Search code examples
bouncycastlepdfbox

Java compiler can't find the CMSProcessableInputStream for bouncycastle

I pulled this example from the following link. I am having problems because I can't get the compiler to find the CMSProcessableInputStream class.

Does anyone have any suggestions?

https://apache.googlesource.com/pdfbox/+/5f032354760374773f7339bbad2678d3281e90ee/examples/src/main/java/org/apache/pdfbox/examples/signature/CreateVisibleSignature.java

This is a snippet of my pom.xml:

        <dependency>
        <groupId>org.apache.pdfbox</groupId>
        <artifactId>pdfbox</artifactId>
        <version>1.8.9</version>
    </dependency>
   <dependency>
    <groupId>com.itextpdf</groupId>
    <artifactId>itextpdf</artifactId>
    <version>5.5.6</version>
   </dependency>
    <dependency>
        <groupId>org.bouncycastle</groupId>
        <artifactId>bcpg-jdk16</artifactId>
        <version>1.46</version>
    </dependency>
    <dependency>
        <groupId>org.bouncycastle</groupId>
        <artifactId>bcprov-jdk16</artifactId>
        <version>1.46</version>
    </dependency>
    <dependency>
        <groupId>org.bouncycastle</groupId>
        <artifactId>bcmail-jdk16</artifactId>
        <version>1.46</version>
    </dependency>
    <dependency>
        <groupId>org.bouncycastle</groupId>
        <artifactId>bcprov-ext-jdk16</artifactId>
        <version>1.46</version>
    </dependency>

This is the code:

    @Override
public byte[] sign(InputStream content) throws SignatureException,
        IOException {
    CMSProcessableInputStream input = new CMSProcessableInputStream(content);
    CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
    // CertificateChain
    List<Certificate> certList = Arrays.asList(cert);
    CertStore certStore = null;
    try {
        certStore = CertStore.getInstance("Collection",
                new CollectionCertStoreParameters(certList), provider);
        gen.addSigner(privKey, (X509Certificate) certList.get(0),
                CMSSignedGenerator.DIGEST_SHA256);
        gen.addCertificatesAndCRLs(certStore);
        CMSSignedData signedData = gen.generate(input, false, provider);
        return signedData.getEncoded();
    } catch (Exception e) {
        // should be handled
        System.err.println("Error while creating pkcs7 signature.");
        e.printStackTrace();
    }
    throw new RuntimeException("Problem while preparing signature");
}
Solution

  • 1. The CMSProcessableInputStream class is part of the CreateSignature class (without the word "visible") which is in the same package, which you can find in the source download of PDFBox. Get it here: https://pdfbox.apache.org/downloads.html#recent and click on "pdfbox-1.8.9-src.zip", and then look for pdfbox-1.8.9\examples\src\main\java\org\apache\pdfbox\examples\signature\CreateSignature.java in the zip file.

    2. The 1.8.9 version of PDFBox uses bc version 1.44, as shown on the official website:

    <dependency>
  <groupId>org.bouncycastle</groupId>
  <artifactId>bcprov-jdk15</artifactId>
  <version>1.44</version>
</dependency>
<dependency>
  <groupId>org.bouncycastle</groupId>
  <artifactId>bcmail-jdk15</artifactId>
  <version>1.44</version>
</dependency>

    Another solution is to use pdfbox-app, which has bc within.

    A general hint: use source code that you find with google at your own risk. You don't know what version it is, or if it is correct. Try looking at the official website first.