You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@pdfbox.apache.org by "Vittal Aithal (JIRA)" <ji...@apache.org> on 2016/07/11 17:09:10 UTC

[jira] [Created] (PDFBOX-3416) CreateVisibleSignature example does not use the correct alias

Vittal Aithal created PDFBOX-3416:
-------------------------------------

             Summary: CreateVisibleSignature example does not use the correct alias
                 Key: PDFBOX-3416
                 URL: https://issues.apache.org/jira/browse/PDFBOX-3416
             Project: PDFBox
          Issue Type: Improvement
          Components: Signing
    Affects Versions: 2.1.0
         Environment: OS X 10.11.5

java version "1.8.0_92"
Java(TM) SE Runtime Environment (build 1.8.0_92-b14)
Java HotSpot(TM) 64-Bit Server VM (build 25.92-b14, mixed mode)

            Reporter: Vittal Aithal


When attempting to use the create visible signature example with a valid pfx from Ascertia, the following is thrown:

{quote}
Exception in thread "main" java.lang.NullPointerException
	at org.apache.pdfbox.examples.signature.CreateVisibleSignature.<init>(CreateVisibleSignature.java:102)
	at org.apache.pdfbox.examples.signature.CreateVisibleSignature.main(CreateVisibleSignature.java:228)
{quote}

It appears the first alias in the key file can not be found. However, iterating through the aliases to find a certificate that can be used does work.

The following patch will iterate through the aliases until a workable alias is found.

{code}
--- CreateVisibleSignature.java	2016-07-11 17:54:42.000000000 +0100
+++ CreateVisibleSignature.java.new	2016-07-11 17:54:21.000000000 +0100
@@ -90,21 +90,26 @@
         // alias that should be used.
         Enumeration<String> aliases = keystore.aliases();
         String alias = null;
-        if (aliases.hasMoreElements())
-        {
+        Certificate cert = null;
+        while (aliases.hasMoreElements()) {
             alias = aliases.nextElement();
+            setPrivateKey((PrivateKey) keystore.getKey(alias, pin));
+            Certificate[] certChain = keystore.getCertificateChain(alias);
+            if (certChain == null) {
+                continue;
+            }
+            cert = certChain[0];
+            setCertificate(cert);
+            if (cert instanceof X509Certificate)
+            {
+                // avoid expired certificate
+                ((X509Certificate) cert).checkValidity();
+            }
+            break;
         }
-        else
-        {
-            throw new IOException("Could not find alias");
-        }
-        setPrivateKey((PrivateKey) keystore.getKey(alias, pin));
-        Certificate cert = keystore.getCertificateChain(alias)[0];
-        setCertificate(cert);
-        if (cert instanceof X509Certificate)
-        {
-            // avoid expired certificate
-            ((X509Certificate) cert).checkValidity();
+
+        if (cert == null) {
+            throw new IOException("Could not find certificate");
         }
     }
{code}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@pdfbox.apache.org
For additional commands, e-mail: dev-help@pdfbox.apache.org