ApprovalSignature

All Superinterfaces:

PdfSignatureDetails

All Known Subinterfaces:

CertificationSignature

All Known Implementing Classes:

ApprovalSignatureItext, ApprovalSignaturePdfBox, CertificationSignatureItext, CertificationSignaturePdfBox
```
public interface ApprovalSignature
extends PdfSignatureDetails
```
Standard PDF signature as specified in the PDF specification (PDF 32000).

Method Summary

All Methods Instance Methods Abstract Methods
Modifier and Type	Method and Description
`iaik.x509.X509Certificate[]`	`getCertificateChain(CadesSignature cadesSignature)` Get the signer's certificate chain.
`CadesSignature`	`getCMSSignature()` Extracts the CMS signature included in the PDF signature dictionary.
`boolean`	`getCrlRevocationStatus()` Checks whether the signer's certificate is contained in the crl that is included in the signature's revocation information.
`byte[]`	`getEncodedCmsSignature()` Get the original encoding of the CMS signature as included in the PDF signature dictionary.
`iaik.x509.ocsp.CertStatus`	`getOcspRevocationStatus()` Parses the OCSP responses included in the signature's revocation information.
`RevocationInfoArchival`	`getRevocationInformation()` Extract revocation information if included.
`SignatureTimeStamp[]`	`getSignatureTimeStamps()` Extract all included signature timestamps.
`iaik.tsp.TimeStampToken`	`getSignatureTimeStampToken()` Extract signature timestamp token if included.
`iaik.x509.X509Certificate`	`getSignerCertificate()` Returns the signer certificate.
`void`	`verifySignatureTimestampImprint()` Verify signature timestamp if included.
`void`	`verifySignatureTimestampImprint(iaik.x509.X509Certificate tsa_certificate)` Verify signature timestamp if included.
`void`	`verifySignatureTimestamps()` Verify all included signature timestamps.
`iaik.x509.X509Certificate`	`verifySignatureValue()` Verify the signature value.

Methods inherited from interface iaik.pdf.signature.PdfSignatureDetails
getName, getRevision, getRevision, getRevision, getSignatureDictionaryDate, getSigningTime, getSubfilter, isModified

- Method Detail
  - getCMSSignature
```
CadesSignature getCMSSignature()
                        throws PdfSignatureException,
                               java.io.IOException
```
    Extracts the CMS signature included in the PDF signature dictionary.
    
    Returns:
    
    the CMS signature as instance of type CadesSignature or CadesSignatureStream
    
    Throws:
    
    PdfSignatureException - if the CMS signature can't be extracted or parsed
    
    java.io.IOException - if the CMS signature bytes can't be read
  - getEncodedCmsSignature
```
byte[] getEncodedCmsSignature()
                       throws java.io.IOException
```
    Get the original encoding of the CMS signature as included in the PDF signature dictionary.
    
    Returns:
    
    the original signature encoding
    
    Throws:
    
    java.io.IOException - if the signature can't be extracted from the PDF document
  - getRevocationInformation
```
RevocationInfoArchival getRevocationInformation()
                                         throws PdfSignatureException,
                                                CmsCadesException
```
    Extract revocation information if included.
    
    Returns:
    
    the revocation information or null, if none included
    
    Throws:
    
    CmsCadesException - if the revocation attribute can't be parsed or the revocation type is unknown
    
    PdfSignatureException - if the CMS signature can't be extracted or parsed
  - getOcspRevocationStatus
```
iaik.x509.ocsp.CertStatus getOcspRevocationStatus()
                                           throws PdfSignatureException,
                                                  CmsCadesException
```
    Parses the OCSP responses included in the signature's revocation information. If an OCSP response for the signer certificate can be found, the included certificate status is returned. If multiple OCSP responses for the signer certificate are included, the first one is used. Returns null if no matching response was found. For identifying the signer certificate, also the issuer certificate must be included in the signature. An exception is thrown, if the issuer certificate can't be found.
    
    Returns:
    
    the signer certificate's certificate status
    
    Throws:
    
    CmsCadesException - if no revocation infos are included or can't be read
    
    PdfSignatureException - if the CMS signature can't be extracted or parsed
  - getCrlRevocationStatus
```
boolean getCrlRevocationStatus()
                        throws PdfSignatureException,
                               CmsCadesException
```
    Checks whether the signer's certificate is contained in the crl that is included in the signature's revocation information.
    
    Returns:
    
    true, if the certificate is on the crl; false otherwise
    
    Throws:
    
    CmsCadesException - if no revocation infos are included or can't be read
    
    PdfSignatureException - if the CMS signature can't be extracted or parsed
  - getSignerCertificate
```
iaik.x509.X509Certificate getSignerCertificate()
                                        throws PdfSignatureException,
                                               CmsCadesException
```
    Returns the signer certificate.
    
    Returns:
    
    the signer certificate
    
    Throws:
    
    PdfSignatureException - if the CMS signature can't be extracted or parsed
    
    CmsCadesException - if requested certificate is not contained
  - getCertificateChain
```
iaik.x509.X509Certificate[] getCertificateChain(CadesSignature cadesSignature)
                                         throws PdfSignatureException,
                                                CmsCadesException
```
    Get the signer's certificate chain.
    
    Returns:
    
    the signer's certificate chain
    
    Throws:
    
    PdfSignatureException - if the CMS signature can't be extracted or parsed
    
    CmsCadesException - if requested certificate chain is not contained
  - verifySignatureValue
```
iaik.x509.X509Certificate verifySignatureValue()
                                        throws PdfSignatureException,
                                               CmsCadesException,
                                               iaik.cms.CMSSignatureException
```
    Verify the signature value.
    
    Returns:
    
    the signer certificate
    
    Throws:
    
    PdfSignatureException - if the CMS signature can't be extracted or parsed
    
    CmsCadesException - if no signature could be found
    
    iaik.cms.CMSSignatureException - if the signature turns out to be incorrect
  - getSignatureTimeStampToken
```
iaik.tsp.TimeStampToken getSignatureTimeStampToken()
                                            throws PdfSignatureException,
                                                   CmsCadesException
```
    Extract signature timestamp token if included. If more than one signature timestamp is included in this signature, the first signature timestamp token is returned.
    
    Returns:
    
    the signature timestamp token or null if none included
    
    Throws:
    
    PdfSignatureException - if the CMS signature can't be extracted or parsed
    
    CmsCadesException - if timestamp token can't be parsed
  - getSignatureTimeStamps
```
SignatureTimeStamp[] getSignatureTimeStamps()
                                     throws PdfSignatureException,
                                            CmsCadesException
```
    Extract all included signature timestamps.
    
    Returns:
    
    the signature timestamp token or an empty array if none included
    
    Throws:
    
    PdfSignatureException - if the CMS signature can't be extracted or parsed
    
    CmsCadesException - if timestamp token can't be parsed
  - verifySignatureTimestampImprint
```
void verifySignatureTimestampImprint()
                              throws PdfSignatureException,
                                     CmsCadesException,
                                     iaik.tsp.TspVerificationException
```
    Verify signature timestamp if included. No verification is done if no timestamp is contained. If more than one signature timestamp is included in this signature, the first signature timestamp is verified. Verifies the signature value and whether the message imprint equals the expected signature. No certificate path validation is done. Uses the timestamp authority's certificate included in the timestamp.
    
    Throws:
    
    PdfSignatureException - if the CMS signature can't be extracted or parsed
    
    CmsCadesException - if tsa certificate is not included to verify timestamp, if timestamp can't be extracted
    
    iaik.tsp.TspVerificationException - if signature of timestamp token is invalid or an parsing error occurs
  - verifySignatureTimestamps
```
void verifySignatureTimestamps()
                        throws PdfSignatureException,
                               CmsCadesException,
                               iaik.tsp.TspVerificationException
```
    Verify all included signature timestamps. No verification is done if no timestamps are contained. Verifies the signature value and whether the message imprint equals the expected signature. No certificate path validation is done. Uses the timestamp authority's certificate included in the timestamp.
    
    Throws:
    
    PdfSignatureException - if the CMS signature can't be extracted or parsed
    
    CmsCadesException - if no tsa certificate is included to verify the timestamp or if a timestamp can't be extracted
    
    iaik.tsp.TspVerificationException - if signature of timestamp token is invalid or an parsing error occurs
  - verifySignatureTimestampImprint
```
void verifySignatureTimestampImprint(iaik.x509.X509Certificate tsa_certificate)
                              throws PdfSignatureException,
                                     CmsCadesException,
                                     iaik.tsp.TspVerificationException
```
    Verify signature timestamp if included. No verification is done if no timestamp is contained. If more than one signature timestamp is included in this signature, the first signature timestamp is verified. To verify all signature timestamps using a provided TSA certificate use getSignatureTimeStamps() and its verify method. Verifies the signature value and whether the message imprint equals the expected signature. No certificate path validation is done. To verify the signature the given TSA certificate is used. If the given TSA certificate is null and this timestamp contains the corresponding TSA certificate, the included TSA certificate is used.
    
    Parameters:
    
    tsa_certificate - the certificate of the timestamp authority
    
    Throws:
    
    PdfSignatureException - if the CMS signature can't be extracted or parsed
    
    CmsCadesException - if timestamp can't be extracted
    
    iaik.tsp.TspVerificationException - if signature of timestamp token is invalid or an parsing error occurs

Interface ApprovalSignature

Method Summary

Methods inherited from interface iaik.pdf.signature.PdfSignatureDetails

Method Detail

getCMSSignature

getEncodedCmsSignature

getRevocationInformation

getOcspRevocationStatus

getCrlRevocationStatus

getSignerCertificate

getCertificateChain

verifySignatureValue

getSignatureTimeStampToken

getSignatureTimeStamps

verifySignatureTimestampImprint

verifySignatureTimestamps

verifySignatureTimestampImprint