That's a bug with your crypto provider. Use a more recent JDK or another crypto provider, like bouncycastle.
Paulo > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On > Behalf Of Filipe Fedalto > Sent: Friday, June 30, 2006 3:59 PM > To: [email protected] > Subject: [iText-questions] Problem checking whether a > document has beensigned > > Hi all, > > I'm using iText to check whether some input PDF document has > been signed. I don't need do actually check or certify the > signature validity. I only need to know whether the document > is signed, even though it is signed with a self-signed test > certificate. > > So I have the following method to check this "signature > existance" in the informed PDFReader. The red line is the one > throwing the exception, in the stack trace below. > > > public static boolean isAssinado(PdfReader documentoPDF) > throws IOException, SignatureException { > Object[] falhas = null; > boolean assinado = false; > // Obter o keystore > KeyStore kall = PdfPKCS7.loadCacertsKeyStore(); > > // Recuperar AcroFields do documento > AcroFields af = documentoPDF.getAcroFields(); > > // Recuperar nomes de assinaturas > ArrayList names = af.getSignatureNames(); > LOG.debug("Nomes de Assinatura: "+names); > assinado = names != null && names.size () > 0; > > // Itera os nomes de assinaturas obtidos > if (assinado) { > for (int k = 0; k < names.size(); ++k) { > String name = (String) names.get(k); > LOG.debug("Nome da Assinatura: " + name); > LOG.debug("Assinatura todo o documento? " + > af.signatureCoversWholeDocument(name)); > LOG.debug("Revisão do Documento: " + af.getRevision(name) > + " de " + af.getTotalRevisions()); > PdfPKCS7 pk = af.verifySignature(name); > Calendar cal = pk.getSignDate(); > LOG.debug("Data de Assinatura: "+formatter.format(cal.getTime())); > LOG.debug("Assunto: " + > PdfPKCS7.getSubjectFields(pk.getSigningCertificate())); > boolean verificado = pk.verify(); > assinado &= verificado; > LOG.debug("Documento foi modificado? " + !verificado); > } > } > LOG.info("Documento Assinado? "+assinado); > return assinado; > } > > > > However, > > When I execute this code with real Tokens (A3), I get the > following exception: > ExceptionConverter: > java.security.cert.CertificateException: > sun.security.pkcs.ParsingException: toDerInputStream rejects > tag type -96 > at > sun.security.provider.X509Factory.engineGenerateCertificates > (Unknown Source) > at > java.security.cert.CertificateFactory.generateCertificates(Unk > nown Source) > at com.lowagie.text.pdf.PdfPKCS7.<init>(PdfPKCS7.java:250) > at com.lowagie.text.pdf.AcroFields.verifySignature > (AcroFields.java:1627) > at > com.lowagie.text.pdf.AcroFields.verifySignature(AcroFields.java:1583) > at br.com.ect.sadel.common.PDFUtils.isAssinado > (PDFUtils.java:50) > at > br.com.ect.sadel.control.PreparacaoDocumentoControle.executarP > reparacao(PreparacaoDocumentoControle.java:267) > at > br.com.ect.sadel.control.PreparacaoDocumentoControle.executarP > reparacao (PreparacaoDocumentoControle.java:129) > at > br.com.ect.sadel.control.PreparacaoDocumentoControle.run(Prepa > racaoDocumentoControle.java:475) > at java.lang.Thread.run(Unknown Source) > Caused by: sun.security.pkcs.ParsingException : > toDerInputStream rejects tag type -96 > at sun.security.pkcs.PKCS7.parse(Unknown Source) > at sun.security.pkcs.PKCS7.<init>(Unknown Source) > at > sun.security.provider.X509Factory.parseX509orPKCS7Cert > (Unknown Source) > ... 10 more > Caused by: java.io.IOException: toDerInputStream rejects tag type -96 > at sun.security.util.DerValue.toDerInputStream(Unknown Source) > at sun.security.pkcs.PKCS7.parseSignedData (Unknown Source) > at sun.security.pkcs.PKCS7.parse(Unknown Source) > ... 13 more > > > Do you have any idea about why this exception is being thrown? > > Is my code correct? I mean, is this the right way to check > whether the document has been signed? Like I said, I don't > want to certify or validate the signature, I only need to > know whether the document has been somehow signed, no matter > what type the signature is and what origin or validity it has. > > Thank you all in advance, > > Filipe Fedalto > > Cansado dos disparates e despautérios da República? > Quer um basta nas desventuras de nossos governantes? > Acesse http://www.monarquia.org.br e http://www.brasilimperial.org.br > e saiba mais a respeito. > Aviso Legal: Esta mensagem é destinada exclusivamente ao destinatário. Pode conter informação confidencial ou legalmente protegida. A incorrecta transmissão desta mensagem não significa a perca de confidencialidade. Se esta mensagem for recebida por engano, por favor envie-a de volta para o remetente e apague-a do seu sistema de imediato. É proibido a qualquer pessoa que não o destinatário de usar, revelar ou distribuir qualquer parte desta mensagem. Disclaimer: This message is destined exclusively to the intended receiver. It may contain confidential or legally protected information. The incorrect transmission of this message does not mean the loss of its confidentiality. If this message is received by mistake, please send it back to the sender and delete it from your system immediately. It is forbidden to any person who is not the intended receiver to use, distribute or copy any part of this message. Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 _______________________________________________ iText-questions mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/itext-questions
