You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@pdfbox.apache.org by ti...@apache.org on 2017/07/17 15:51:07 UTC
svn commit: r1802162 -
/pdfbox/trunk/examples/src/main/java/org/apache/pdfbox/examples/signature/CreateSignatureBase.java
Author: tilman
Date: Mon Jul 17 15:51:07 2017
New Revision: 1802162
URL: http://svn.apache.org/viewvc?rev=1802162&view=rev
Log:
PDFBOX-3017: include certificate chain, as suggested by Aleksei Balan
Modified:
pdfbox/trunk/examples/src/main/java/org/apache/pdfbox/examples/signature/CreateSignatureBase.java
Modified: pdfbox/trunk/examples/src/main/java/org/apache/pdfbox/examples/signature/CreateSignatureBase.java
URL: http://svn.apache.org/viewvc/pdfbox/trunk/examples/src/main/java/org/apache/pdfbox/examples/signature/CreateSignatureBase.java?rev=1802162&r1=1802161&r2=1802162&view=diff
==============================================================================
--- pdfbox/trunk/examples/src/main/java/org/apache/pdfbox/examples/signature/CreateSignatureBase.java (original)
+++ pdfbox/trunk/examples/src/main/java/org/apache/pdfbox/examples/signature/CreateSignatureBase.java Mon Jul 17 15:51:07 2017
@@ -28,6 +28,7 @@ import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
+import java.util.Arrays;
import java.util.Enumeration;
import java.util.List;
import org.apache.pdfbox.cos.COSArray;
@@ -65,6 +66,7 @@ public abstract class CreateSignatureBas
{
private PrivateKey privateKey;
private Certificate certificate;
+ private Certificate[] certificateChain;
private TSAClient tsaClient;
private boolean externalSigning;
@@ -98,7 +100,8 @@ public abstract class CreateSignatureBas
{
continue;
}
- cert = certChain[0];
+ setCertificateChain(certChain);
+ cert = keystore.getCertificate(alias);
setCertificate(cert);
if (cert instanceof X509Certificate)
{
@@ -124,6 +127,11 @@ public abstract class CreateSignatureBas
this.certificate = certificate;
}
+ public final void setCertificateChain(final Certificate[] certificateChain)
+ {
+ this.certificateChain = certificateChain;
+ }
+
public void setTsaClient(TSAClient tsaClient)
{
this.tsaClient = tsaClient;
@@ -137,7 +145,7 @@ public abstract class CreateSignatureBas
/**
* We just extend CMS signed Data
*
- * @param signedData ´Generated CMS signed data
+ * @param signedData Generated CMS signed data
* @return CMSSignedData Extended CMS signed data
* @throws IOException
* @throws org.bouncycastle.tsp.TSPException
@@ -212,6 +220,7 @@ public abstract class CreateSignatureBas
try
{
List<Certificate> certList = new ArrayList<>();
+ certList.addAll(Arrays.asList(certificateChain));
certList.add(certificate);
Store certs = new JcaCertStore(certList);
CMSSignedDataGenerator gen = new CMSSignedDataGenerator();