java.lang.Objectcom.aspose.words.CertificateHolder
public class CertificateHolder
CertificateHolder can be created by static factory methods only.
It contains an instance of X509Certificate2 which is used to introduce private, public keys and certificate chains into the system.
This class is applied in Example: Example: Example:
CertificateHolder certificateHolder = CertificateHolder.create(getMyDir() + "morzal.pfx", "aw");
// By string:
Document doc = new Document(getMyDir() + "Digitally signed.docx");
String outputFileName = getArtifactsDir() + "DigitalSignatureUtil.SignDocument.docx";
SignOptions signOptions = new SignOptions();
signOptions.setComments("Encrypted");
signOptions.setSignTime(new Date());
DigitalSignatureUtil.sign(doc.getOriginalFileName(), outputFileName, certificateHolder, signOptions);
// Create certificate holder from a file
CertificateHolder certificateHolder = CertificateHolder.create(getMyDir() + "morzal.pfx", "aw");
SignOptions signOptions = new SignOptions();
signOptions.setComments("Comment");
signOptions.setSignTime(new Date());
signOptions.setDecryptionPassword("docPassword");
// Digitally sign encrypted with "docPassword" document in the specified path
String inputFileName = getMyDir() + "Encrypted.docx";
String outputFileName = getArtifactsDir() + "DigitalSignatureUtil.DecryptionPassword.docx";
DigitalSignatureUtil.sign(inputFileName, outputFileName, certificateHolder, signOptions);
public static void sign() throws Exception {
String signPersonName = "Ron Williams";
String srcDocumentPath = getMyDir() + "Document.docx";
String dstDocumentPath = getArtifactsDir() + "SignDocumentCustom.Sign.docx";
String certificatePath = getMyDir() + "morzal.pfx";
String certificatePassword = "aw";
// We need to create simple list with test signers for this example
createSignPersonData();
System.out.println("Test data successfully added!");
// Get sign person object by name of the person who must sign a document
// This an example, in real use case you would return an object from a database
SignPersonTestClass signPersonInfo = gSignPersonList.stream().filter(x -> x.getName() == signPersonName).findFirst().get();
if (signPersonInfo != null) {
signDocument(srcDocumentPath, dstDocumentPath, signPersonInfo, certificatePath, certificatePassword);
System.out.println("Document successfully signed!");
} else {
System.out.println("Sign person does not exist, please check your parameters.");
}
// Now do something with a signed document, for example, save it to your database
// Use 'new Document(dstDocumentPath)' for loading a signed document
}
/// <summary>
/// Signs the document obtained at the source location and saves it to the specified destination.
/// </summary>
private static void signDocument(final String srcDocumentPath, final String dstDocumentPath,
final SignPersonTestClass signPersonInfo, final String certificatePath,
final String certificatePassword) throws Exception {
// Create new document instance based on a test file that we need to sign
Document document = new Document(srcDocumentPath);
DocumentBuilder builder = new DocumentBuilder(document);
// Add info about responsible person who sign a document
SignatureLineOptions signatureLineOptions = new SignatureLineOptions();
signatureLineOptions.setSigner(signPersonInfo.getName());
signatureLineOptions.setSignerTitle(signPersonInfo.getPosition());
// Add signature line for responsible person who sign a document
SignatureLine signatureLine = builder.insertSignatureLine(signatureLineOptions).getSignatureLine();
signatureLine.setId(signPersonInfo.getPersonId());
// Save a document with line signatures into temporary file for future signing
builder.getDocument().save(dstDocumentPath);
// Create holder of certificate instance based on your personal certificate
// This is the test certificate generated for this example
CertificateHolder certificateHolder = CertificateHolder.create(certificatePath, certificatePassword);
// Link our signature line with personal signature
SignOptions signOptions = new SignOptions();
signOptions.setSignatureLineId(signPersonInfo.getPersonId());
signOptions.setSignatureLineImage(signPersonInfo.getImage());
// Sign a document which contains signature line with personal certificate
DigitalSignatureUtil.sign(dstDocumentPath, dstDocumentPath, certificateHolder, signOptions);
}
/// <summary>
/// Create test data that contains info about sing persons.
/// </summary>
private static void createSignPersonData() throws IOException {
InputStream inputStream = new FileInputStream(getImageDir() + "Logo.jpg");
gSignPersonList = new ArrayList<>();
gSignPersonList.add(new SignPersonTestClass(UUID.randomUUID(), "Ron Williams", "Chief Executive Officer",
DocumentHelper.getBytesFromStream(inputStream)));
gSignPersonList.add(new SignPersonTestClass(UUID.randomUUID(), "Stephen Morse", "Head of Compliance",
DocumentHelper.getBytesFromStream(inputStream)));
}
private static ArrayList<SignPersonTestClass> gSignPersonList;
Property Getters/Setters Summary | ||
---|---|---|
System.Security.Cryptography.X509Certificates.X509Certificate2 | getCertificate() | |
Returns the instance of X509Certificate2Wrapper that holds X509Certificate2 which holds private, public keys and certificate chain. |
Method Summary | ||
---|---|---|
static CertificateHolder | create(byte[] certBytes, java.lang.String password) | |
Creates CertificateHolder object using byte array of PKCS12 store and its password. | ||
static CertificateHolder | create(java.lang.String fileName, java.lang.String password) | |
Creates CertificateHolder object using path to PKCS12 store and its password. | ||
static CertificateHolder | create(java.lang.String fileName, java.lang.String password, java.lang.String alias) | |
Creates CertificateHolder object using path to PKCS12 store, its password and the alias by using which private key and certificate will be found. |
Property Getters/Setters Detail |
---|
getCertificate | |
public System.Security.Cryptography.X509Certificates.X509Certificate2 getCertificate() |
Example:
Shows how to validate each signature in a document and display basic information about the signature.// Load the document which contains signature Document doc = new Document(getMyDir() + "Digitally signed.docx"); for (DigitalSignature signature : doc.getDigitalSignatures()) { System.out.println("*** Signature Found ***"); System.out.println("Is valid: " + signature.isValid()); // This property is available in MS Word documents only System.out.println("Reason for signing: " + signature.getComments()); System.out.println("Signature type: " + signature.getSignatureType()); System.out.println("Time of signing: " + signature.getSignTime()); System.out.println("Subject name: " + signature.getSubjectName()); System.out.println("Issuer name: " + signature.getIssuerName()); System.out.println(); }
Method Detail |
---|
create | |
public static CertificateHolder create(byte[] certBytes, java.lang.String password) throws java.lang.Exception |
certBytes
- A byte array that contains data from an X.509 certificate.password
- The password required to access the X.509 certificate data.Example:
Shows how to create CertificateHolder objects.// Load a PKCS #12 file into a byte array and apply its password to create the CertificateHolder byte[] certBytes = DocumentHelper.getBytesFromStream(new FileInputStream(getMyDir() + "morzal.pfx")); CertificateHolder.create(certBytes, "aw"); // Load a PKCS #12 file and apply its password to create the CertificateHolder CertificateHolder.create(getMyDir() + "morzal.pfx", "aw"); // If the certificate has private keys corresponding to aliases, we can use the aliases to fetch their respective keys // First, we'll check for valid aliases like this InputStream certStream = new FileInputStream(getMyDir() + "morzal.pfx"); try { KeyStore store = KeyStore.getInstance("PKCS12"); store.load(certStream, "aw".toCharArray()); Enumeration<String> aliasNames = store.aliases(); while (aliasNames.hasMoreElements()) { String currentAlias = aliasNames.nextElement().toString(); // The data format for private keys defined by the PKCS #8 standard if (store.isKeyEntry(currentAlias) && store.getKey(currentAlias, "aw".toCharArray()).getFormat().equals("PKCS#8")) { System.out.println(MessageFormat.format("Valid alias found: {0}", currentAlias)); } } } finally { if (certStream != null) certStream.close(); } // For this file, we'll use an alias found above CertificateHolder.create(getMyDir() + "morzal.pfx", "aw", "c20be521-11ea-4976-81ed-865fbbfc9f24"); // If we leave the alias null, then the first possible alias that retrieves a private key will be used CertificateHolder.create(getMyDir() + "morzal.pfx", "aw", null);
create | |
public static CertificateHolder create(java.lang.String fileName, java.lang.String password) throws java.lang.Exception |
fileName
- The name of a certificate file.password
- The password required to access the X.509 certificate data.Example:
Shows how to create CertificateHolder objects.// Load a PKCS #12 file into a byte array and apply its password to create the CertificateHolder byte[] certBytes = DocumentHelper.getBytesFromStream(new FileInputStream(getMyDir() + "morzal.pfx")); CertificateHolder.create(certBytes, "aw"); // Load a PKCS #12 file and apply its password to create the CertificateHolder CertificateHolder.create(getMyDir() + "morzal.pfx", "aw"); // If the certificate has private keys corresponding to aliases, we can use the aliases to fetch their respective keys // First, we'll check for valid aliases like this InputStream certStream = new FileInputStream(getMyDir() + "morzal.pfx"); try { KeyStore store = KeyStore.getInstance("PKCS12"); store.load(certStream, "aw".toCharArray()); Enumeration<String> aliasNames = store.aliases(); while (aliasNames.hasMoreElements()) { String currentAlias = aliasNames.nextElement().toString(); // The data format for private keys defined by the PKCS #8 standard if (store.isKeyEntry(currentAlias) && store.getKey(currentAlias, "aw".toCharArray()).getFormat().equals("PKCS#8")) { System.out.println(MessageFormat.format("Valid alias found: {0}", currentAlias)); } } } finally { if (certStream != null) certStream.close(); } // For this file, we'll use an alias found above CertificateHolder.create(getMyDir() + "morzal.pfx", "aw", "c20be521-11ea-4976-81ed-865fbbfc9f24"); // If we leave the alias null, then the first possible alias that retrieves a private key will be used CertificateHolder.create(getMyDir() + "morzal.pfx", "aw", null);
Example:
Shows how to sign documents using certificate holder and sign options.CertificateHolder certificateHolder = CertificateHolder.create(getMyDir() + "morzal.pfx", "aw"); // By string: Document doc = new Document(getMyDir() + "Digitally signed.docx"); String outputFileName = getArtifactsDir() + "DigitalSignatureUtil.SignDocument.docx"; SignOptions signOptions = new SignOptions(); signOptions.setComments("Encrypted"); signOptions.setSignTime(new Date()); DigitalSignatureUtil.sign(doc.getOriginalFileName(), outputFileName, certificateHolder, signOptions);
create | |
public static CertificateHolder create(java.lang.String fileName, java.lang.String password, java.lang.String alias) throws java.lang.Exception |
fileName
- The name of a certificate file.password
- The password required to access the X.509 certificate data.alias
- The associated alias for a certificate and its private keyExample:
Shows how to create CertificateHolder objects.// Load a PKCS #12 file into a byte array and apply its password to create the CertificateHolder byte[] certBytes = DocumentHelper.getBytesFromStream(new FileInputStream(getMyDir() + "morzal.pfx")); CertificateHolder.create(certBytes, "aw"); // Load a PKCS #12 file and apply its password to create the CertificateHolder CertificateHolder.create(getMyDir() + "morzal.pfx", "aw"); // If the certificate has private keys corresponding to aliases, we can use the aliases to fetch their respective keys // First, we'll check for valid aliases like this InputStream certStream = new FileInputStream(getMyDir() + "morzal.pfx"); try { KeyStore store = KeyStore.getInstance("PKCS12"); store.load(certStream, "aw".toCharArray()); Enumeration<String> aliasNames = store.aliases(); while (aliasNames.hasMoreElements()) { String currentAlias = aliasNames.nextElement().toString(); // The data format for private keys defined by the PKCS #8 standard if (store.isKeyEntry(currentAlias) && store.getKey(currentAlias, "aw".toCharArray()).getFormat().equals("PKCS#8")) { System.out.println(MessageFormat.format("Valid alias found: {0}", currentAlias)); } } } finally { if (certStream != null) certStream.close(); } // For this file, we'll use an alias found above CertificateHolder.create(getMyDir() + "morzal.pfx", "aw", "c20be521-11ea-4976-81ed-865fbbfc9f24"); // If we leave the alias null, then the first possible alias that retrieves a private key will be used CertificateHolder.create(getMyDir() + "morzal.pfx", "aw", null);