You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@pdfbox.apache.org by ti...@apache.org on 2020/10/08 17:15:21 UTC
svn commit: r1882329 -
/pdfbox/branches/2.0/examples/src/main/java/org/apache/pdfbox/examples/signature/SigUtils.java
Author: tilman
Date: Thu Oct 8 17:15:20 2020
New Revision: 1882329
URL: http://svn.apache.org/viewvc?rev=1882329&view=rev
Log:
PDFBOX-3017: certify signature must be the first one (mentioned by Dr. Bernd Wild in OctoberPDFest webinar)
Modified:
pdfbox/branches/2.0/examples/src/main/java/org/apache/pdfbox/examples/signature/SigUtils.java
Modified: pdfbox/branches/2.0/examples/src/main/java/org/apache/pdfbox/examples/signature/SigUtils.java
URL: http://svn.apache.org/viewvc/pdfbox/branches/2.0/examples/src/main/java/org/apache/pdfbox/examples/signature/SigUtils.java?rev=1882329&r1=1882328&r2=1882329&view=diff
==============================================================================
--- pdfbox/branches/2.0/examples/src/main/java/org/apache/pdfbox/examples/signature/SigUtils.java (original)
+++ pdfbox/branches/2.0/examples/src/main/java/org/apache/pdfbox/examples/signature/SigUtils.java Thu Oct 8 17:15:20 2020
@@ -122,16 +122,29 @@ public class SigUtils
}
/**
- * Set the access permissions granted for this document in the DocMDP transform parameters
- * dictionary. Details are described in the table "Entries in the DocMDP transform parameters
- * dictionary" in the PDF specification.
+ * Set the "modification detection and prevention" permissions granted for this document in the
+ * DocMDP transform parameters dictionary. Details are described in the table "Entries in the
+ * DocMDP transform parameters dictionary" in the PDF specification.
*
* @param doc The document.
* @param signature The signature object.
* @param accessPermissions The permission value (1, 2 or 3).
+ *
+ * @throws IOException if a signature exists.
*/
public static void setMDPPermission(PDDocument doc, PDSignature signature, int accessPermissions)
+ throws IOException
{
+ for (PDSignature sig : doc.getSignatureDictionaries())
+ {
+ if (sig.getCOSObject().containsKey(COSName.CONTENTS))
+ {
+ // "A document can contain only one signature field that contains
+ // a DocMDP transform method; it shall be the first signed field in the document."
+ throw new IOException("DocMDP transform method not allowed if a signature exists");
+ }
+ }
+
COSDictionary sigDict = signature.getCOSObject();
// DocMDP specific stuff