signoAPI Java - General Notes | signotec Knowledge Base

Major Upgrades

This chapter contains important information about updating between major versions of signoAPI Java. It describes the changes that make a project no longer compilable after updating the API.

Version 3.x to 4.x

Removed deprecated (@Deprecated) methods and classes. Remove their usage before upgrading the API.
Minimum Java version increased from JavaSE 7 to JavaSE 8.
The libraries signopdf-viewer.jar, signopdf-signer.jar, and signopdf-utilities.jar have been merged into signopdf-lib.jar.
Duplicate class de.signotec.pdf.signer.dto.RectangleDTO removed. Use de.signotec.pdf.utilities.dto.RectangleDTO instead.
Duplicate class de.signotec.pdf.utilities.enums.SubFilter removed. Use de.signotec.pdf.signer.enums.SubFilter instead.
Class de.signotec.pdf.utilities.dto.SignatureFieldDTO.SignatureStatus removed. Use de.signotec.pdf.signer.enums.FieldStatus instead.
Library iText has been replaced by Apache PDFBox.
Multi-signature window feature (signotec Alpha Pads only) has been removed.
The SignoPdfSignerSTPad.initSignature() methods with array parameters have been removed. Switch to the methods without array parameters.
The return value of the SignoPdfSignerSTPad.confirmSignature() methods has been changed from int[] to int.

Version 2.x to 3.x

Contains a major update of the signoPAD-API from 8.x to 9.x. See the chapter “Major Upgrades” in the file “signoPAD-API Java Documentation DE.pdf” in the delivery package.

Removed deprecated (@Deprecated) methods and classes. Remove their usage before upgrading the API.
Minimum Java version increased from JavaSE 6 to JavaSE 7.
Class de.signotec.pdf.signer.Base64 removed. Use org.bouncycastle.util.encoders.Base64 instead.
Class de.signotec.pdf.viewer.DocumentInfoDTO moved to de.signotec.pdf.viewer.dto.DocumentInfoDTO.
Class de.signotec.pdf.viewer.PrinterDTO moved to de.signotec.pdf.viewer.dto.PrinterDTO.
Exception de.signotec.pdf.signer.exceptions.InvalidParameterException and de.signotec.pdf.utilities.exception.InvalidParameterException removed. Use java.lang.IllegalArgumentException instead.
Exception de.signotec.pdf.signer.exceptions.NotImplementedException removed. Use java.lang.UnsupportedOperationException instead.
Exception de.signotec.pdf.signer.exceptions.NoCapturingException removed. Use java.lang.IllegalStateException instead.
Exception de.signotec.pdf.utilities.exception.SignoPdfUtilititesException renamed to SignoUtilitiesException.
Exception de.signotec.pdf.viewer.exceptions.CouldNotSaveException removed. Use java.io.IOException instead.
Methods now also throw Java standard exceptions including unchecked exceptions:
- java.lang.IllegalArgumentException for invalid parameters
- java.lang.IllegalStateException when a function cannot be executed in the current state (e.g. when a signature process is to be terminated that was not previously started)
- java.lang.UnsupportedOperationException when the function is not supported by the signature device or the facade (signoPAD-API Java)
- java.io.IOException for I/O errors
- java.security.SignatureException when processing biometric data and errors in cryptography functions
Method parameters of type java.io.InputStream and java.io.OutputStream are no longer closed by the API.

License Keys

The signoAPI Java is delivered in an unregistered state. In this state, some functions are marked with a demo stamp (e.g. watermark “signotec Demo” in PDFs). To use the full functionality of the signoAPI, it is necessary to purchase a license key from signotec GmbH.

There are two different types of license keys:

Hardware-bound single-user licenses: During installation, an authorization key (software code) is generated. This is bound to specific hardware components and is always valid for one computer only (single user). Using the supplied program license-tool/license-tool.exe, a license key can be requested and entered after purchasing a single-user license. If a valid license key is present, it is stored in the computer’s registry and all components of the signoAPI Java are freed from the demo stamp.
Hardware-independent enterprise licenses: These are not bound to a computer/workstation and the key is not stored in the registry. Instead, the license key must be set before using the component via the method SignoViewer.setSerialKey(), SignoPdfSigner.setSerialKey(), or SignoPdfUtils.setSerialKey().

Limitations of the Demo Version

When using the signoAPI Java as a demo version, a watermark indicating the demo mode is displayed on every page of a loaded document. Additionally, loading and displaying documents protected by a password is not possible in the demo version.

When a document is signed with the demo version of signoAPI Java, a corresponding watermark is embedded behind the signature.

When a signature field is created with the demo version of the signopdf-utilities library using the addSignatureField() method, _signotec_demo is appended to the field name.

Keystores and Certificates

The supplied keystores signing.ks and encryption.ks as well as the certificate encryption.cer are included for demonstration purposes only. They all have the password password.

Creating your own keystores and certificates is possible with the Java Keytool.

Security-Critical Data

Passwords and private keys are security-critical data and must be handled with particular care. When using this API, you should observe the following in addition to common security standards:

Use only overwritable data structures for passwords. The signoAPI Java uses the data type char[]. The data of an immutable type like String cannot be specifically overwritten or deleted and may remain in memory for a very long time.
Delete passwords immediately after use. To keep the time window for reading passwords from memory as short as possible, they should be overwritten immediately after use. The signoAPI Java provides a corresponding method for this.
Delete private keys immediately after use. Since Java 8, keys that implement the Destroyable interface should be overwritten/erased in memory using the destroy() method as soon as they are no longer needed.