Digital signature using Aspose words

kumaraswamy.m · June 23, 2014, 1:26am

Hi Team,

I’ve a few queries related to digital signature using Aspose Words for Java 14.5.

Aspose doesn’t allow to pick a certificate from the keystore. The certificate has to be present as file. Is there a way to pick the certificate from the keystore.
Does the certificate has to be in PKCS format? I tried with JKS keystore type and it didn’t work.
Is it mandatory that the certificate contain private key? Could a single .pfx file contain more than one private key?
What is the signature algorithm used? Will the algorithm same for PDF and Word document?
Is there a way to sign the word document during save?
Are DOC, DOCX, DOCM formats supported?

Thanks,
Kumar

// Sample code for PDF

PdfSaveOptions options = new PdfSaveOptions();
options.setDigitalSignatureDetails(new PdfDigitalSignatureDetails("c:\temp\keystore.pfx", "private_key_password", "Test digital signature", "Here", new Date()));
doc.save("C:\test_signature.pdf", options);

// Sample code for Word
X509Certificate2 cert = new X509Certificate2("c:\temp\keystore.pfx", "private_key_password");
doc.save("C:\test_old.doc");
DigitalSignatureUtil.sign("C:\test_old.doc", "C:\test_signature.doc", cert, "Test digital signature", new Date());

tahir.manzoor · June 23, 2014, 12:36pm

Hi Kumar,

Thanks
for your inquiry. https://reference.aspose.com/words/java/com.aspose.words/PdfDigitalSignatureDetails

*kumaraswamy.m:

Aspose doesn’t allow to pick a certificate from the keystore. The certificate has to be present as file. Is there a way to pick the certificate from the keystore.*

The first parameter of PdfDigitalSignatureDetails class is path of certificate file. Aspose.Words does not pick the certificate from keystore.

*kumaraswamy.m:

Does the certificate has to be in PKCS format? I tried with JKS keystore type and it didn’t work.
Is it mandatory that the certificate contain private key? Could a single .pfx file contain more than one private key?
What is the signature algorithm used? Will the algorithm same for PDF and Word document?*

We are in communication with our development team about your query and will get back to you as soon as possible.

*kumaraswamy.m:

Is there a way to sign the word document during save?*

Document.Save method method does not provide this feature. Please use DigitalSignatureUtil.Sign.

*kumaraswamy.m:

Are DOC, DOCX, DOCM formats supported?*

DigitalSignatureUtil.Sign method signs source document using given digital signature and writes signed document to destination stream. Document should be either Doc or Docx.

tahir.manzoor · June 25, 2014, 2:12pm

Hi Kumar,

Thanks
for your patience.

*kumaraswamy.m:

Does the certificate has to be in PKCS format? I tried with JKS keystore type and it didn’t work.*

It has to be in PKCS format. We use PKCS12.

*kumaraswamy.m:

Is it mandatory that the certificate contain private key? Could a single .pfx file contain more than one private key?*

A certificate must contain private key. At the moment we support only one private key and very first one will be used.

*kumaraswamy.m:

What is the signature algorithm used? Will the algorithm same for PDF and Word document?*

For PDF to compute the signature we use:

MD5withRSA
SHA1withRSA
SHA256withRSA
SHA384withRSA
SHA512withRSA

For xml based documents we use:

SHA1withDSA
SHA1withRSA
HMAC-SHA1
MD5withRSA
RIPEMD160withRSA
SHA256withRSA
SHA384withRSA
SHA512withRSA
ECDSAwithSHA1
ECDSAwithSHA256
ECDSAwithSHA384
ECDSAwithSHA512
HMAC-MD5
HMAC-RIPEMD160
HMAC-SHA256
HMAC-SHA384
HMAC-SHA512

kumaraswamy.m · June 25, 2014, 9:36pm

Thanks Tahir for the detailed information.

Are there any enhancements planned like supporting certificate formats other than PKCS, allowing to sign word document while saving and more?

tahir.manzoor · June 26, 2014, 3:47am

Hi Kumar,

Thanks
for your inquiry. Currently, certificate has to be in PKCS format. Please share some detail about your requirements. We will then log new feature request according to your requirement.

Regarding signing word document using Document.Save method, please share detail why you need this feature. You can work with your documents and save them using Aspose.Words. Once everything is done, you can use DigitalSignatureUtil.Sign method to sign documents.

kumaraswamy.m · June 29, 2014, 9:17am

Hi Tahir,

>>> Please share some detail about your requirements. We will then log new feature request according to your requirement.
- Add support for formats like JKS. Our use could have certificates created in JKS format and have signing using a CA. In such case, they could reuse the certificate in JKS format to digitally sign the Word/PDF document.
-

>>> Regarding signing word document using Document.Save method, please share detail why you need this feature. You can work with your documents and save them using Aspose.Words. Once everything is done, you can use DigitalSignatureUtil.Sign method to sign documents.
- Instead of a two step process, make this as one step like saving PDF with options
- For our users, document generation and adding digital signature is a single step process. If the document being generated takes long time and the certificate is incorrect, user will get to know that the certificate is incorrect after long time after the document in generated. Clubbing both the steps together might save time if the certificate validity is checked before document save even begins.

Thanks,
Kumar

tahir.manzoor · June 30, 2014, 7:59am

Hi Kumar,

Thanks for sharing the detail. I have logged these features as follow:

WORDSNET-10363 : Add feature to sign Doc/Docx document using Document.Save method
WORDSJAVA-906 : Add feature to sign PDF using JKS keystore type

You will be notified via this forum thread once these features are available. We apologize for your inconvenience.

kumaraswamy.m · June 30, 2014, 9:17am

Thanks Tahir,

>>> WORDSJAVA-906 : Add feature to sign PDF using JKS keystore type
Please include Word as well to sign using JKS keystore type.

I hope both the features have been logged for Aspose.Words for Java.

Thanks,
Kumar

tahir.manzoor · July 1, 2014, 3:10am

Hi Kumar,

Thanks for your inquiry. Yes, both features will be available in Aspose.Words for Java. Our development team will look into the
possibility of implementation of these requested features. Once we have
any information about these features, we will update you via this thread.

*kumaraswamy.m:

WORDSJAVA-906 : Add feature to sign PDF using JKS keystore type
Please include Word as well to sign using JKS keystore type.*

I have logged this feature request as WORDSNET-10367 in our issue tracking system. We will update you via this forum thread once this feature is available.

Please let us know if you have any more queries.

tahir.manzoor · October 30, 2014, 10:53am

Hi Kumar,

Could you please share what does you want to use JKS keystore in Java environment or you want to use it in .Net? Please share this detail.

kumaraswamy.m · October 30, 2014, 11:39pm

Hi Tahir,

>>> It has to be in PKCS format. We use PKCS12.
In one your comment above, you mentioned that the certificate has to be in PKCS format. What I’m asking is to be able to use JKS format certificate while digitally signing Word and PDF document using Aspose.Words For Java.

Does this answer your question?

Thanks,
Kumar

tahir.manzoor · November 3, 2014, 8:09am

Hi Kumar,

Thanks for your answer. We will let you know if we have any more queries. Thanks for your cooperation.

aspose.notifier · November 10, 2014, 2:16am

The issues you have found earlier (filed as WORDSJAVA-906) have been fixed in this .NET update and this Java update.

This message was posted using Notification2Forum from Downloads module by aspose.notifier.

aspose.notifier · January 12, 2015, 1:31am

The issues you have found earlier (filed as WORDSNET-10367) have been fixed in this .NET update and this Java update.

This message was posted using Notification2Forum from Downloads module by aspose.notifier.

tahir.manzoor · July 4, 2018, 12:31pm

A post was split to a new topic: Insert Digital Signature at bookmark