CODEWITHSUNDEEP
javaitextbouncycastlepdfbox
user1454674
user1454674

Reputation:

how to add timestamp without Digital Signature

I want to add Time Stamp to my PDF document (without Digital Signature). How can I do this?

I can do it with Digital signature using Itext ( I have here TSAClient):

MakeSignature.signDetached(appearance, digest, signature, chain, null, null, tsa, 0, subfilter);

but how to do similar thing without digital signature? using Bouncy Castle or Itext or Pdfbox... or with another library..

Upvotes: 0

Views: 4510

Answers (3)

b.s
b.s

Reputation: 2755

Using iText7 you can add DTS (Document Timestamping) by invoking the following method of PdfSigner class.

ITSAClient tsa = new TSAClientBouncyCastle(tsaUrl, tsaUser, tsaPass);
pdfSigner.timestamp(tsa, "SignatureTimeStamp");

or

ITSAClient tsa = new TSAClientBouncyCastle(tsaUrl, tsaUser, tsaPass, 8192, "SHA-256"); 
pdfSigner.timestamp(tsa, "SignatureTimeStamp");

Also, java documentation

/**
 * Signs a document with a PAdES-LTV Timestamp. The document is closed at the end.
 * NOTE: This method closes the underlying pdf document. This means, that current instance
 * of PdfSigner cannot be used after this method call.
 *
 * @param tsa           the timestamp generator
 * @param signatureName the signature name or null to have a name generated
 *                      automatically
 * @throws IOException
 * @throws GeneralSecurityException
 */

Upvotes: 0

Vladyslav
Vladyslav

Reputation: 41

To do that with PDFBox, you need some simple SignatureInterface implementation like this:

public class TimestampSignatureImpl implements SignatureInterface {
    private TSAClient tsaClient;
    public TimestampSignatureImpl(TSAClient tsaClient) {
        super();
        this.tsaClient = tsaClient;
    }
    @Override
    public byte[] sign(InputStream paramInputStream) throws IOException {
        return tsaClient.getTimeStampToken(IOUtils.toByteArray(paramInputStream));
    }
}

and some PDSignature like this:

PDSignature signature = new PDSignature();
signature.setFilter(PDSignature.FILTER_ADOBE_PPKLITE); 
signature.setSubFilter(COSName.getPDFName("ETSI.RFC3161"));
signature.setSignDate(Calendar.getInstance());

Then sign your pdf like this:

PDDocument pdf = PDDocument.load(inputFile);
MessageDigest digest = MessageDigest.getInstance("SHA-256");
TSAClient tsaClient = new TSAClient(new URL("your time stamp authority"), null, null, digest);
pdf.addSignature(signature, new TimestampSignatureImpl(tsaClient));
pdf.saveIncremental(new FileOutputStream(outputFile));
pdf.close();

P.S: TSAClient is taken from PDFBox examples.

Upvotes: 3

mkl
mkl

Reputation: 96064

In iText you are looking for

LtvTimestamp.timestamp(appearance, tsa, signatureName);

Also cf. the JavaDoc documentation:

/**
 * Signs a document with a PAdES-LTV Timestamp. The document is closed at the end.
 * @param sap the signature appearance
 * @param tsa the timestamp generator
 * @param signatureName the signature name or null to have a name generated
 * automatically
 * @throws DocumentException 
 * @throws IOException 
 * @throws GeneralSecurityException
 */

You might want to read section 5.4.1 Adding a Document Security Store (DSS) and a Document-Level Timestamp in Digital Signatures for PDF documents for the use in context.

Be aware, document level time stamps are not properly recognized by old PDF viewers as they entered the PDF world only fairly recently, i.e. with PAdES-4.

Upvotes: 4

Related Questions