You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@pdfbox.apache.org by "Vittal Aithal (JIRA)" <ji...@apache.org> on 2016/07/11 17:09:10 UTC
[jira] [Created] (PDFBOX-3416) CreateVisibleSignature example does
not use the correct alias
Vittal Aithal created PDFBOX-3416:
-------------------------------------
Summary: CreateVisibleSignature example does not use the correct alias
Key: PDFBOX-3416
URL: https://issues.apache.org/jira/browse/PDFBOX-3416
Project: PDFBox
Issue Type: Improvement
Components: Signing
Affects Versions: 2.1.0
Environment: OS X 10.11.5
java version "1.8.0_92"
Java(TM) SE Runtime Environment (build 1.8.0_92-b14)
Java HotSpot(TM) 64-Bit Server VM (build 25.92-b14, mixed mode)
Reporter: Vittal Aithal
When attempting to use the create visible signature example with a valid pfx from Ascertia, the following is thrown:
{quote}
Exception in thread "main" java.lang.NullPointerException
at org.apache.pdfbox.examples.signature.CreateVisibleSignature.<init>(CreateVisibleSignature.java:102)
at org.apache.pdfbox.examples.signature.CreateVisibleSignature.main(CreateVisibleSignature.java:228)
{quote}
It appears the first alias in the key file can not be found. However, iterating through the aliases to find a certificate that can be used does work.
The following patch will iterate through the aliases until a workable alias is found.
{code}
--- CreateVisibleSignature.java 2016-07-11 17:54:42.000000000 +0100
+++ CreateVisibleSignature.java.new 2016-07-11 17:54:21.000000000 +0100
@@ -90,21 +90,26 @@
// alias that should be used.
Enumeration<String> aliases = keystore.aliases();
String alias = null;
- if (aliases.hasMoreElements())
- {
+ Certificate cert = null;
+ while (aliases.hasMoreElements()) {
alias = aliases.nextElement();
+ setPrivateKey((PrivateKey) keystore.getKey(alias, pin));
+ Certificate[] certChain = keystore.getCertificateChain(alias);
+ if (certChain == null) {
+ continue;
+ }
+ cert = certChain[0];
+ setCertificate(cert);
+ if (cert instanceof X509Certificate)
+ {
+ // avoid expired certificate
+ ((X509Certificate) cert).checkValidity();
+ }
+ break;
}
- else
- {
- throw new IOException("Could not find alias");
- }
- setPrivateKey((PrivateKey) keystore.getKey(alias, pin));
- Certificate cert = keystore.getCertificateChain(alias)[0];
- setCertificate(cert);
- if (cert instanceof X509Certificate)
- {
- // avoid expired certificate
- ((X509Certificate) cert).checkValidity();
+
+ if (cert == null) {
+ throw new IOException("Could not find certificate");
}
}
{code}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@pdfbox.apache.org
For additional commands, e-mail: dev-help@pdfbox.apache.org