[
https://issues.apache.org/jira/browse/PDFBOX-912?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12974926#action_12974926
]
Thomas Chojecki commented on PDFBOX-912:
----------------------------------------
first of all, merry xmas and a happy new year.
sry for the late answer. i'm relocated this month and still waiting for my
internet.
@ Adam Nichols added a comment - 17/Dec/10 05:26 AM
to pass the int[] isn't a good idea.
1. the signature interface should be abstract as possible. so it should help
the user to implement a crypto library as easy as possible.
2. the byterange can only be calculated inside the pdfbox, why inform the sign
library about the byterange and make it harder to implement a
filterinputstream. for each implementation.
Adam Nichols added a comment - 23/Dec/10 11:14 AM
setConents(new byte[...]) is set to the large size because we used the
implementation for some signature cards that used a large certificate chain.
the amount of bytes can be set lower or a better way is to calculate the
certificate chain size before writing it down into the signature.
a other way is to give the pdfbox a size for the signature via the class
signatureoptions. so the user can set his own size.
Sry for the german comments inside the code. there is so much code i can't
handle it self without comments and the easiest and fastest way are german
comments for me :) But i will do some english comments for new code.
ps: your german seams to be good ;)
Optimization:
1. The method saveIncremental(...) should accept the same param as the save()
method. The cause why i used a input and output stream for params is, because i
need to read the whole file again for writing the signature on the right place.
There is no way to mix a input/outputstream so maybe a random access file is a
better solution.
2. can the signature implemention be an own jar file? not every person need
this implementation for the pdfbox. the incremental update i thing will not
working in the regular code at all.
3. the signature implementation doesn't work with encrypted or with linearized
documents. for linearized documents there need to be a xrefstream writer as
well. encrypted documents need to be decrypted before signing it.
hope you can understand my english :) got my secound xmas drink (glühwein /
eierpunsch) now and can hardly write.
> PDF signing interface and improvments
> -------------------------------------
>
> Key: PDFBOX-912
> URL: https://issues.apache.org/jira/browse/PDFBOX-912
> Project: PDFBox
> Issue Type: Improvement
> Components: PDFReader, PDModel, PDModel.AcroForm, Writing
> Affects Versions: 1.4.0
> Reporter: Thomas Chojecki
> Assignee: Adam Nichols
> Priority: Minor
> Attachments: cos_object_improvement_patch.txt,
> fields_annotations_patch.txt, interface_options_patch.txt, io_patch.txt,
> main_documents_patch.txt, parser_patch.txt, signature_exception_patch.txt,
> test.pdf, test_signed.pdf, writer_patch.txt
>
>
> This is a first version of a signing interface for pdfbox. There are some
> design issues i could not handle without rewriting too much of the code.
> Here we go:
> - incremental update support (tested for signatures with pdf/a
> compatibility), not compatible with encrypted documents nor with xref-streams
> - cos object improvment
> -- COSString with ability to force writing hexbin for given string
> -- COSBase with ability to write direct into a dictionary (that means if
> this is set, no indirect object will be wrote) (sry hard to explain what i
> mean, actualy needed for incremental update to lower the rate of indirect
> objects)
> -- COSBase with ability to force writing object (this hook help the
> COSWriter write needed objects for inkremental update)
> -- COSName added new names
> -- COSDocument some getter and setter for handling new signature and
> incremental features
> - SignatureException with some exceptions for handling the bunch of new
> possible errors
> -Parser improvments
> -- PDFParser saves now the position of the last startxref
> -- VisualSignatureParser (hook for parsing visual signature templates)
> (it's only for prepared visualisation that should be merged with the document)
> -IO improvments
> -- COSFilterInput helps to find the proper content that should be hashed /
> signed
> -- COSStandardOutputStream is tricky, it helps the writer to jump to the
> right place in the document
> -- COSWriter got some improvments for incremental update
> -- COSWriterXRefEntry needed for incremental updates and writing the new
> Xref table
> - PDDocument
> -- got a new method addSignature with the needed implementation (do the
> whole signature stuff)
> -- cleanup
> - Fields and Annotations
> -- PDSignature represent the signature dictionary
> -- PDSignatureFild / Annotation are the visible & unvisible signature
> representations
> - Signature Interface and options
> -- SignatureInterface the interface that shall be implemented for proper
> signing
> -- SignatureOptions, some additional options for signing
> Patch splited into pieces
> sry for spelling, didn't include a spellchecker for english.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
