| java.lang.Object | |
| ↳ | com.pspdfkit.signatures.SignatureManager |
Class Overview
Handles digital signature certificates.
Summary
| Public Methods | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| static void |
addSigner(String identifier, Signer signer)
Register a single
Signer. | ||||||||||
| static void |
addTrustedCertificate(X509Certificate certificate)
Adds a new trusted certificate to the keystore to be used for verification of valid
signatures.
| ||||||||||
| static void |
addTrustedCertificate(InputStream pkcs7certificateInputStream)
Adds a new trusted certificate to the keystore to be used for verification of valid
signatures.
| ||||||||||
| static void |
addTrustedCertificatesFromAdobeCa()
Loads Adobe CA trusted certificates.
| ||||||||||
| static void |
addTrustedCertificatesFromOs()
Loads and add certificate from operating system root certificate store.
| ||||||||||
| static void |
clearSigners()
Removes all previously registered
Signer instances. | ||||||||||
| static void |
clearTrustedCertificates()
Clears all certificates from keystore.
| ||||||||||
| static Map<String, Signer> |
getSigners()
Returns all registered
Signer instances. | ||||||||||
| static List<X509Certificate> |
getTrustedCertificates()
Returns list of trusted CA certificates used for verification of signatures in the documents.
| ||||||||||
| static X509Certificate |
loadCertificateFromFile(File file)
Convenience method to load a X.509 certificate from a
File. | ||||||||||
| static X509Certificate |
loadCertificateFromStream(InputStream inputStream)
Convenience method to load a X.509 certificate from an
InputStream. | ||||||||||
| static KeyStore.PrivateKeyEntry |
loadPrivateKeyFromFile(File file, String password, String alias, String keyPassword)
Convenience method to load a certificate/private key pair from a PKCS#12 file (usually with
.p12 extension).
| ||||||||||
| static KeyStore.PrivateKeyEntry |
loadPrivateKeyPairFromStream(InputStream inputStream, String password, String alias, String keyPassword)
Convenience method to load a certificate/private key pair from a PKCS#12 file (usually with
.p12 extension).
| ||||||||||
| static void |
removeSigner(String identifier)
Unregister a previously registered
Signer. | ||||||||||
|
[Expand]
Inherited Methods | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
From class
java.lang.Object
| |||||||||||
Public Methods
public static void addSigner (String identifier, Signer signer)
Register a single Signer. A registered signer will be available in various
components, for example the SignatureSignerDialog. Each identifier can only be used
once, or a signer with the same identifier will be replaced. To remove a previously
registered signer, use removeSigner(String). To get a list of all registered signers
call getSigners().
Parameters
| identifier | A unique string identifier for referencing the signer. |
|---|---|
| signer | A Signer to register.
|
public static void addTrustedCertificate (X509Certificate certificate)
Adds a new trusted certificate to the keystore to be used for verification of valid signatures.
Parameters
| certificate | A X.509 certificate with public key. |
|---|
public static void addTrustedCertificate (InputStream pkcs7certificateInputStream)
Adds a new trusted certificate to the keystore to be used for verification of valid signatures.
Parameters
| pkcs7certificateInputStream | Input stream containing a X.509 certificate in PKCS#7
form. Can be FileInputStream, android.content.res.AssetManager.AssetInputStream or any related type.
|
|---|
Throws
| CertificateException |
|---|
public static void addTrustedCertificatesFromAdobeCa ()
Loads Adobe CA trusted certificates. This is already done by default and this call should
only be used if clearTrustedCertificates() has been called for any reason.
public static void addTrustedCertificatesFromOs ()
Loads and add certificate from operating system root certificate store. This is already done
by default and this call should only be used if clearTrustedCertificates() has been
called for any reason.
public static void clearSigners ()
Removes all previously registered Signer instances. A signer can be registered using
addSigner(String, Signer). To unregister a single signer instance use removeSigner(String).
public static void clearTrustedCertificates ()
Clears all certificates from keystore. Unless a new certificate is added to it later,
signatures in documents won't be checked for validity and all the validation methods will
return at least a WARNING.
public static Map<String, Signer> getSigners ()
Returns all registered Signer instances. A signer can be registered using addSigner(String, Signer) and unregistered using removeSigner(String).
Returns
- An unmodifiable set of all registered
Signerinstances. If no signers are registered, this method returns an empty set.
See Also
public static List<X509Certificate> getTrustedCertificates ()
Returns list of trusted CA certificates used for verification of signatures in the documents. By default this list is initialized from Android's OS CA certificate store and Adobe PDF CA store.
Returns
- List of trusted CA certificates.
public static X509Certificate loadCertificateFromFile (File file)
Convenience method to load a X.509 certificate from a File.
Parameters
| file | File containing certificate in PKCS#7 format. |
|---|
Returns
- A
X509Certificateinstance if the certificate is loaded.
Throws
| CertificateException | If loading failed or certificate isn't of X.509 type. |
|---|
public static X509Certificate loadCertificateFromStream (InputStream inputStream)
Convenience method to load a X.509 certificate from an InputStream.
Parameters
| inputStream | Input stream containing certificate in PKCS#7 format. |
|---|
Returns
- A
X509Certificateinstance if the certificate is loaded.
Throws
| CertificateException | If loading failed or certificate isn't of X.509 type. |
|---|
public static KeyStore.PrivateKeyEntry loadPrivateKeyFromFile (File file, String password, String alias, String keyPassword)
Convenience method to load a certificate/private key pair from a PKCS#12 file (usually with .p12 extension).
Parameters
| file | PKCS#12 (.p12) keystore file. |
|---|---|
| password | Password for the keystore, may be null if keystore isn't password
protected. |
| alias | Key pair alias (name) inside the keystore. |
| keyPassword | Password for the keypair inside the keystore, may be null if key
isn't password protected. |
Returns
- a
KeyStore.PrivateKeyEntryrepresenting the certificate/private key pair loaded from the keystore.
Throws
| IOException | if keystore can't be opened and read. |
|---|---|
| GeneralSecurityException | if key or keystore passwords don't match the ones in the actual file. |
public static KeyStore.PrivateKeyEntry loadPrivateKeyPairFromStream (InputStream inputStream, String password, String alias, String keyPassword)
Convenience method to load a certificate/private key pair from a PKCS#12 file (usually with .p12 extension).
Parameters
| inputStream | Input stream reading a p12 file. |
|---|---|
| password | Password for the keystore, may be null if keystore isn't password
protected. |
| alias | Key pair alias (name) inside the keystore. If null, uses the first one
found. |
| keyPassword | Password for the keypair inside the keystore, may be null if key
isn't password protected. |
Returns
- a
KeyStore.PrivateKeyEntryrepresenting the certificate/private key pair loaded from the keystore.
Throws
| IOException | if keystore can't be opened and read. |
|---|---|
| GeneralSecurityException | if key or keystore passwords don't match the ones in the actual file. |
public static void removeSigner (String identifier)
Unregister a previously registered Signer. Once unregistered, the signer will no
longer be available in digital signature components. To unregister all previously registered
signers use clearSigners().
Parameters
| identifier | The unique identifier that was previously used to register a Signer.
|
|---|