private byte[] signDocumentAndReturnDigest(
final PAdESSignatureParameters parameters,
final byte[] signatureBytes,
final File signedFile,
final FileOutputStream fileOutputStream,
final PDDocument pdDocument,
final PDSignature pdSignature,
final DigestAlgorithm digestAlgorithm)
throws DSSException {
SignatureOptions options = new SignatureOptions();
try {
final MessageDigest digest = DSSUtils.getMessageDigest(digestAlgorithm);
// register signature dictionary and sign interface
SignatureInterface signatureInterface =
new SignatureInterface() {
@Override
public byte[] sign(InputStream content) throws SignatureException, IOException {
byte[] b = new byte[4096];
int count;
while ((count = content.read(b)) > 0) {
digest.update(b, 0, count);
}
return signatureBytes;
}
};
options.setPreferedSignatureSize(parameters.getSignatureSize());
if (parameters.getImageParameters() != null) {
fillImageParameters(pdDocument, parameters.getImageParameters(), options);
}
pdDocument.addSignature(pdSignature, signatureInterface, options);
saveDocumentIncrementally(parameters, signedFile, fileOutputStream, pdDocument);
final byte[] digestValue = digest.digest();
if (logger.isDebugEnabled()) {
logger.debug("Digest to be signed: " + Hex.encodeHexString(digestValue));
}
fileOutputStream.close();
return digestValue;
} catch (IOException e) {
throw new DSSException(e);
} catch (SignatureException e) {
throw new DSSException(e);
} finally {
IOUtils.closeQuietly(options.getVisualSignature());
}
}
public void saveDocumentIncrementally(
PAdESSignatureParameters parameters,
File signedFile,
FileOutputStream fileOutputStream,
PDDocument pdDocument)
throws DSSException {
FileInputStream signedFileInputStream = null;
try {
signedFileInputStream = new FileInputStream(signedFile);
// the document needs to have an ID, if not a ID based on the current system time is used, and
// then the
// digest of the signed data is
// different
if (pdDocument.getDocumentId() == null) {
final byte[] documentIdBytes =
DSSUtils.digest(
DigestAlgorithm.MD5, parameters.bLevel().getSigningDate().toString().getBytes());
pdDocument.setDocumentId(DSSUtils.toLong(documentIdBytes));
pdDocument.setDocumentId(0L);
}
pdDocument.saveIncremental(signedFileInputStream, fileOutputStream);
} catch (IOException e) {
throw new DSSException(e);
} catch (COSVisitorException e) {
throw new DSSException(e);
} finally {
IOUtils.closeQuietly(signedFileInputStream);
}
}
private PDSignature createSignatureDictionary(final PAdESSignatureParameters parameters) {
final PDSignature signature = new PDSignature();
signature.setType(getType());
// signature.setName(String.format("SD-DSS Signature %s", parameters.getDeterministicId()));
Date date = parameters.bLevel().getSigningDate();
String encodedDate =
" "
+ Hex.encodeHexString(
DSSUtils.digest(DigestAlgorithm.SHA1, Long.toString(date.getTime()).getBytes()));
CertificateToken token = parameters.getSigningCertificate();
if (token == null) {
signature.setName("Unknown signer" + encodedDate);
} else {
if (parameters.getSigningCertificate().getSubjectShortName() != null) {
String shortName = parameters.getSigningCertificate().getSubjectShortName() + encodedDate;
signature.setName(shortName);
} else {
signature.setName("Unknown signer" + encodedDate);
}
}
signature.setFilter(PDSignature.FILTER_ADOBE_PPKLITE); // default filter
// sub-filter for basic and PAdES Part 2 signatures
signature.setSubFilter(getSubFilter());
if (COSName.SIG.equals(getType())) {
if (StringUtils.isNotEmpty(parameters.getContactInfo())) {
signature.setContactInfo(parameters.getContactInfo());
}
if (StringUtils.isNotEmpty(parameters.getLocation())) {
signature.setLocation(parameters.getLocation());
}
if (StringUtils.isNotEmpty(parameters.getReason())) {
signature.setReason(parameters.getReason());
}
}
// the signing date, needed for valid signature
final Calendar cal = Calendar.getInstance();
final Date signingDate = parameters.bLevel().getSigningDate();
cal.setTime(signingDate);
signature.setSignDate(cal);
return signature;
}
@Before
public void init() throws Exception {
documentToSign = new FileDocument(new File("src/test/resources/sample.pdf"));
CertificateService certificateService = new CertificateService();
privateKeyEntry = certificateService.generateCertificateChain(SignatureAlgorithm.RSA_SHA256);
signatureParameters = new PAdESSignatureParameters();
signatureParameters.bLevel().setSigningDate(new Date());
signatureParameters.setSigningCertificate(privateKeyEntry.getCertificate());
signatureParameters.setCertificateChain(privateKeyEntry.getCertificateChain());
signatureParameters.setSignaturePackaging(SignaturePackaging.ENVELOPING);
signatureParameters.setSignatureLevel(SignatureLevel.PAdES_BASELINE_B);
signatureParameters.setLocation("Luxembourg");
signatureParameters.setReason("DSS testing");
signatureParameters.setContactInfo("Jira");
CertificateVerifier certificateVerifier = new CommonCertificateVerifier();
service = new PAdESService(certificateVerifier);
}