Another main component is the class de.signotec.pdf.signer.SignoPdfSigner with its derived classes de.signotec.pdf.signer.SignoPdfSignerSTPad and de.signotec.pdf.signer.SignoPdfSignerCustom. These are classes that provide methods for reading information about signature fields in PDF documents and for signing these fields.
SignoPdfSigner
The class SignoPdfSigner should only be used if no integration with the available signoPAD-API is desired, e.g. because the signature capture should take place on a different system than the document signing (client/server solution). If the capture and signing are to take place on the same system, the class SignoPdfSignerSTPad should always be used for security reasons.
The method SignoPdfSigner.signDocument() digitally signs the loaded document. Output of the document is not necessary if additional signatures are to be captured. It can be called multiple times for a SignoPdfSigner object.
Encryption in the Signature Device
If a pad is connected that has a public key for encryption stored in it, the biometric data can be encrypted in the device. This means no public RSA key is needed on the PC and the biometric data is encrypted before being transmitted to the PC.
This technology is currently only supported on Windows.
public void signDocument(String fieldName, SigningDTO signData,
PrivateKey signingKey, Certificate[] signingCertChain, String bioCertRef,
String bioData, SignatureImageDTO image, SignatureDeviceDTO deviceData)
Encryption and Signing of Biometric Data in the Signature Device
If a pad is connected that has a public key for encryption and a key pair for signing stored in it, the biometric data can be encrypted and signed in the device. This means no public RSA key is needed on the PC and the biometric data is encrypted before being transmitted to the PC. In addition, the integrity of the biometric data can be verified later.
This technology is currently only supported on Windows.
public void signDocument(String fieldName, SigningDTO signData,
PrivateKey signingKey, Certificate[] signingCertChain, String bioCertRef,
HashType padSignatureType, RSAScheme padSignatureScheme,
byte[] padSignature, X509Certificate padSigningCert, String bioData,
SignatureImageDTO image, SignatureDeviceDTO deviceData)
Encryption on the PC
If the biometric data is not encrypted in the signature device, the encryption is performed when the signDocument() method is called. For this, a certificate with a public RSA key is required on the PC. This functionality is supported by all signature devices.
public void signDocument(String fieldName, SigningDTO signData,
PrivateKey signingKey, Certificate[] signingCertChain,
X509Certificate bioCert, String bioData, SignatureImageDTO image,
SignatureDeviceDTO deviceData)
SignoPdfSignerSTPad
The class de.signotec.pdf.signer.SignoPdfSignerSTPad is used to capture signatures with a signotec signature pad or a pen display and requires an object of type de.signotec.stpad.api.SigPadApi. Using this class is the recommended way to capture a signature, as it allows all advanced features of the signotec LCD signature pads to be used.
The method SignoPdfSignerSTPad.initSignature() starts the signature capture. The method startSignature() of the SigPadApi object passed in the constructor is triggered at this point. If the specified signature field does not exist, it is created. In this case, the Rectangle and Page specifications of the SigningDTO object must be set.
Signing and Encryption in the Signature Device
If a pad is connected that has a private key for signing and a public key for encryption stored in it, the device can be used for digitally signing the document and encrypting the biometric data. This means no RSA keys of any kind are needed on the PC and the biometric data is encrypted before being transmitted to the PC.
This technology is only supported on Windows and only by signotec pads when using the SigPadFacade.
public void initSignature(String fieldName, SigningDTO signData)
Signing in the Signature Device, Encryption on the PC
If a pad is connected that has a private key for signing stored in it, the document can be digitally signed in the device. This means no private RSA key is needed on the PC.
This technology is only supported on Windows and only by signotec pads when using the SigPadFacade.
public void initSignature(String fieldName, SigningDTO signData,
X509Certificate bioCert)
Signing on the PC, Encryption in the Signature Device
If a pad is connected that has a public key for encryption stored in it, the biometric data can be encrypted in the device. This means no public RSA key is needed on the PC and the biometric data is encrypted before being transmitted to the PC.
This technology is only supported on Windows and only by signotec pads when using the SigPadFacade.
public void initSignature(String fieldName, SigningDTO signData,
PrivateKey signingKey, Certificate[] signingCertChain)
Signing and Encryption on the PC
This functionality is supported by all signature devices. To use it, a private key for signing and a public key for encryption must be available on the PC.
public void initSignature(String fieldName, SigningDTO signData,
PrivateKey signingKey, Certificate[] signingCertChain,
X509Certificate bioCert)
SignoPdfSignerCustom
With the class SignoPdfSignerCustom, documents can be signed with custom signatures. The signature can, for example, be created by the application itself or performed by a remote signing provider.
The usage of the class is divided into two steps:
-
The document is prepared for signing with the
prepareDocument()method. The result is a hash that must be signed. The hash algorithm used can be queried usinggetDocumentHashAlgorithm(). -
The signature of the signed hash is stored in the prepared document using the
signDocument()method.
After each step, the document can be saved with writeDocument().
Step 2 can also be performed without the signoAPI Java by inserting the signature into a reserved area of the document. The position of the area can be determined with the getSignatureOffset() method. The size of the area is specified with setSignatureLength().