Package com.itextpdf.signatures

Class SignatureUtil

java.lang.Object
com.itextpdf.signatures.SignatureUtil
public class SignatureUtil extends Object
Utility class that provides several convenience methods concerning digital signatures.

  • Constructor Details

    • SignatureUtil

      public SignatureUtil (PdfDocument document)
      Creates a SignatureUtil instance. Sets the acroForm field to the acroForm in the PdfDocument. iText will create a new AcroForm if the PdfDocument doesn't contain one.
      Parameters:
      document - PdfDocument to be inspected

  • Method Details

    • readSignatureData

      public PdfPKCS7 readSignatureData (String signatureFieldName)
      Prepares an PdfPKCS7 instance for the given signature. This method handles signature parsing and might throw an exception if signature is malformed.

      The returned PdfPKCS7 can be used to fetch additional info about the signature and also to perform integrity check of data signed by the given signature field.

      In order to validate the signature it is required to check if it covers the entire file, otherwise one cannot be sure that signature in question indeed signs the data that constitutes current PdfDocument with all its contents. In order to check that given signature covers the current PdfDocument please use signatureCoversWholeDocument(String) method.

      Parameters:
      signatureFieldName - the signature field name
      Returns:
      a PdfPKCS7 instance which can be used to fetch additional info about the signature and also to perform integrity check of data signed by the given signature field.

    • readSignatureData

      public PdfPKCS7 readSignatureData (String signatureFieldName, String securityProvider)
      Prepares an PdfPKCS7 instance for the given signature. This method handles signature parsing and might throw an exception if signature is malformed.

      The returned PdfPKCS7 can be used to fetch additional info about the signature and also to perform integrity check of data signed by the given signature field.

      Prepared PdfPKCS7 instance calculates digest based on signature's /ByteRange entry. In order to check that /ByteRange is properly defined and given signature indeed covers the current PDF document revision please use signatureCoversWholeDocument(String) method.

      Parameters:
      signatureFieldName - the signature field name
      securityProvider - the security provider or null for the default provider
      Returns:
      a PdfPKCS7 instance which can be used to fetch additional info about the signature and also to perform integrity check of data signed by the given signature field.

    • getSignature

      public PdfSignature getSignature (String name)

    • getSignatureDictionary

      public PdfDictionary getSignatureDictionary (String name)
      Gets the signature dictionary, the one keyed by /V.
      Parameters:
      name - the field name
      Returns:
      the signature dictionary keyed by /V or null if the field is not a signature

    • getSignatureNames

      public List<String> getSignatureNames()
      Gets the field names that have signatures and are signed.
      Returns:
      List containing the field names that have signatures and are signed

    • getBlankSignatureNames

      public List<String> getBlankSignatureNames()
      Gets the field names that have blank signatures.
      Returns:
      List containing the field names that have blank signatures

    • getTotalRevisions

      public int getTotalRevisions()

    • getRevision

      public int getRevision (String field)

    • getTranslatedFieldName

      public String getTranslatedFieldName (String name)

    • extractRevision

      public InputStream extractRevision (String field)
      Extracts a revision from the document.
      Parameters:
      field - the signature field name
      Returns:
      an InputStream covering the revision. Returns null if it's not a signature field

    • signatureCoversWholeDocument

      public boolean signatureCoversWholeDocument (String name)
      Checks if the signature covers the entire document (except for signature's Contents) or just a part of it.

      If this method does not return true it means that signature in question does not cover the entire contents of current PdfDocument. Such signatures cannot be considered as verifying the PDF document, because content that is not covered by signature might have been modified since the signature creation.

      Parameters:
      name - the signature field name
      Returns:
      true if the signature covers the entire document, false if it doesn't

    • doesSignatureFieldExist

      public boolean doesSignatureFieldExist (String name)
      Checks whether a name exists as a signature field or not. It checks both signed fields and blank signatures.
      Parameters:
      name - name of the field
      Returns:
      boolean does the signature field exist