hexapdf 0.28.0 → 0.29.0

data/test/hexapdf/digital_signature/signing/test_timestamp_handler.rb

@@ -0,0 +1,88 @@
+# -*- encoding: utf-8 -*-
+
+require 'test_helper'
+require 'hexapdf/document'
+require_relative '../common'
+
+describe HexaPDF::DigitalSignature::Signing::TimestampHandler do
+  before do
+    @doc = HexaPDF::Document.new
+    @handler = HexaPDF::DigitalSignature::Signing::TimestampHandler.new
+  end
+
+  it "allows setting the attributes in the constructor" do
+    handler = @handler.class.new(
+      tsa_url: "url", tsa_hash_algorithm: "MD5", tsa_policy_id: "5",
+      reason: "Reason", location: "Location", contact_info: "Contact",
+      signature_size: 1_000
+    )
+    assert_equal("url", handler.tsa_url)
+    assert_equal("MD5", handler.tsa_hash_algorithm)
+    assert_equal("5", handler.tsa_policy_id)
+    assert_equal("Reason", handler.reason)
+    assert_equal("Location", handler.location)
+    assert_equal("Contact", handler.contact_info)
+    assert_equal(1_000, handler.signature_size)
+  end
+
+  it "finalizes the signature field and signature objects" do
+    @field = @doc.wrap({})
+    @sig = @doc.wrap({})
+    @handler.reason = 'Reason'
+    @handler.location = 'Location'
+    @handler.contact_info = 'Contact'
+
+    @handler.finalize_objects(@field, @sig)
+    assert_equal('2.0', @doc.version)
+    assert_equal(:DocTimeStamp, @sig[:Type])
+    assert_equal(:'Adobe.PPKLite', @sig[:Filter])
+    assert_equal(:'ETSI.RFC3161', @sig[:SubFilter])
+    assert_equal('Reason', @sig[:Reason])
+    assert_equal('Location', @sig[:Location])
+    assert_equal('Contact', @sig[:ContactInfo])
+  end
+
+  it "returns the size of serialized signature" do
+    @handler.tsa_url = "http://127.0.0.1:34567"
+    CERTIFICATES.start_tsa_server
+    assert(@handler.signature_size > 1000)
+  end
+
+  describe "sign" do
+    before do
+      @data = StringIO.new("data")
+      @range = [0, 4, 0, 0]
+      @handler.tsa_url = "http://127.0.0.1:34567"
+      CERTIFICATES.start_tsa_server
+    end
+
+    it "respects the set hash algorithm and policy id" do
+      @handler.tsa_hash_algorithm = 'SHA256'
+      @handler.tsa_policy_id = '1.2.3.4.2'
+      token = OpenSSL::ASN1.decode(@handler.sign(@data, @range))
+      content = OpenSSL::ASN1.decode(token.value[1].value[0].value[2].value[1].value[0].value)
+      policy_id = content.value[1].value
+      digest_algorithm = content.value[2].value[0].value[0].value
+      assert_equal('SHA256', digest_algorithm)
+      assert_equal("1.2.3.4.2", policy_id)
+    end
+
+    it "returns the serialized timestamp token" do
+      token = OpenSSL::PKCS7.new(@handler.sign(@data, @range))
+      assert_equal(CERTIFICATES.ca_certificate.subject, token.signers[0].issuer)
+      assert_equal(CERTIFICATES.timestamp_certificate.serial, token.signers[0].serial)
+    end
+
+    it "fails if the timestamp token could not be created" do
+      @handler.tsa_hash_algorithm = 'SHA1'
+      msg = assert_raises(HexaPDF::Error) { @handler.sign(@data, @range) }
+      assert_match(/BAD_ALG/, msg.message)
+    end
+
+    it "fails if the timestamp server couldn't process the request" do
+      @handler.tsa_policy_id = '1.2.3.4.1'
+      msg = assert_raises(HexaPDF::Error) { @handler.sign(@data, @range) }
+      assert_match(/Invalid TSA server response/, msg.message)
+    end
+  end
+end

data/test/hexapdf/{type/signature/test_adbe_pkcs7_detached.rb → digital_signature/test_cms_handler.rb}

@@ -3,10 +3,10 @@
 require 'digest'
 require 'test_helper'
 require_relative 'common'
-require 'hexapdf/type/signature'
+require 'hexapdf/digital_signature'
 require 'ostruct'
 
-describe HexaPDF::Type::Signature::AdbePkcs7Detached do
+describe HexaPDF::DigitalSignature::CMSHandler do
   before do
     @data = 'Some data'
     @dict = OpenStruct.new
@@ -15,11 +15,11 @@ describe HexaPDF::Type::Signature::AdbePkcs7Detached do
                                  OpenSSL::PKCS7::DETACHED)
     @dict.contents = @pkcs7.to_der
     @dict.signed_data = @data
-    @handler = HexaPDF::Type::Signature::AdbePkcs7Detached.new(@dict)
+    @handler = HexaPDF::DigitalSignature::CMSHandler.new(@dict)
   end
 
   it "returns the signer name" do
-    assert_equal("signer", @handler.signer_name)
+    assert_equal("RSA signer", @handler.signer_name)
   end
 
   it "returns the signing time" do
@@ -60,7 +60,7 @@ describe HexaPDF::Type::Signature::AdbePkcs7Detached do
       @pkcs7.add_signer(OpenSSL::PKCS7::SignerInfo.new(CERTIFICATES.signer_certificate,
                                                        CERTIFICATES.signer_key, 'SHA1'))
       @dict.contents = @pkcs7.to_der
-      @handler = HexaPDF::Type::Signature::AdbePkcs7Detached.new(@dict)
+      @handler = HexaPDF::DigitalSignature::CMSHandler.new(@dict)
       result = @handler.verify(@store)
       assert_equal(2, result.messages.size)
       assert_equal(:error, result.messages.first.type)
@@ -80,7 +80,7 @@ describe HexaPDF::Type::Signature::AdbePkcs7Detached do
                                    @data, [CERTIFICATES.ca_certificate],
                                    OpenSSL::PKCS7::DETACHED)
       @dict.contents = @pkcs7.to_der
-      @handler = HexaPDF::Type::Signature::AdbePkcs7Detached.new(@dict)
+      @handler = HexaPDF::DigitalSignature::CMSHandler.new(@dict)
       result = @handler.verify(@store)
       assert_equal(:error, result.messages.first.type)
       assert_match(/key usage is missing 'Digital Signature'/, result.messages.first.content)
@@ -110,7 +110,7 @@ describe HexaPDF::Type::Signature::AdbePkcs7Detached do
       res = fac.create_timestamp(CERTIFICATES.signer_key, CERTIFICATES.timestamp_certificate, req)
       @dict.contents = res.token.to_der
       @dict.signature_type = 'ETSI.RFC3161'
-      @handler = HexaPDF::Type::Signature::AdbePkcs7Detached.new(@dict)
+      @handler = HexaPDF::DigitalSignature::CMSHandler.new(@dict)
 
       result = @handler.verify(@store)
       assert_equal(:info, result.messages.last.type)

data/test/hexapdf/{type/signature → digital_signature}/test_handler.rb

@@ -1,17 +1,17 @@
 # -*- encoding: utf-8 -*-
 
 require 'test_helper'
-require 'hexapdf/type/signature'
+require 'hexapdf/digital_signature'
 require 'hexapdf/document'
 require 'time'
 require 'ostruct'
 
-describe HexaPDF::Type::Signature::Handler do
+describe HexaPDF::DigitalSignature::Handler do
   before do
     @time = Time.parse("2021-11-14 7:00")
     @dict = {Name: "handler", M: @time}
-    @handler = HexaPDF::Type::Signature::Handler.new(@dict)
-    @result = HexaPDF::Type::Signature::VerificationResult.new
+    @handler = HexaPDF::DigitalSignature::Handler.new(@dict)
+    @result = HexaPDF::DigitalSignature::VerificationResult.new
   end
 
   it "returns the signer name" do

data/test/hexapdf/{type/signature/test_adbe_x509_rsa_sha1.rb → digital_signature/test_pkcs1_handler.rb}

@@ -2,10 +2,10 @@
 
 require 'test_helper'
 require_relative 'common'
-require 'hexapdf/type/signature'
+require 'hexapdf/digital_signature'
 require 'ostruct'
 
-describe HexaPDF::Type::Signature::AdbeX509RsaSha1 do
+describe HexaPDF::DigitalSignature::PKCS1Handler do
   before do
     @data = 'Some data'
     @dict = OpenStruct.new
@@ -14,7 +14,7 @@ describe HexaPDF::Type::Signature::AdbeX509RsaSha1 do
     @dict.contents = OpenSSL::ASN1::OctetString.new(encoded_data).to_der
     @dict.Cert = [CERTIFICATES.signer_certificate.to_der]
     def @dict.key?(*); true; end
-    @handler = HexaPDF::Type::Signature::AdbeX509RsaSha1.new(@dict)
+    @handler = HexaPDF::DigitalSignature::PKCS1Handler.new(@dict)
   end
 
   it "returns the certificate chain" do

data/test/hexapdf/{type → digital_signature}/test_signature.rb

@@ -2,11 +2,11 @@
 
 require 'test_helper'
 require 'hexapdf/document'
-require 'hexapdf/type/signature'
-require_relative 'signature/common'
+require 'hexapdf/digital_signature'
+require_relative 'common'
 require 'stringio'
 
-describe HexaPDF::Type::Signature::TransformParams do
+describe HexaPDF::DigitalSignature::Signature::TransformParams do
   before do
     @doc = HexaPDF::Document.new
     @params = @doc.add({Type: :TransformParams})
@@ -36,7 +36,7 @@ describe HexaPDF::Type::Signature::TransformParams do
   end
 end
 
-describe HexaPDF::Type::Signature::SignatureReference do
+describe HexaPDF::DigitalSignature::Signature::SignatureReference do
   before do
     @doc = HexaPDF::Document.new
     @sigref = @doc.add({Type: :SigRef})
@@ -52,7 +52,7 @@ describe HexaPDF::Type::Signature::SignatureReference do
   end
 end
 
-describe HexaPDF::Type::Signature do
+describe HexaPDF::DigitalSignature::Signature do
   before do
     @doc = HexaPDF::Document.new
     @sig = @doc.add({Type: :Sig, Filter: :'Adobe.PPKLite', SubFilter: :'ETSI.CAdES.detached'})
@@ -65,7 +65,7 @@ describe HexaPDF::Type::Signature do
   end
 
   it "returns the signer name" do
-    assert_equal('signer', @sig.signer_name)
+    assert_equal('RSA signer', @sig.signer_name)
   end
 
   it "returns the signing time" do
@@ -88,7 +88,7 @@ describe HexaPDF::Type::Signature do
 
   describe "signature_handler" do
     it "returns the signature handler" do
-      assert_kind_of(HexaPDF::Type::Signature::Handler, @sig.signature_handler)
+      assert_kind_of(HexaPDF::DigitalSignature::Handler, @sig.signature_handler)
     end
 
     it "fails if the required handler is not available" do

data/test/hexapdf/digital_signature/test_signatures.rb

@@ -0,0 +1,137 @@
+# -*- encoding: utf-8 -*-
+
+require 'test_helper'
+require 'stringio'
+require 'tempfile'
+require 'hexapdf/document'
+require_relative 'common'
+
+describe HexaPDF::DigitalSignature::Signatures do
+  before do
+    @doc = HexaPDF::Document.new
+    @form = @doc.acro_form(create: true)
+    @sig1 = @form.create_signature_field("test1")
+    @sig2 = @form.create_signature_field("test2")
+  end
+
+  it "iterates over all signature dictionaries" do
+    assert_equal([], @doc.signatures.to_a)
+    @sig1.field_value = :sig1
+    @sig2.field_value = :sig2
+    assert_equal([:sig1, :sig2], @doc.signatures.to_a)
+  end
+
+  it "returns the number of signature dictionaries" do
+    @sig1.field_value = :sig1
+    assert_equal(1, @doc.signatures.count)
+  end
+
+  describe "signing_handler" do
+    it "return the initialized handler" do
+      handler = @doc.signatures.signing_handler(certificate: 'cert', reason: 'reason')
+      assert_equal('cert', handler.certificate)
+      assert_equal('reason', handler.reason)
+    end
+
+    it "fails if the given task is not available" do
+      assert_raises(HexaPDF::Error) { @doc.signatures.signing_handler(name: :unknown) }
+    end
+  end
+
+  describe "add" do
+    before do
+      @doc = HexaPDF::Document.new(io: StringIO.new(MINIMAL_PDF))
+      @io = StringIO.new(''.b)
+      @handler = @doc.signatures.signing_handler(
+        certificate: CERTIFICATES.signer_certificate,
+        key: CERTIFICATES.signer_key,
+        certificate_chain: [CERTIFICATES.ca_certificate]
+      )
+    end
+
+    it "uses the provided signature dictionary" do
+      sig = @doc.add({Type: :Sig, Key: :value})
+      @doc.signatures.add(@io, @handler, signature: sig)
+      assert_equal(1, @doc.signatures.to_a.compact.size)
+      assert_equal(:value, @doc.signatures.to_a[0][:Key])
+      refute_equal(:value, @doc.acro_form.each_field.first[:Key])
+    end
+
+    it "creates the signature dictionary if none is provided" do
+      @doc.signatures.add(@io, @handler)
+      assert_equal(1, @doc.signatures.to_a.compact.size)
+      refute(@doc.acro_form.each_field.first.key?(:Contents))
+    end
+
+    it "sets the needed information on the signature dictionary" do
+      def @handler.finalize_objects(sigfield, sig)
+        sig[:key] = :sig
+        sigfield[:key] = :sig_field
+      end
+      @doc.signatures.add(@io, @handler, write_options: {update_fields: false})
+      sig = @doc.signatures.first
+      assert_equal([0, 925, 925 + sig[:Contents].size * 2 + 2, 2501], sig[:ByteRange].value)
+      assert_equal(:sig, sig[:key])
+      assert_equal(:sig_field, @doc.acro_form.each_field.first[:key])
+      assert(sig.key?(:Contents))
+    end
+
+    it "creates the main form dictionary if necessary" do
+      @doc.signatures.add(@io, @handler)
+      assert(@doc.acro_form)
+      assert_equal([:signatures_exist, :append_only], @doc.acro_form.signature_flags)
+    end
+
+    it "uses the provided signature field" do
+      field = @doc.acro_form(create: true).create_signature_field('Signature2')
+      @doc.signatures.add(@io, @handler, signature: field)
+      assert_nil(@doc.acro_form.field_by_name("Signature3"))
+      refute_nil(field.field_value)
+      assert_nil(@doc.signatures.first[:T])
+    end
+
+    it "uses an existing signature field if possible" do
+      field = @doc.acro_form(create: true).create_signature_field('Signature2')
+      field.field_value = sig = @doc.add({Type: :Sig, key: :value})
+      @doc.signatures.add(@io, @handler, signature: sig)
+      assert_nil(@doc.acro_form.field_by_name("Signature3"))
+      assert_same(sig, @doc.signatures.first)
+    end
+
+    it "creates the signature field if necessary" do
+      @doc.acro_form(create: true).create_text_field('Signature2')
+      @doc.signatures.add(@io, @handler)
+      field = @doc.acro_form.field_by_name("Signature3")
+      assert_equal(:Sig, field.field_type)
+      refute_nil(field.field_value)
+      assert_equal(1, field.each_widget.count)
+    end
+
+    it "handles different xref section types correctly when determing the offsets" do
+      @doc.delete(7)
+      sig = @doc.signatures.add(@io, @handler, write_options: {update_fields: false})
+      assert_equal([0, 1036, 1036 + sig[:Contents].size * 2 + 2, 2483], sig[:ByteRange].value)
+    end
+
+    it "works if the signature object is the last object of the xref section" do
+      field = @doc.acro_form(create: true).create_signature_field('Signature2')
+      field.create_widget(@doc.pages[0], Rect: [0, 0, 0, 0])
+      sig = @doc.signatures.add(@io, @handler, signature: field, write_options: {update_fields: false})
+      assert_equal([0, 3143, 3143 + sig[:Contents].size * 2 + 2, 380], sig[:ByteRange].value)
+    end
+
+    it "allows writing to a file in addition to writing to an IO" do
+      tempfile = Tempfile.new('hexapdf-signature')
+      tempfile.close
+      @doc.signatures.add(tempfile.path, @handler)
+      doc = HexaPDF::Document.open(tempfile.path)
+      assert(doc.signatures.first.verify(allow_self_signed: true).success?)
+    end
+
+    it "adds a new revision with the signature" do
+      @doc.signatures.add(@io, @handler)
+      signed_doc = HexaPDF::Document.new(io: @io)
+      assert(signed_doc.signatures.first.verify)
+    end
+  end
+end

data/test/hexapdf/digital_signature/test_signing.rb

@@ -0,0 +1,53 @@
+# -*- encoding: utf-8 -*-
+
+require 'test_helper'
+require 'hexapdf/document'
+require 'hexapdf/digital_signature'
+require_relative 'common'
+
+describe HexaPDF::DigitalSignature::Signing do
+  before do
+    @handler = HexaPDF::DigitalSignature::Signing::DefaultHandler.new(
+      certificate: CERTIFICATES.signer_certificate,
+      key: CERTIFICATES.signer_key,
+      certificate_chain: [CERTIFICATES.ca_certificate]
+    )
+  end
+
+  it "allows embedding an external signature value" do
+    # Create first signature normally for testing the signature-finding code later
+    doc = HexaPDF::Document.new(io: StringIO.new(MINIMAL_PDF))
+    io = StringIO.new(''.b)
+    doc.signatures.add(io, @handler)
+    doc = HexaPDF::Document.new(io: io)
+    io = StringIO.new(''.b)
+
+    byte_range = nil
+    @handler.signature_size = 5000
+    @handler.certificate = nil
+    @handler.external_signing = proc {|_, br| byte_range = br; "" }
+    doc.signatures.add(io, @handler)
+
+    io.pos = byte_range[0]
+    data = io.read(byte_range[1])
+    io.pos = byte_range[2]
+    data << io.read(byte_range[3])
+    contents = OpenSSL::PKCS7.sign(CERTIFICATES.signer_certificate, @handler.key, data,
+                                   @handler.certificate_chain,
+                                   OpenSSL::PKCS7::DETACHED | OpenSSL::PKCS7::BINARY).to_der
+    HexaPDF::DigitalSignature::Signing.embed_signature(io, contents)
+    doc = HexaPDF::Document.new(io: io)
+    assert_equal(2, doc.signatures.each.count)
+    doc.signatures.each do |signature|
+      assert(signature.verify(allow_self_signed: true).messages.find {|m| m.content == 'Signature valid' })
+    end
+  end
+
+  it "fails if the reserved signature space is too small" do
+    doc = HexaPDF::Document.new(io: StringIO.new(MINIMAL_PDF))
+    io = StringIO.new(''.b)
+    def @handler.signature_size; 200; end
+    msg = assert_raises(HexaPDF::Error) { doc.signatures.add(io, @handler) }
+    assert_match(/space.*too small.*200 vs/, msg.message)
+  end
+end

data/test/hexapdf/{type/signature → digital_signature}/test_verification_result.rb

@@ -1,26 +1,26 @@
 # -*- encoding: utf-8 -*-
 
 require 'test_helper'
-require 'hexapdf/type/signature'
+require 'hexapdf/digital_signature'
 
-describe HexaPDF::Type::Signature::VerificationResult do
+describe HexaPDF::DigitalSignature::VerificationResult do
   describe "Message" do
     it "accepts a type and a content argument on creation" do
-      m = HexaPDF::Type::Signature::VerificationResult::Message.new(:type, 'content')
+      m = HexaPDF::DigitalSignature::VerificationResult::Message.new(:type, 'content')
       assert_equal(:type, m.type)
       assert_equal('content', m.content)
     end
 
     it "allows sorting by type" do
-      info =  HexaPDF::Type::Signature::VerificationResult::Message.new(:info, 'c')
-      warning = HexaPDF::Type::Signature::VerificationResult::Message.new(:warning, 'c')
-      error = HexaPDF::Type::Signature::VerificationResult::Message.new(:error, 'c')
+      info =  HexaPDF::DigitalSignature::VerificationResult::Message.new(:info, 'c')
+      warning = HexaPDF::DigitalSignature::VerificationResult::Message.new(:warning, 'c')
+      error = HexaPDF::DigitalSignature::VerificationResult::Message.new(:error, 'c')
       assert_equal([error, warning, info], [info, error, warning].sort)
     end
   end
 
   before do
-    @result = HexaPDF::Type::Signature::VerificationResult.new
+    @result = HexaPDF::DigitalSignature::VerificationResult.new
   end
 
   it "can add new messages" do

data/test/hexapdf/test_dictionary_fields.rb

@@ -175,7 +175,6 @@ describe HexaPDF::DictionaryFields do
 
     it "allows conversion to a Time object from a binary string" do
       refute(@field.convert('test'.b, self))
-      refute(@field.convert('D:01211016165909+00\'64'.b, self))
 
       [
         ["D:1998", [1998, 01, 01, 00, 00, 00, "-00:00"]],
@@ -191,6 +190,8 @@ describe HexaPDF::DictionaryFields do
         ["D:1998-08'00'", [1998, 01, 01, 00, 00, 00, "-08:00"]],
         ["D:19981223195210-08", [1998, 12, 23, 19, 52, 10, "-08:00"]], # non-standard, missing '
         ["D:19981223195210-08'00", [1998, 12, 23, 19, 52, 10, "-08:00"]], # non-standard, missing '
+        ["D:19981223195210-54'00", [1998, 12, 23, 19, 52, 10, "-23:59:59"]], # non-standard, TZ hour to large
+        ["D:19981223195210+10'65", [1998, 12, 23, 19, 52, 10, "+11:05"]], # non-standard, TZ min to large
       ].each do |str, data|
         obj = @field.convert(str, self)
         assert_equal(Time.new(*data), obj, "date str used: #{str}")

data/test/hexapdf/test_document.rb

@@ -504,7 +504,7 @@ describe HexaPDF::Document do
 
     it "allows to conveniently sign a document" do
       mock = Minitest::Mock.new
-      mock.expect(:handler, :handler, name: :handler, opt: :key)
+      mock.expect(:signing_handler, :handler, name: :handler, opt: :key)
       mock.expect(:add, :added, [:io, :handler], signature: :sig, write_options: :write_options)
       @doc.instance_variable_set(:@signatures, mock)
       result = @doc.sign(:io, handler: :handler, write_options: :write_options, signature: :sig, opt: :key)

data/test/hexapdf/test_writer.rb

@@ -40,7 +40,7 @@ describe HexaPDF::Writer do
       219
       %%EOF
       3 0 obj
-      <</Producer(HexaPDF version 0.28.0)>>
+      <</Producer(HexaPDF version 0.29.0)>>
       endobj
       xref
       3 1
@@ -72,7 +72,7 @@ describe HexaPDF::Writer do
       141
       %%EOF
       6 0 obj
-      <</Producer(HexaPDF version 0.28.0)>>
+      <</Producer(HexaPDF version 0.29.0)>>
       endobj
       2 0 obj
       <</Length 10>>stream
@@ -214,7 +214,7 @@ describe HexaPDF::Writer do
       <</Type/Page/MediaBox[0 0 595 842]/Parent 2 0 R/Resources<<>>>>
       endobj
       5 0 obj
-      <</Producer(HexaPDF version 0.28.0)>>
+      <</Producer(HexaPDF version 0.29.0)>>
       endobj
       4 0 obj
       <</Root 1 0 R/Info 5 0 R/Size 6/Type/XRef/W[1 1 2]/Index[0 6]/Filter/FlateDecode/DecodeParms<</Columns 4/Predictor 12>>/Length 33>>stream

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: hexapdf
 version: !ruby/object:Gem::Version
-  version: 0.28.0
+  version: 0.29.0
 platform: ruby
 authors:
 - Thomas Leitner
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2022-12-30 00:00:00.000000000 Z
+date: 2023-01-30 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: cmdparse
@@ -291,6 +291,7 @@ files:
 - examples/021-list_box.rb
 - examples/022-outline.rb
 - examples/023-images.rb
+- examples/024-digital-signatures.rb
 - examples/emoji-smile.png
 - examples/emoji-wink.png
 - examples/machupicchu.jpg
@@ -328,6 +329,17 @@ files:
 - lib/hexapdf/data_dir.rb
 - lib/hexapdf/dictionary.rb
 - lib/hexapdf/dictionary_fields.rb
+- lib/hexapdf/digital_signature.rb
+- lib/hexapdf/digital_signature/cms_handler.rb
+- lib/hexapdf/digital_signature/handler.rb
+- lib/hexapdf/digital_signature/pkcs1_handler.rb
+- lib/hexapdf/digital_signature/signature.rb
+- lib/hexapdf/digital_signature/signatures.rb
+- lib/hexapdf/digital_signature/signing.rb
+- lib/hexapdf/digital_signature/signing/default_handler.rb
+- lib/hexapdf/digital_signature/signing/signed_data_creator.rb
+- lib/hexapdf/digital_signature/signing/timestamp_handler.rb
+- lib/hexapdf/digital_signature/verification_result.rb
 - lib/hexapdf/document.rb
 - lib/hexapdf/document/destinations.rb
 - lib/hexapdf/document/files.rb
@@ -335,7 +347,6 @@ files:
 - lib/hexapdf/document/images.rb
 - lib/hexapdf/document/layout.rb
 - lib/hexapdf/document/pages.rb
-- lib/hexapdf/document/signatures.rb
 - lib/hexapdf/encryption.rb
 - lib/hexapdf/encryption/aes.rb
 - lib/hexapdf/encryption/arc4.rb
@@ -486,11 +497,6 @@ files:
 - lib/hexapdf/type/page_label.rb
 - lib/hexapdf/type/page_tree_node.rb
 - lib/hexapdf/type/resources.rb
-- lib/hexapdf/type/signature.rb
-- lib/hexapdf/type/signature/adbe_pkcs7_detached.rb
-- lib/hexapdf/type/signature/adbe_x509_rsa_sha1.rb
-- lib/hexapdf/type/signature/handler.rb
-- lib/hexapdf/type/signature/verification_result.rb
 - lib/hexapdf/type/trailer.rb
 - lib/hexapdf/type/viewer_preferences.rb
 - lib/hexapdf/type/xref_stream.rb
@@ -587,13 +593,23 @@ files:
 - test/hexapdf/content/test_parser.rb
 - test/hexapdf/content/test_processor.rb
 - test/hexapdf/content/test_transformation_matrix.rb
+- test/hexapdf/digital_signature/common.rb
+- test/hexapdf/digital_signature/signing/test_default_handler.rb
+- test/hexapdf/digital_signature/signing/test_signed_data_creator.rb
+- test/hexapdf/digital_signature/signing/test_timestamp_handler.rb
+- test/hexapdf/digital_signature/test_cms_handler.rb
+- test/hexapdf/digital_signature/test_handler.rb
+- test/hexapdf/digital_signature/test_pkcs1_handler.rb
+- test/hexapdf/digital_signature/test_signature.rb
+- test/hexapdf/digital_signature/test_signatures.rb
+- test/hexapdf/digital_signature/test_signing.rb
+- test/hexapdf/digital_signature/test_verification_result.rb
 - test/hexapdf/document/test_destinations.rb
 - test/hexapdf/document/test_files.rb
 - test/hexapdf/document/test_fonts.rb
 - test/hexapdf/document/test_images.rb
 - test/hexapdf/document/test_layout.rb
 - test/hexapdf/document/test_pages.rb
-- test/hexapdf/document/test_signatures.rb
 - test/hexapdf/encryption/common.rb
 - test/hexapdf/encryption/test_aes.rb
 - test/hexapdf/encryption/test_arc4.rb
@@ -705,11 +721,6 @@ files:
 - test/hexapdf/type/annotations/test_markup_annotation.rb
 - test/hexapdf/type/annotations/test_text.rb
 - test/hexapdf/type/annotations/test_widget.rb
-- test/hexapdf/type/signature/common.rb
-- test/hexapdf/type/signature/test_adbe_pkcs7_detached.rb
-- test/hexapdf/type/signature/test_adbe_x509_rsa_sha1.rb
-- test/hexapdf/type/signature/test_handler.rb
-- test/hexapdf/type/signature/test_verification_result.rb
 - test/hexapdf/type/test_annotation.rb
 - test/hexapdf/type/test_catalog.rb
 - test/hexapdf/type/test_cid_font.rb
@@ -732,7 +743,6 @@ files:
 - test/hexapdf/type/test_page_label.rb
 - test/hexapdf/type/test_page_tree_node.rb
 - test/hexapdf/type/test_resources.rb
-- test/hexapdf/type/test_signature.rb
 - test/hexapdf/type/test_trailer.rb
 - test/hexapdf/type/test_xref_stream.rb
 - test/hexapdf/utils/test_bit_field.rb