You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@pdfbox.apache.org by ti...@apache.org on 2016/07/11 17:38:59 UTC
svn commit: r1752186 - in
/pdfbox/trunk/examples/src/main/java/org/apache/pdfbox/examples/signature:
CreateSignature.java CreateSignatureBase.java CreateVisibleSignature.java
Author: tilman
Date: Mon Jul 11 17:38:59 2016
New Revision: 1752186
URL: http://svn.apache.org/viewvc?rev=1752186&view=rev
Log:
PDFBOX-3416: avoid NullPointerException as suggested by Vittal Aithal; refactor double code
Modified:
pdfbox/trunk/examples/src/main/java/org/apache/pdfbox/examples/signature/CreateSignature.java
pdfbox/trunk/examples/src/main/java/org/apache/pdfbox/examples/signature/CreateSignatureBase.java
pdfbox/trunk/examples/src/main/java/org/apache/pdfbox/examples/signature/CreateVisibleSignature.java
Modified: pdfbox/trunk/examples/src/main/java/org/apache/pdfbox/examples/signature/CreateSignature.java
URL: http://svn.apache.org/viewvc/pdfbox/trunk/examples/src/main/java/org/apache/pdfbox/examples/signature/CreateSignature.java?rev=1752186&r1=1752185&r2=1752186&view=diff
==============================================================================
--- pdfbox/trunk/examples/src/main/java/org/apache/pdfbox/examples/signature/CreateSignature.java (original)
+++ pdfbox/trunk/examples/src/main/java/org/apache/pdfbox/examples/signature/CreateSignature.java Mon Jul 11 17:38:59 2016
@@ -56,36 +56,17 @@ public class CreateSignature extends Cre
/**
* Initialize the signature creator with a keystore and certficate password.
* @param keystore the pkcs12 keystore containing the signing certificate
- * @param password the password for recovering the key
+ * @param pin the password for recovering the key
* @throws KeyStoreException if the keystore has not been initialized (loaded)
* @throws NoSuchAlgorithmException if the algorithm for recovering the key cannot be found
* @throws UnrecoverableKeyException if the given password is wrong
* @throws CertificateException if the certificate is not valid as signing time
+ * @throws IOException if no certificate could be found
*/
- public CreateSignature(KeyStore keystore, char[] password)
- throws KeyStoreException, UnrecoverableKeyException, NoSuchAlgorithmException, CertificateException
+ public CreateSignature(KeyStore keystore, char[] pin)
+ throws KeyStoreException, UnrecoverableKeyException, NoSuchAlgorithmException, CertificateException, IOException
{
- // grabs the first alias from the keystore and get the private key. An
- // TODO alternative method or constructor could be used for setting a specific
- // alias that should be used.
- Enumeration<String> aliases = keystore.aliases();
- String alias;
- if (aliases.hasMoreElements())
- {
- alias = aliases.nextElement();
- }
- else
- {
- throw new KeyStoreException("Keystore is empty");
- }
- setPrivateKey((PrivateKey) keystore.getKey(alias, password));
- Certificate cert = keystore.getCertificateChain(alias)[0];
- setCertificate(cert);
- if (cert instanceof X509Certificate)
- {
- // avoid expired certificate
- ((X509Certificate) cert).checkValidity();
- }
+ super(keystore, pin);
}
/**
Modified: pdfbox/trunk/examples/src/main/java/org/apache/pdfbox/examples/signature/CreateSignatureBase.java
URL: http://svn.apache.org/viewvc/pdfbox/trunk/examples/src/main/java/org/apache/pdfbox/examples/signature/CreateSignatureBase.java?rev=1752186&r1=1752185&r2=1752186&view=diff
==============================================================================
--- pdfbox/trunk/examples/src/main/java/org/apache/pdfbox/examples/signature/CreateSignatureBase.java (original)
+++ pdfbox/trunk/examples/src/main/java/org/apache/pdfbox/examples/signature/CreateSignatureBase.java Mon Jul 11 17:38:59 2016
@@ -19,9 +19,16 @@ package org.apache.pdfbox.examples.signa
import java.io.IOException;
import java.io.InputStream;
import java.security.GeneralSecurityException;
+import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
+import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
+import java.security.cert.CertificateException;
+import java.security.cert.X509Certificate;
import java.util.ArrayList;
+import java.util.Enumeration;
import java.util.List;
import org.apache.pdfbox.pdmodel.interactive.digitalsignature.SignatureInterface;
import org.bouncycastle.asn1.ASN1Encodable;
@@ -54,12 +61,58 @@ public abstract class CreateSignatureBas
private Certificate certificate;
private TSAClient tsaClient;
- public void setPrivateKey(PrivateKey privateKey)
+ /**
+ * Initialize the signature creator with a keystore (pkcs12) and pin that should be used for the
+ * signature.
+ *
+ * @param keystore is a pkcs12 keystore.
+ * @param pin is the pin for the keystore / private key
+ * @throws KeyStoreException if the keystore has not been initialized (loaded)
+ * @throws NoSuchAlgorithmException if the algorithm for recovering the key cannot be found
+ * @throws UnrecoverableKeyException if the given password is wrong
+ * @throws CertificateException if the certificate is not valid as signing time
+ * @throws IOException if no certificate could be found
+ */
+ public CreateSignatureBase(KeyStore keystore, char[] pin)
+ throws KeyStoreException, UnrecoverableKeyException, NoSuchAlgorithmException, IOException, CertificateException
+ {
+ // grabs the first alias from the keystore and get the private key. An
+ // alternative method or constructor could be used for setting a specific
+ // alias that should be used.
+ Enumeration<String> aliases = keystore.aliases();
+ String alias;
+ Certificate cert = null;
+ while (aliases.hasMoreElements())
+ {
+ alias = aliases.nextElement();
+ setPrivateKey((PrivateKey) keystore.getKey(alias, pin));
+ Certificate[] certChain = keystore.getCertificateChain(alias);
+ if (certChain == null)
+ {
+ continue;
+ }
+ cert = certChain[0];
+ setCertificate(cert);
+ if (cert instanceof X509Certificate)
+ {
+ // avoid expired certificate
+ ((X509Certificate) cert).checkValidity();
+ }
+ break;
+ }
+
+ if (cert == null)
+ {
+ throw new IOException("Could not find certificate");
+ }
+ }
+
+ public final void setPrivateKey(PrivateKey privateKey)
{
this.privateKey = privateKey;
}
- public void setCertificate(Certificate certificate)
+ public final void setCertificate(Certificate certificate)
{
this.certificate = certificate;
}
Modified: pdfbox/trunk/examples/src/main/java/org/apache/pdfbox/examples/signature/CreateVisibleSignature.java
URL: http://svn.apache.org/viewvc/pdfbox/trunk/examples/src/main/java/org/apache/pdfbox/examples/signature/CreateVisibleSignature.java?rev=1752186&r1=1752185&r2=1752186&view=diff
==============================================================================
--- pdfbox/trunk/examples/src/main/java/org/apache/pdfbox/examples/signature/CreateVisibleSignature.java (original)
+++ pdfbox/trunk/examples/src/main/java/org/apache/pdfbox/examples/signature/CreateVisibleSignature.java Mon Jul 11 17:38:59 2016
@@ -81,31 +81,12 @@ public class CreateVisibleSignature exte
* @throws NoSuchAlgorithmException if the algorithm for recovering the key cannot be found
* @throws UnrecoverableKeyException if the given password is wrong
* @throws CertificateException if the certificate is not valid as signing time
+ * @throws IOException if no certificate could be found
*/
public CreateVisibleSignature(KeyStore keystore, char[] pin)
throws KeyStoreException, UnrecoverableKeyException, NoSuchAlgorithmException, IOException, CertificateException
{
- // grabs the first alias from the keystore and get the private key. An
- // alternative method or constructor could be used for setting a specific
- // alias that should be used.
- Enumeration<String> aliases = keystore.aliases();
- String alias = null;
- if (aliases.hasMoreElements())
- {
- alias = aliases.nextElement();
- }
- else
- {
- throw new IOException("Could not find alias");
- }
- setPrivateKey((PrivateKey) keystore.getKey(alias, pin));
- Certificate cert = keystore.getCertificateChain(alias)[0];
- setCertificate(cert);
- if (cert instanceof X509Certificate)
- {
- // avoid expired certificate
- ((X509Certificate) cert).checkValidity();
- }
+ super(keystore, pin);
}
/**