When signing using PKCS7 or PAdes with a timestamp server, you might receive the following exception: com.qoppa.pdf.PDFException: Signature hash (7895 bytes) will not fit in allotted space (7500 bytes).Increase timestamp server length estimate. To resolve this issue, you can increase the length estimate when defining the timestampserver parameters (the default length is originally set to […]
Though the names are very similar, PCKS11 and PKCS12 are actually defining 2 very different things and this can create some confusion. PKCS11 is a protocol used to access hardware encryption devices such as USB tokens, smart card or vaults (such as Azure Vault). Keystore API in Java allows to abstract access to the PKCS11 […]
This java sample program shows how to open a signed PDF and retrieve signature information from it such as signer’s name, sign reason, location, date, etc…. This sample uses Qoppa’s Java PDF Library jPDFSecure but can be easily changed to use jPDFProcess. // Load the signed document PDFSecure pdfDoc = new PDFSecure ("C:\\test\\output.pdf", null); if(pdfDoc.getSignatureFields() […]
This is a sample java program showing how to sign a PDF document using a certificate loaded from a p12 file. The signature appearance is customized with an image, signer’s name and date. A signature field is added to the PDF document and then signed. This code uses jPDFSecure library but could very easily be adapted […]
Converting to PDF/A an existing Signed Document It is not possible to convert an existing PDF document that is already signed to PDF/A. This is because any changes that you make to a PDF even if it’s only adding PDF/A tags information in the metadata would invalidate the signature. If your PDF is already signed, […]
PDF 2.0 defines a new filter (Adobe.PPKLite) and sub-filter (ETSI.CAdES.detached) for PAdES signatures, which are compliant with the European eIDAS regulation. Support for PAdES was added in v2017R1 of Qoppa’s Java PDF libraries. This sample shows how to add a PAdES signature to a PDF document using Qoppa’s Java PDF library jPDFSecure. It is easy […]
It is possible to clear permissions and passwords in a PDF document using several of Qoppa’s Java PDF libraries and components. With jPDFSecure, use PDFSecure.clearPasswordPermissions() With jPDFProcess, use PDFDocument.clearPasswordPermissions() With jPDFEditor, use PDFEditorBean.getDocument().clearPasswordPermissions() Calling PDFSecure.clearPasswordPermissions will clear all password permissions for this document: it will reset all password permissions to true. it will clear open/user […]
It is possible to set / update permissions and passwords in a PDF document using several of Qoppa’s Java PDF libraries and components. Call to change document permissions and passwords depending on which Qoppa library you use: // with jPDFSecure PDFSecure.setPasswordPermissions(newPermPwd, newOpenPwd, permissions, currentPermPwd, encryptType); // with jPDFProcess PDFDocument.setPasswordPermissions(newPermPwd, newOpenPwd, permissions, currentPermPwd, encryptType); […]
Here is the command line to create a pfx file with the Java keytool. This assumes that you have jdk 1.7.0_79 installed under your C:\Program Files folder. “C:\Program Files\Java\jdk1.7.0_79\bin\keytool” -genkeypair -keystore signature.pfx -storepass mypassword -storetype pkcs12 -alias myalias -dname “cn=John Smith, ou=Google, o=Google, c=US” Using the signature.pfx file generated above, you can add a digital […]
This Java sample code applies a digital signature to a document with a custom appearance. The appearance of signatures can be modified in jPDFSecure to include an image, choose the fields that show or custom text. /** * Qoppa Software – Sample Source Code */ package jPDFSecureSamples; import java.awt.geom.Rectangle2D; import java.io.FileInputStream; import java.security.KeyStore; […]
Here is a sample PDF signed with a digital ID issued by GlobalSign, a certificate authority recognized by Java. blank_signed.pdf This is a blank PDF page that only contains a signed signature field. This sample PDF can be used to test digital signature validation in Java 1.7 and Java 1.8. The digital signature in this […]
Q: Is it possible to set custom properties to digital signatures using Qoppa’s PDF SDK? A: Yes, it is possible to do so using jPDFSecure, jPDFProcess or qPDF Toolkit. Adding custom property to the signature dictionary This method can be used to add additional custom properties to the signature dictionary. SigningInformation.setCustomProperty(key, value);SigningInformation.setCustomProperty(key, value); You can […]
v2015R2 Download Links v2015R2.01 – March 28 2016 JPDF-733 – Sample application used a non-public class PDFEncryption.is256(): Exception occurred during event dispatching: java.lang.NoClassDefFoundError: com/qoppa/pdf/security/PDFEncryption
There is an issue with reading from the Windows certificate store with Java version 1.6.0_37, 64-bit. This is the error log: java.security.KeyStoreException: Windows-MY not found It is fixed in Java 64-bit version 1.6.0_45 but unfortunately Update 45 has introduced other issues. It is also fixed in latest 64-bit versions of Java 1.7 (1.7.0_76 for instance).
Q: Can I read from the Windows Certificate store to get digital IDs to use as trusted Certificate Authorities (CAs)? A: By default, our libraries jPDFSecure and jPDFProcess and components jPDFNotes and jPDFEditor use the Java trusted Certificate Authorities when verifying digital signatures in PDF documents. It is possible to customize the trusted authorities through the SignatureSettings static methods. To add the Windows trusted CAs, […]
Q: I am using your Java library jPDFSecure to add 2 digital signatures to a PDF document (sign, save, sign again and save) but only the last signature shows as valid, the first signature is showing as invalid. Am I doing anything wrong? This KB entry applies to the following Java libraries and components: jPDFProcess, […]
Q: Where can I find jPDFSecure javadoc API? A: You can find the API specification for the latest version of our library jPDFSecure on our website at this link. jPDFSecure is a java library to set permissions and passwords, encrypt and digitally sign PDF documents.
Windows maintains a certificate and digital ID store. Digital IDs in the store can come from certificate authorities, or can come from USB hardware tokens. Our Java libraries jPDFSecure, jPDFProcess and visual components jPDFNotes or jPDFEditor can apply a digital signature to a PDF document using a digital ID from the Windows certificate store. Here is sample java code showing how to retrieve […]
This Java program encrypts a document and restricts permissions to only allow printing using Qoppa’s library jPDFSecure.
This Java program lists the encryption and permissions settings of a PDF document using Qoppa’s library jPDFSecure.
This Java program clears the encryption and allows all permissions in a PDF document using Qoppa’s library jPDFSecure.
Q: How can I add a digital signature to a document using Qoppa’s java library jPDFSecure? A: This Java program loads a document, then loads a digital ID from a PKCS#12 file, and then creates and signs a signature field on the first page of the document. // Load the document PDFSecure pdfDoc = new […]
Q: Is it possible to certify a PDF document with Qoppa’s libraries and componentsA: As of version 2013R2, it is possible to add a certifying signature using our libraries jPDFProcess, jPDFSecure, jPDFNotes and jPDFEditor. What is a certifying signature? A certifying signature is a digital signature. A certifying signature has to be the first applied […]
Q: Can jPDFSecure apply digital signatures using a hardware token? A: Yes, our 2 java PDF libraries jPDFSecure and jPDFProcess can apply a digital signature to PDF documents using a hardware token through PKCS#11. Sample Code // Load token configuration file and register provider String configName = "pkcs11.cfg"; Provider p = new sun.security.pkcs11.SunPKCS11(configName); Security.addProvider(p); // Create key store […]
What are Timestamped Digital Signatures? When creating a digital signature, it is possible to simply use the computer’s date and time. But this may not be valid in a lot of legal environments. Time-stamp servers, also called Time Stamp Authorities (TSA), can provide a legal timestamp and there is a protocol to access the servers […]