You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@pdfbox.apache.org by "ASF subversion and git services (JIRA)" <ji...@apache.org> on 2016/11/02 17:55:58 UTC

[jira] [Commented] (PDFBOX-3552) Allow external signing in two steps

    [ https://issues.apache.org/jira/browse/PDFBOX-3552?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15629829#comment-15629829 ] 

ASF subversion and git services commented on PDFBOX-3552:
---------------------------------------------------------

Commit 1767747 from [~tilman] in branch 'pdfbox/branches/2.0'
[ https://svn.apache.org/r1767747 ]

PDFBOX-3552: update ByteRange COSArray so that users can access the actual values before closing

> Allow external signing in two steps
> -----------------------------------
>
>                 Key: PDFBOX-3552
>                 URL: https://issues.apache.org/jira/browse/PDFBOX-3552
>             Project: PDFBox
>          Issue Type: Improvement
>          Components: Signing
>    Affects Versions: 2.0.3
>            Reporter: Tilman Hausherr
>            Assignee: Tilman Hausherr
>             Fix For: 2.0.4, 2.1.0
>
>
> As requested by user Fabricio Pombo Koch in the mailing list:
> {quote}
> I'm trying to sign a PDF with an external service. This service receives the PDF's content (hash) and returns the signature (hash).
> I followed the "CreateSignature" and "CreateVisibleSignature" examples and I was able to make it works.
> But, I need to sign the PDF in 2 steps:
> 1- Get PDF's content, calculate the hash and send the hash to the service that is responsible to sign the hash.
> 2- Get the signature hash returned from the service and insert it into my PDF. 
> Note that in the 2nd step I'm not in the same context from 1st step, so, I can't access the PDF that was loaded in step 1. I would need to load it again.
> {quote}
> As discussed in the mailing list, the strategy will be:
> 1) call {{saveIncrementalForExternalSigning}} and get the signing content
> 2) set a dummy singature, e.g. {{externalSigning.setSignature(new byte\[0]);}}
> 3) before closing, get the ByteRange from the signature object
> 4) after getting the real signature, sign with the help of the byte range. The file must be reopened, but PDFBox isn't needed, one just writes the ascii hex signature at the proper place.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@pdfbox.apache.org
For additional commands, e-mail: dev-help@pdfbox.apache.org