Package com.itextpdf.signatures

Class PKCS7ExternalSignatureContainer

java.lang.Object
com.itextpdf.signatures.PKCS7ExternalSignatureContainer
All Implemented Interfaces:
IExternalSignatureContainer
public class PKCS7ExternalSignatureContainer extends Object implements IExternalSignatureContainer
Implementation class for IExternalSignatureContainer. This external signature container is implemented based on PCS7 standard and PdfPKCS7 class.

  • Constructor Details

    • PKCS7ExternalSignatureContainer

      public PKCS7ExternalSignatureContainer (PrivateKey privateKey, Certificate[] chain, String hashAlgorithm)
      Creates an instance of PKCS7ExternalSignatureContainer
      Parameters:
      privateKey - The private key to sign with
      chain - The certificate chain
      hashAlgorithm - The hash algorithm to use

  • Method Details

    • sign

      public byte[] sign (InputStream data) throws GeneralSecurityException
      Produces the container with the signature.
      Specified by:
      sign in interface IExternalSignatureContainer
      Parameters:
      data - the data to sign
      Returns:
      a container with the signature and other objects, like CRL and OCSP. The container will generally be a PKCS7 one.
      Throws:
      GeneralSecurityException - the general security exception

    • modifySigningDictionary

      public void modifySigningDictionary (PdfDictionary signDic)
      Modifies the signature dictionary to suit the container. At least the keys PdfName.Filter and PdfName.SubFilter will have to be set.
      Specified by:
      modifySigningDictionary in interface IExternalSignatureContainer
      Parameters:
      signDic - the signature dictionary

    • setOcspClient

      public void setOcspClient (IOcspClient ocspClient)
      Set the OcspClient if you want revocation data collected trough Ocsp to be added to the signature
      Parameters:
      ocspClient - the client to be used

    • setCrlClient

      public void setCrlClient (ICrlClient crlClient)
      Set the CrlClient if you want revocation data collected trough Crl to be added to the signature
      Parameters:
      crlClient - the client to be used

    • setTsaClient

      public void setTsaClient (ITSAClient tsaClient)
      Set the TsaClient if you want a TSA timestamp added to the signature
      Parameters:
      tsaClient - the client to use

    • setSignaturePolicy

      public void setSignaturePolicy (SignaturePolicyInfo signaturePolicy)
      Set the signature policy if you want it to be added to the signature
      Parameters:
      signaturePolicy - the signature to be set.

    • setSignatureType

      public void setSignatureType (PdfSigner.CryptoStandard sigType)
      Set a custom signature type, default value PdfSigner.CryptoStandard.CMS
      Parameters:
      sigType - the type of signature to be created