Package com.itextpdf.signatures
Class PKCS7ExternalSignatureContainer
java.lang.Object
com.itextpdf.signatures.PKCS7ExternalSignatureContainer
- All Implemented Interfaces:
-
IExternalSignatureContainer
Implementation class for
IExternalSignatureContainer
. This external signature container is implemented based on PCS7 standard and PdfPKCS7
class.
-
Constructor Summary
ConstructorDescriptionPKCS7ExternalSignatureContainer
(PrivateKey privateKey, Certificate[] chain, String hashAlgorithm) Creates an instance of PKCS7ExternalSignatureContainer -
Method Summary
Modifier and TypeMethodDescriptionvoid
modifySigningDictionary
(PdfDictionary signDic) Modifies the signature dictionary to suit the container.void
setCrlClient
(ICrlClient crlClient) Set the CrlClient if you want revocation data collected trough Crl to be added to the signaturevoid
setOcspClient
(IOcspClient ocspClient) Set the OcspClient if you want revocation data collected trough Ocsp to be added to the signaturevoid
setSignaturePolicy
(SignaturePolicyInfo signaturePolicy) Set the signature policy if you want it to be added to the signaturevoid
setSignatureType
(PdfSigner.CryptoStandard sigType) Set a custom signature type, default valuePdfSigner.CryptoStandard.CMS
void
setTsaClient
(ITSAClient tsaClient) Set the TsaClient if you want a TSA timestamp added to the signaturebyte[]
sign
(InputStream data) Produces the container with the signature.
-
Constructor Details
-
PKCS7ExternalSignatureContainer
public PKCS7ExternalSignatureContainer(PrivateKey privateKey, Certificate[] chain, String hashAlgorithm) Creates an instance of PKCS7ExternalSignatureContainer- Parameters:
-
privateKey
- The private key to sign with -
chain
- The certificate chain -
hashAlgorithm
- The hash algorithm to use
-
-
Method Details
-
sign
Produces the container with the signature.- Specified by:
-
sign
in interfaceIExternalSignatureContainer
- Parameters:
-
data
- the data to sign - Returns:
- a container with the signature and other objects, like CRL and OCSP. The container will generally be a PKCS7 one.
- Throws:
-
GeneralSecurityException
- the general security exception
-
modifySigningDictionary
Modifies the signature dictionary to suit the container. At least the keysPdfName.Filter
andPdfName.SubFilter
will have to be set.- Specified by:
-
modifySigningDictionary
in interfaceIExternalSignatureContainer
- Parameters:
-
signDic
- the signature dictionary
-
setOcspClient
Set the OcspClient if you want revocation data collected trough Ocsp to be added to the signature- Parameters:
-
ocspClient
- the client to be used
-
setCrlClient
Set the CrlClient if you want revocation data collected trough Crl to be added to the signature- Parameters:
-
crlClient
- the client to be used
-
setTsaClient
Set the TsaClient if you want a TSA timestamp added to the signature- Parameters:
-
tsaClient
- the client to use
-
setSignaturePolicy
Set the signature policy if you want it to be added to the signature- Parameters:
-
signaturePolicy
- the signature to be set.
-
setSignatureType
Set a custom signature type, default valuePdfSigner.CryptoStandard.CMS
- Parameters:
-
sigType
- the type of signature to be created
-