Hello, all.
I'm trying to digital sign (certificate + private key) a docx. I followed
the example at https://poi.apache.org/encryption.html and could sign the
document, so when I open it with my archive manager I can see the generated
XML in '_xmlsignatures' folder.
If I change the signer (other certificate + other private key) and do the
same thing I expect that another signature would be add, but the sig1.xml
file is replaced instead. So, I cannot find a way to add both signatures to
the document.
Can you help me?
I'm using Apache POI 3.13 with all the dependencies (set through maven) and
my code is above.
public static void main(String args[]) throws Exception
{
char password[] = "1234".toCharArray();
KeyStore keystore = KeyStore.getInstance("PKCS12");
File cert = new
File("/home/leovan/devel/certificados/certificate.pfx");
try (FileInputStream fis = new FileInputStream(cert)) {
keystore.load(fis, password);
}
Key key = keystore.getKey("1", password);
X509Certificate x509 =
(X509Certificate)keystore.getCertificate("1");
SignatureConfig signatureConfig = new SignatureConfig();
signatureConfig.setKey((PrivateKey) key);
signatureConfig.setSignatureDescription("Teste");
signatureConfig.setXadesSignatureId("idTeste1");
signatureConfig.setSigningCertificateChain(Collections.singletonList(x509));
OPCPackage pkg =
OPCPackage.open("/home/leovan/Downloads/Musicas.docx",
PackageAccess.READ_WRITE);
signatureConfig.setOpcPackage(pkg);
SignatureInfo si = new SignatureInfo();
si.setSignatureConfig(signatureConfig);
si.confirmSignature();
pkg.close();
}
