificate needs to be valid a list of VerificationOK objects. The list will be empty if the certificate couldn't be verified. A list of IDs that are used by the security classes A helper class that tells you more about the type of signature (certification or approval) and the signature's DMP settings. Class that contains a field lock action and an array of the fields that are involved. Can be /All, /Exclude or /Include An array of PdfString values with fieldnames Creates a FieldLock instance Getter for the field lock action. Getter for the fields involved in the lock action. toString method Is the signature a cerification signature (true) or an approval signature (false)? Is form filling allowed by this signature? Is adding annotations allowed by this signature? Does this signature lock specific fields? Creates an object that can inform you about the type of signature in a signature dictionary as well as some of the permissions defined by the signature. Getter to find out if the signature is a certification signature. true if the signature is a certification signature, false for an approval signature. Getter to find out if filling out fields is allowed after signing. true if filling out fields is allowed Getter to find out if adding annotations is allowed after signing. true if adding annotations is allowed Getter for the field lock actions, and fields that are impacted by the action an Array with field names Class that encapsulates the signature policy information Sample: SignaturePolicyInfo spi = new SignaturePolicyInfo("2.16.724.1.3.1.1.2.1.9", "G7roucf600+f03r/o0bAOQ6WAs0=", "SHA-1", "https://sede.060.gob.es/politica_de_firma_anexo_1.pdf"); Constructs a new instance the id of the signature policy the hash of the signature policy the digestion algorithm of the signature policy the uri of the full policy description Constructs a new instance the id of the signature policy the Base64 presentation of the hash of the signature policy the digestion algorithm of the signature policy the uri of the full policy description Utility class that provides several convenience methods concerning digital signatures. Converts a to an array of longs PdfArray to be converted long[] containing the PdfArray values Creates a SignatureUtil instance. Creates a SignatureUtil instance. Sets the acroForm field to the acroForm in the PdfDocument. iText will create a new AcroForm if the PdfDocument doesn't contain one. PdfDocument to be inspected Prepares an instance for the given signature. Prepares an instance for the given signature. This method handles signature parsing and might throw an exception if signature is malformed. The returned can be used to fetch additional info about the signature and also to perform integrity check of data signed by the given signature field. In order to check that given signature covers the current PdfDocument revision please use method. the signature field name a instance which can be used to fetch additional info about the signature and also to perform integrity check of data signed by the given signature field. Prepares an instance for the given signature. Prepares an instance for the given signature. This method handles signature parsing and might throw an exception if signature is malformed. The returned can be used to fetch additional info about the signature and also to perform integrity check of data signed by the given signature field. Prepared instance calculates digest based on signature's /ByteRange entry. In order to check that /ByteRange is properly defined and given signature indeed covers the current PDF document revision please use method. the signature field name a instance which can be used to fetch additional info about the signature and also to perform integrity check of data signed by the given signature field. Gets the signature dictionary, the one keyed by /V. the field name the signature dictionary keyed by /V or null if the field is not a signature Gets the field names that have signatures and are signed. List containing the field names that have signatures and are signed Gets the field names that have blank signatures. List containing the field names that have blank signatures Extracts a revision from the document. the signature field name an InputStream covering the revision. Returns null if it's not a signature field Checks if the signature covers the entire document (except for signature's Contents) or just a part of it. Checks if the signature covers the entire document (except for signature's Contents) or just a part of it. If this method does not return it means that signature in question does not cover the entire contents of current . Such signatures cannot be considered as verifying the PDF document, because content that is not covered by signature might have been modified since the signature creation. the signature field name true if the signature covers the entire document, false if it doesn't Checks whether a name exists as a signature field or not. Checks whether a name exists as a signature field or not. It checks both signed fields and blank signatures. name of the field boolean does the signature field exist Parses a CRL from an input Stream. The input Stream holding the unparsed CRL. The parsed CRL object. This behavior is different in Java and .NET, because in Java we use this two-step check: first via #hasUnsupportedCriticalExtension method, and then additionally allowing standard critical extensions; in .NET there's only second step. However, removing first step in Java can be a breaking change for some users and moreover we don't have any means of providing customization for unsupported extensions check as of right now. During major release I'd suggest changing java unsupported extensions check logic to the same as in .NET, but only if it is possible to customize this logic. Time Stamp Authority Client interface implementation using Bouncy Castle org.bouncycastle.tsp package. Time Stamp Authority Client interface implementation using Bouncy Castle org.bouncycastle.tsp package. Created by Aiken Sam, 2006-11-15, refactored by Martin Brunecky, 07/15/2007 for ease of subclassing. The default value for the hash algorithm The default value for the hash algorithm The Logger instance. URL of the Time Stamp Authority TSA Username TSA password An interface that allows you to inspect the timestamp info. Estimate of the received time stamp token Hash algorithm TSA request policy Creates an instance of a TSAClient that will use BouncyCastle. String - Time Stamp Authority URL (i.e. "http://tsatest1.digistamp.com/TSA") Creates an instance of a TSAClient that will use BouncyCastle. String - Time Stamp Authority URL (i.e. "http://tsatest1.digistamp.com/TSA") String - user(account) name String - password Constructor. Constructor. Note the token size estimate is updated by each call, as the token size is not likely to change (as long as we call the same TSA using the same imprint length). String - Time Stamp Authority URL (i.e. "http://tsatest1.digistamp.com/TSA") String - user(account) name String - password int - estimated size of received time stamp token (DER encoded) the tsaInfo to set Get the token size estimate. Get the token size estimate. Returned value reflects the result of the last succesfull call, padded an estimate of the token size Gets the TSA request policy that will be used when retrieving timestamp token. policy id, or null if not set Sets the TSA request policy that will be used when retrieving timestamp token. policy id Gets the MessageDigest to digest the data imprint the digest algorithm name Get RFC 3161 timeStampToken. Get RFC 3161 timeStampToken. Method may return null indicating that timestamp should be skipped. data imprint to be time-stamped encoded, TSA signed data of the timeStampToken Get timestamp token - communications layer - byte[] - TSA response, raw bytes (RFC 3161 encoded) An exception that is thrown when something is wrong with a certificate. Creates a VerificationException Class that informs you that the verification of a Certificate succeeded using a specific CertificateVerifier and for a specific reason. The certificate that was verified successfully. The CertificateVerifier that was used for verifying. The reason why the certificate verified successfully. Creates a VerificationOK object the certificate that was successfully verified the class that was used for verification the reason why the certificate could be verified Return a single String explaining which certificate was verified, how and why.