{"id":23430010,"url":"https://github.com/alessioscarfone/java-digital-signature","last_synced_at":"2025-04-12T21:36:20.420Z","repository":{"id":124206905,"uuid":"141732570","full_name":"AlessioScarfone/Java-Digital-Signature","owner":"AlessioScarfone","description":"Java command line tool for digital signature with PKCS#11 token.","archived":false,"fork":false,"pushed_at":"2024-08-01T16:33:56.000Z","size":20460,"stargazers_count":39,"open_issues_count":4,"forks_count":13,"subscribers_count":4,"default_branch":"master","last_synced_at":"2025-03-26T15:48:07.590Z","etag":null,"topics":["cades","cli-tool","digital-signature","dss","esignature","java","pades","pkcs11","signature"],"latest_commit_sha":null,"homepage":"","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/AlessioScarfone.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null},"funding":{"ko_fi":"alescarf"}},"created_at":"2018-07-20T16:07:23.000Z","updated_at":"2025-01-31T13:16:08.000Z","dependencies_parsed_at":null,"dependency_job_id":"b1973f2b-4dfc-4a0d-8a72-5f2d18386b47","html_url":"https://github.com/AlessioScarfone/Java-Digital-Signature","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AlessioScarfone%2FJava-Digital-Signature","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AlessioScarfone%2FJava-Digital-Signature/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AlessioScarfone%2FJava-Digital-Signature/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AlessioScarfone%2FJava-Digital-Signature/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/AlessioScarfone","download_url":"https://codeload.github.com/AlessioScarfone/Java-Digital-Signature/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248637283,"owners_count":21137531,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cades","cli-tool","digital-signature","dss","esignature","java","pades","pkcs11","signature"],"created_at":"2024-12-23T08:14:05.880Z","updated_at":"2025-04-12T21:36:20.392Z","avatar_url":"https://github.com/AlessioScarfone.png","language":"Java","funding_links":["https://ko-fi.com/alescarf","https://ko-fi.com/G2G5Z4O75"],"categories":[],"sub_categories":[],"readme":"# Java-Digital-Signature\nJava command line tool for digital signature with PKCS#11 token.\n\n## Support me\nIf you find my work useful and would like to contribute, consider supporting me.\n\n[![ko-fi](https://ko-fi.com/img/githubbutton_sm.svg)](https://ko-fi.com/G2G5Z4O75)\n\n\n## Instruction\nTo use the tool simply run `signer.jar`.\n\n```\n# help\n\u003e java -jar signer.jar -h\n\nUsage: PKCS#11 Digital Signature Tool [options] [command] [command options]\n  Options:\n    -h, --help\n      display help\n    -d, --driver\n      PKCS#11 Driver\n    -p, --password\n      Pass password in command line (USE WITH CAUTION)\n    -u, --key-usage\n      show key usage\n      Default: false\n    -i, --info-certificates\n      show certificates info\n      Default: false\n  Commands:\n    cades      CAdES signature format\n      Usage: cades [options] FileToSign\n        Options:\n          -h, --help\n            display help\n          -c, --choose-certificate\n            choose certificate to use\n          -o, --output-folder\n            set destination FOLDER for the output file\n          -n, --newfile-name\n            set name of the new file\n\n    pades      PAdES signature format\n      Usage: pades [options] FileToSign\n        Options:\n          -h, --help\n            display help\n          -c, --choose-certificate\n            choose certificate to use\n          -o, --output-folder\n            set destination FOLDER for the output file\n          -n, --newfile-name\n            set name of the new file\n          -v, --visible-signature\n            add visible signature - only text\n            Default: false\n          -vi, --visible-signature-image\n            add visible signature - text and image\n          -s, --skip-field-selection\n            skip the choice of the field to use\n            Default: false\n          -f, --field-to-sign\n            name of the field to sign\n          -pg, --page\n            page of signature  [If a field is selected this option is ignored]\n            Default: 1\n          -pv, --vertical-signature-position\n            vertical position of visible signature: T(op) - M(iddle) -\n            B(ottom) [If a field is selected this option is ignored]\n          -ph, --horizontal-signature-position\n            horizontal position of visible signature: L(eft) - C(enter) -\n            R(ight) [If a field is selected this option is ignored]\n\n```\n-----\n### Usage example\n\n#### Token Info:\n\nList all certificates and show purpose of the public key contained in each certificate (key usage).\n\n```\n\u003ejava -jar signer.jar -u\n\nPassword:\n\u003ccertificate name\u003e\nCertificate: \u003ci\u003e\nKey Usage:\n digitalSignature =\u003e false\n nonRepudiation =\u003e true\n keyEncipherment =\u003e false\n dataEncipherment =\u003e false\n keyAgreement =\u003e false\n keyCertSign =\u003e false\n cRLSign =\u003e false\n encipherOnly =\u003e false\n decipherOnly =\u003e false\n```\n\nFor more detailed info use `-i` option.\n\nThe *jar* contain the driver used for the token in use (see **NOTE** section at the end of the Readme) and auto extract it, in the same folder of the jar, at the first run. \n\nIt is possible to **use a specific driver** with the `-d` option.\n\n#### CAdES (CMS Advanced Electronic Signatures):\n\n```\n# Basic usage:\n\u003ejava -jar signer.jar cades test.pdf\nSelected Signature Format: CADES\nStart Signature Procedure\nPassword:\n\nCertificate to use:  \u003ccertificate name\u003e\nStart of signing process...\nCreate signed file: test.pdf.p7m\nEnd of signing process.\n\n```\n\nIt is possible to specify folder and name of the output file with `-o` and `-n` options:\n\n```\n\u003ejava -jar signer.jar cades test.pdf -o Test -n newfile.pdf\n```\n\n#### PAdES (PDF Advanced Electronic Signatures):\n\n- **No visible signature**\n\n```\n\u003ejava -jar signer.jar pades test.pdf\nSelected Signature Format: PADES\nStart Signature Procedure\nPassword:\n\nCertificate to use:  \u003ccertificate name\u003e\nNo available field in the pdf.\nStart of signing process...\nCreate signed file: test-signed.pdf\nEnd of signing process.\n```\n\n- **Visible signature** (`-v` option or `-vi` for use also an image).\nIf the *pdf* contains some signable fields, the tool asks to user if he wants to use one of them, else the signature is placed in the lower left corner of the first page. The position of the signature can be customized using the options `-pg`, `-pv`, `-ph` (*page, vertical postion, horizontal position*)\n\n```\n\u003ejava -jar signer.jar pades -v test.pdf\n[...]\n\nCertificate to use: \u003ccertificate name\u003e\nNo available field in the pdf.\nStart of signing process...\nCreate signed file: test-signed(1).pdf\nEnd of signing process.\n\n\u003ejava -jar signer.jar pades -v test-form.pdf -pg 2 -pv T -ph R\n[....]\n\n# Put Signature in the top right corner of the second page of the pdf\n\n```\n\n- Try to sign a document that contains signable **fields**:\n\n```\n\u003ejava -jar signer.jar pades -v test-form.pdf                                                      \n[...]\nCertificate to use: \u003ccertificate name\u003e \n[0] - page:1 - Signature\n[1] - page:1 - Signature_1\n[2] - page:2 - Signature_2\nSelect Field to use (-1 or Enter for skip):0\n[....]   \n```\nIn this way the field named 'Signature' was used for contain the signature.\nIf the field name is already known, it can be provided with  `-f` option.\nFor skip this step use `-s` option.\n\n```\n\u003ejava -jar signer.jar pades -v test-form.pdf -f Signature\n```\n\n**NB:** if a field is selected, all placement options (`-pg`, `-pv`, `-ph`) are ignored. \n\n-----\n#### Dependencies: \n\n- Digital Signature Services (DSS): https://github.com/esig/dss\n- JCommander: https://github.com/cbeust/jcommander\n\n-----\n\n#### NOTE:\n- Tested only on **Windows 10, 8.1 (Oracle JDK8).**\n\n- **Tested with Bit4id smart card reader and an Italian CNS** (all provided by Aruba): \n\n    [Link to Aruba page](https://www.pec.it/cns-token.aspx) \n    \n    [Link to Bit4id usb token](https://www.bit4id.com/en/lettore-di-smart-card-minilector-s-evo/)\n\n![Token Image](https://www.pec.it/getattachment/20362be8-daa3-44a6-9a91-4d801245baa7/Token)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Falessioscarfone%2Fjava-digital-signature","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Falessioscarfone%2Fjava-digital-signature","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Falessioscarfone%2Fjava-digital-signature/lists"}