PDFbox how to create a PADES-LTV sample

Question

I'm using PDFBox 2.0 I would like to create a PDF with PADES-LTV format but not me steps to do so. My question is on the part of the LTV parameters and when applied.

Need to know at what point are added and how

I put part of my code if you can guide me.But I am using the example of signing it PDFBox

https://svn.apache.org/viewvc/pdfbox/trunk/examples/src/main/java/org/apache/pdfbox/examples/signature/

Thanks in advance

public void signDetached(PDDocument document, OutputStream output, TSAClient tsaClient)
        throws IOException
{
    setTsaClient(tsaClient);

    // create signature dictionary
    PDSignature signature = new PDSignature();
    signature.setFilter(PDSignature.FILTER_ADOBE_PPKLITE);
    signature.setSubFilter(PDSignature.SUBFILTER_ADBE_PKCS7_DETACHED);
    signature.setName("test PADES-LTV");
    signature.setLocation("Madrid, ES");
    signature.setReason("Testing");
    // TODO extract the above details from the signing certificate? Reason as a parameter?

    // the signing date, needed for valid signature
    signature.setSignDate(Calendar.getInstance());

    // register signature dictionary and sign interface
    document.addSignature(signature, this);

    // write incremental (only for signing purpose)
    document.saveIncremental(output);
}

I deleted the first link as it was at a bookstore payment.

I have this information but not how to apply it PDFBox

According to ETSI TS 102 778-4 V1.1.2 (2009-12) the structure of a PDF document to which LTV is applied is illustrated in figure 2.

Figure 2: Illustration of PDF Document with LTV

The life-time of the protection can be further extended beyond the life-of the last document Time-stamp applied by adding further DSS information to validate the previous last document Time-stamp along with a new document Time-stamp. This is illustrated in figure 3.

Figure 3: Illustration of PDF Document with repeated LTV

On the other hand, according to Adobe (as written by their PDF evangelist Leonard Rosenthol on the iText mailing list in January 2013),

LTV enabled means that all information necessary to validate the file (minus root certs) is contained within. So this statement of yours would be true.

the PDF is signed correctly and contains all necessary certificates, a valid CRL or OSCP response for every certificate But since the only way for that statement to be true is for the presence of DSS, you must have DSS for LTV-enabled to appear. No timestamp (regular or document level) is required. Due to this divergence PDF documents with LTV according to ETSI usually are presented by Adobe software to have one not LTV-enabled document time stamp.

reference (for itext) : How to enable LTV for a timestamp signature?

*PADES-LTV format* - which exactly do you mean? There have been multiple generations of PAdES specifications, the earlier ones as ETSI TSs, the newer ones as ETSI ENs; the newer ones in particular contain multiple LTV profiles. — mkl, Jun 21 '16 at 08:23
I do not care, for example, the first ETSI TSs,but if you can guide me to the second best — Leuqarut, Jun 21 '16 at 08:44
`ETSI TS 102 778-4 V1.1.2 (2009-12)` has been implemented earlier this year as part of the `AddValidationInformation.java` example in the PDFBox source code download. — Tilman Hausherr, Nov 19 '18 at 13:16

PDFbox how to create a PADES-LTV sample

0 Answers0