Class: HexaPDF::DigitalSignature::Signature

Inherits:

HexaPDF::Dictionary

• Object
• Object
• HexaPDF::Dictionary
• HexaPDF::DigitalSignature::Signature

Defined in:

lib/hexapdf/digital_signature/signature.rb

Overview

Represents a digital signature that is used to authenticate a user and the contents of the document.

Signature Verification

Verification of signatures is a complex topic and what counts as completely verified may differ from use-case to use-case. Therefore HexaPDF provides as much diagnostic information as possible so that the user can decide whether a signature is valid.

By defining a custom signature handler based on BaseHandler or CMSHandler one is able to also customize the signature verification.

See: PDF2.0 s12.8.1, HexaPDF::Type::AcroForm::SignatureField

Defined Under Namespace

Classes: SignatureReference, TransformParams

Constant Summary

Constants included from HexaPDF::DictionaryFields

HexaPDF::DictionaryFields::Boolean, HexaPDF::DictionaryFields::PDFByteString, HexaPDF::DictionaryFields::PDFDate

Instance Attribute Summary

Attributes inherited from Object

#data, #document, #must_be_indirect

Instance Method Summary

• #contents ⇒ Object

  Returns the raw signature value.

• #signature_handler ⇒ Object

  Returns the signature handler for this signature based on the /SubFilter entry.

• #signature_type ⇒ Object

  Returns the signature type based on the /SubFilter.

• #signed_data ⇒ Object

  Returns the signed data as indicated by the /ByteRange entry as binary string.

• #signer_name ⇒ Object

  Returns the name of the person or authority that signed the document.

• #signing_location ⇒ Object

  Returns the location of the signing.

• #signing_reason ⇒ Object

  Returns the reason for the signing.

• #signing_time ⇒ Object

  Returns the time of the signing.

• #verify(default_paths: true, trusted_certs: [], allow_self_signed: false) ⇒ Object

  Returns a VerificationResult object with the verification information.

Methods inherited from HexaPDF::Dictionary

#[], #[]=, define_field, define_type, #delete, #each, each_field, #empty?, field, #key?, #to_hash, type, #type

Methods inherited from Object

#<=>, #==, #cache, #cached?, #clear_cache, deep_copy, #deep_copy, #document?, #eql?, field, #gen, #gen=, #hash, #indirect?, #initialize, #inspect, make_direct, #must_be_indirect?, #null?, #oid, #oid=, #type, #validate, #value, #value=

Constructor Details

This class inherits a constructor from HexaPDF::Object

Instance Method Details

#contents ⇒ Object

Returns the raw signature value.

# File 'lib/hexapdf/digital_signature/signature.rb', line 201

def contents
  self[:Contents]
end

#signature_handler ⇒ Object

Returns the signature handler for this signature based on the /SubFilter entry.

# File 'lib/hexapdf/digital_signature/signature.rb', line 191

def signature_handler
  cache(:signature_handler) do
    handler_class = document.config.constantize('signature.sub_filter_map', self[:SubFilter]) do
      raise HexaPDF::Error, "No or unknown signature handler set: #{self[:SubFilter]}"
    end
    handler_class.new(self)
  end
end

#signature_type ⇒ Object

Returns the signature type based on the /SubFilter.

# File 'lib/hexapdf/digital_signature/signature.rb', line 186

def signature_type
  self[:SubFilter].to_s
end

#signed_data ⇒ Object

Returns the signed data as indicated by the /ByteRange entry as binary string.

# File 'lib/hexapdf/digital_signature/signature.rb', line 206

def signed_data
  unless document.revisions.parser
    raise HexaPDF::Error, "Can't load signed data without existing PDF file"
  end
  io = document.revisions.parser.io
  data = ''.b
  self[:ByteRange]&.each_slice(2) do |offset, length|
    io.pos = offset
    data << io.read(length).to_s
  end
  data
end

#signer_name ⇒ Object

Returns the name of the person or authority that signed the document.

# File 'lib/hexapdf/digital_signature/signature.rb', line 166

def signer_name
  signature_handler.signer_name
end

#signing_location ⇒ Object

Returns the location of the signing.

# File 'lib/hexapdf/digital_signature/signature.rb', line 181

def signing_location
  self[:Location]
end

#signing_reason ⇒ Object

Returns the reason for the signing.

# File 'lib/hexapdf/digital_signature/signature.rb', line 176

def signing_reason
  self[:Reason]
end

#signing_time ⇒ Object

Returns the time of the signing.

# File 'lib/hexapdf/digital_signature/signature.rb', line 171

def signing_time
  signature_handler.signing_time
end

#verify(default_paths: true, trusted_certs: [], allow_self_signed: false) ⇒ Object

Returns a VerificationResult object with the verification information.

# File 'lib/hexapdf/digital_signature/signature.rb', line 220

def verify(default_paths: true, trusted_certs: [], allow_self_signed: false)
  store = OpenSSL::X509::Store.new
  store.set_default_paths if default_paths
  store.purpose = OpenSSL::X509::PURPOSE_SMIME_SIGN
  trusted_certs.each {|cert| store.add_cert(cert) }
  signature_handler.verify(store, allow_self_signed: allow_self_signed)
end