Uploaded image for project: 'PDFBox'
  1. PDFBox
  2. PDFBOX-3552

Allow external signing in two steps



    • Type: Improvement
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 2.0.3
    • Fix Version/s: 2.0.4, 3.0.0 PDFBox
    • Component/s: Signing
    • Labels:


      As requested by user Fabricio Pombo Koch in the mailing list:

      I'm trying to sign a PDF with an external service. This service receives the PDF's content (hash) and returns the signature (hash).
      I followed the "CreateSignature" and "CreateVisibleSignature" examples and I was able to make it works.
      But, I need to sign the PDF in 2 steps:
      1- Get PDF's content, calculate the hash and send the hash to the service that is responsible to sign the hash.
      2- Get the signature hash returned from the service and insert it into my PDF.

      Note that in the 2nd step I'm not in the same context from 1st step, so, I can't access the PDF that was loaded in step 1. I would need to load it again.

      As discussed in the mailing list, the strategy will be:
      1) call saveIncrementalForExternalSigning and get the signing content
      2) set a dummy singature, e.g. externalSigning.setSignature(new byte[0]);
      3) before closing, get the ByteRange from the signature object
      4) after getting the real signature, sign with the help of the byte range. The file must be reopened, but PDFBox isn't needed, one just writes the ascii hex signature at the proper place.




            • Assignee:
              tilman Tilman Hausherr
              tilman Tilman Hausherr
            • Votes:
              0 Vote for this issue
              2 Start watching this issue


              • Created: