[
https://issues.apache.org/jira/browse/PDFBOX-1847?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13938516#comment-13938516
]
John Hewson edited comment on PDFBOX-1847 at 3/17/14 10:55 PM:
---------------------------------------------------------------
[~v.koroghlishvili] Ok, I applied the changes discussed in revision 1578650. I
made some significant changes to the patch so that the singing functionality
can be moved into pdfbox proper, rather than being part of the examples.
Currently the code remains part of the examples until we're sure it works. Can
you test out the new code and see if signing is working as you expected?
I've added a command line flag to CreateSignature to allow passing a TSA server
URL:
{code}
usage: java org.apache.pdfbox.examples.signature.CreateSignature
<pkcs12_keystore> <password> <pdf_to_sign>
options:
-tsa <url> sign timestamp using the given TSA server
{code}
*Technical Notes*
Revision 1578650 includes changes to various other files,
COSStandardOutputStream assumed that the OutputStream was always a
FileOutputStream, which is obviously an unsafe assumption, in fact, output
streams do not generally have a "position" at all, so I removed all code which
broke that contract. COSWriter was treating its incremental update streams in a
strange manner, it wanted the InputStream and OutputStream to be backed by the
same underlying data, which is not generally possible, so I had to write new
code to perform incremental writing in order not to break the Input/Output
stream contract. This allows the incremental file to be written to a different
stream from the one which was read. I also added some new loading and saving
methods to PDDocument to make incremental updating easier, and to automatically
keep track of File objects, when relevant.
was (Author: jahewson):
[~v.koroghlishvili] Ok, I applied the changes discussed in revision 1578650. I
made some significant changes to the patch so that the singing functionality
can be moved into pdfbox proper, rather than being part of the examples.
Currently the code remains part of the examples until we're sure it works. Can
you test out the new code and see if signing is working as you expected?
*Technical Notes*
Revision 1578650 includes changes to various other files,
COSStandardOutputStream assumed that the OutputStream was always a
FileOutputStream, which is obviously an unsafe assumption, in fact, output
streams do not generally have a "position" at all, so I removed all code which
broke that contract. COSWriter was treating its incremental update streams in a
strange manner, it wanted the InputStream and OutputStream to be backed by the
same underlying data, which is not generally possible, so I had to write new
code to perform incremental writing in order not to break the Input/Output
stream contract. This allows the incremental file to be written to a different
stream from the one which was read. I also added some new loading and saving
methods to PDDocument to make incremental updating easier, and to automatically
keep track of File objects, when relevant.
> TSA Time Signature
> ------------------
>
> Key: PDFBOX-1847
> URL: https://issues.apache.org/jira/browse/PDFBOX-1847
> Project: PDFBox
> Issue Type: Improvement
> Components: Signing
> Affects Versions: 2.0.0
> Reporter: vakhtang koroghlishvili
> Assignee: John Hewson
> Fix For: 2.0.0
>
> Attachments: CreateSignature-updated.java.patch,
> TSATimeSignature.patch, resultOfSigning.jpg
>
>
> When we was signing document, we was using time from our time. For more
> security we can use Time Stamp server.
> "Trusted timestamping is the process of securely keeping track of the
> creation and modification time of a document. Security here means that no one
> — not even the owner of the document — should be able to change it once it
> has been recorded provided that the timestamper's integrity is never
> compromised."(wiki)
--
This message was sent by Atlassian JIRA
(v6.2#6252)
