This class implement the cryptographic options and the aspects which forms a signature. Allows to sign a PDF document. The document is signed indicating a keystore which must have been created previously.

1 pdf.sign

<pdf.sign
    store-password='store-password'
    provider='provider'
    type='type'
    alias='alias'
    key-password='key-password'
    sign-reason='sign-reason'
    sign-location='sign-location'
    sign-certify='sign-certify'
    sign-page='sign-page'
    sign-rect-llx='sign-rect-llx'
    sign-rect-lly='sign-rect-lly'
    sign-rect-urx='sign-rect-urx'
    sign-rect-ury='sign-rect-ury'
    sign-image-url='sign-image-url'
    sign-timestamp='sign-timestamp'
    timestamp-server-url='timestamp-server-url'
    timestamp-server-port='timestamp-server-port'
    timestamp-server-username='timestamp-server-username'
    timestamp-server-password='timestamp-server-password'
    timestamp-policy-oid='timestamp-policy-oid'
    encoding='encoding'
>
    <file_pdf /> ?
    <file_keystore /> ?
</pdf.sign>
Example

Create a new PDF file testsigned.pdf with the result of the signature of the file test.pdf with the keystore located in keystore.ks.

The keystore is indicated through the path (attribute file) and it is accessed through the key store-password. The stored key is indicated through the value in alias (a keystore can contain several entries) and must be indicated also the password for the entry key-password.

If the alias was not indicated, you will obtain the first alias of the keystore.

Optionally the provider and type are indicated and the signature information (sign-reason, sign-location) and location (sign page,sign-rect-llx)

Copy
<xsql-script name="signpdf">
    <body>
        <file.bytes.write>
        <file type="absolute" name="testsigned.pdf"/>       
            <pdf.sign 
                store-password="changeit" 
                alias='deister-webstudio'
                key-password='changeit'
                provider="BC" 
                type="pkcs12" 
                sign-reason="final document" 
                sing-location="barcelona" 
                sign-page="2" 
                sign-rect-llx="100" 
                sign-rect-lly="100" 
                sign-rect-urx="250" 
                sign-rect-ury="250"
            >
                <file type="absolute" name="keystore.ks"/>
                <file type="absolute" name="test.pdf"/>
            </pdf.sign>
        </file.bytes.write>
    </body>
</xsql-script>
Example

Sign a PDF with timestamping, the timestamp obtains it of a server via http without requiring authentication.

Copy
<xsql-script name="signpdf">
   <body>
       <!-- url de timestamp servers
            http://tsp.iaik.at/tsp/
            http://security.polito.it/ts/
       -->
       <file.bytes.write>
           <file type="absolute" name="testsigned.pdf"/>       
               <pdf.sign 
                   store-password="changeit" 
                   alias='deister-webstudio'
                   key-password='changeit'
                   provider="BC" 
                   type="pkcs12" 
                   sign-reason="document final" 
                   sing-location="barcelona" 
                   sign-page="2" 
                   sign-rect-llx="100" 
                   sign-rect-lly="100" 
                   sign-rect-urx="250" 
                   sign-rect-ury="250"
                   sign-timestamp='true'
                   timestamp-server-url="http://www.edelweb.fr/cgi-bin/service-tsp"
   
               >
               <file type="absolute" name="keystore.ks"/>
               <file type="absolute" name="test.pdf"/>
           </pdf.sign>
       </file.bytes.write>
   </body>
</xsql-script>