You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@pdfbox.apache.org by "Tilman Hausherr (JIRA)" <ji...@apache.org> on 2018/12/09 08:16:00 UTC
[jira] [Closed] (PDFBOX-3390) Code sample for create a PDF
PADES-LTV
[ https://issues.apache.org/jira/browse/PDFBOX-3390?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Tilman Hausherr closed PDFBOX-3390.
-----------------------------------
Resolution: Implemented
Implemented (mostly) in PDFBOX-3984. Further work is being done in PDFBOX-3017. See also the comment by mkl on 21.11.2018.
> Code sample for create a PDF PADES-LTV
> --------------------------------------
>
> Key: PDFBOX-3390
> URL: https://issues.apache.org/jira/browse/PDFBOX-3390
> Project: PDFBox
> Issue Type: New Feature
> Components: Signing
> Affects Versions: 2.0.2
> Reporter: Leuqarut
> Priority: Minor
> Labels: build, test
>
> 0
> down vote
> favorite
> I'm using PDFBox 2.0 I would like to create a PDF with PADES-LTV format but not me steps to do so. My question is on the part of the LTV parameters and when applied.
> Need to know at what point are added and how
> I put part of my code if you can guide me.But I am using the example of signing it PDFBox
> https://svn.apache.org/viewvc/pdfbox/trunk/examples/src/main/java/org/apache/pdfbox/examples/signature/
> I have this information but not how to apply it PDFBox
> According to ETSI TS 102 778-4 V1.1.2 (2009-12) the structure of a PDF document to which LTV is applied is illustrated in figure 2.
> Figure 2: Illustration of PDF Document with LTV
> The life-time of the protection can be further extended beyond the life-of the last document Time-stamp applied by adding further DSS information to validate the previous last document Time-stamp along with a new document Time-stamp. This is illustrated in figure 3.
> Figure 3: Illustration of PDF Document with repeated LTV
> On the other hand, according to Adobe (as written by their PDF evangelist Leonard Rosenthol on the iText mailing list in January 2013),
> LTV enabled means that all information necessary to validate the file (minus root certs) is contained within. So this statement of yours would be true.
> the PDF is signed correctly and contains all necessary certificates, a valid CRL or OSCP response for every certificate But since the only way for that statement to be true is for the presence of DSS, you must have DSS for LTV-enabled to appear. No timestamp (regular or document level) is required. Due to this divergence PDF documents with LTV according to ETSI usually are presented by Adobe software to have one not LTV-enabled document time stamp.
> reference (for itext) :http://stackoverflow.com/questions/27892960/how-to-enable-ltv-for-a-timestamp-signature
> Thanks in advance
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@pdfbox.apache.org
For additional commands, e-mail: dev-help@pdfbox.apache.org