Uploaded image for project: 'PDFBox'
  1. PDFBox
  2. PDFBOX-3552

Allow external signing in two steps

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 2.0.3
    • Fix Version/s: 2.0.4, 3.0.0 PDFBox
    • Component/s: Signing
    • Labels:
      None

      Description

      As requested by user Fabricio Pombo Koch in the mailing list:

      I'm trying to sign a PDF with an external service. This service receives the PDF's content (hash) and returns the signature (hash).
      I followed the "CreateSignature" and "CreateVisibleSignature" examples and I was able to make it works.
      But, I need to sign the PDF in 2 steps:
      1- Get PDF's content, calculate the hash and send the hash to the service that is responsible to sign the hash.
      2- Get the signature hash returned from the service and insert it into my PDF.

      Note that in the 2nd step I'm not in the same context from 1st step, so, I can't access the PDF that was loaded in step 1. I would need to load it again.

      As discussed in the mailing list, the strategy will be:
      1) call saveIncrementalForExternalSigning and get the signing content
      2) set a dummy singature, e.g. externalSigning.setSignature(new byte[0]);
      3) before closing, get the ByteRange from the signature object
      4) after getting the real signature, sign with the help of the byte range. The file must be reopened, but PDFBox isn't needed, one just writes the ascii hex signature at the proper place.

        Attachments

          Activity

            People

            • Assignee:
              tilman Tilman Hausherr
              Reporter:
              tilman Tilman Hausherr
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: