> -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On > Behalf Of Android Andrew [:] > Sent: Friday, September 15, 2006 7:32 PM > To: Post all your questions about iText here > Subject: Re: [iText-questions] IllegalArgumentException: The > key /Contents istoo big. (RSA 2k ???) > > Thank you Paulo! > After I've changed to "new byte[256]", program works with 2k > length key, > but generates invalid signature with 1k length key. > As I understand, 1k length key requires 128 byte digest, 2k > length key - > 256 byte. Is it possible to determinate required digest size > depending > on key size? Sorry for a stupid questions, I'm newbie in > Java-programming... >
The easiest way is to create a dummy signature and look at the generated byte length. Paulo > > Paulo Soares wrote: > > Replace "new byte[128]" with "new byte[256]". > > > > Paulo > > > >> -----Original Message----- > >> From: [EMAIL PROTECTED] > >> [mailto:[EMAIL PROTECTED] On > >> Behalf Of Android Andrew [:] > >> Sent: Friday, September 15, 2006 12:42 PM > >> To: [email protected] > >> Subject: [iText-questions] IllegalArgumentException: The key > >> /Contents istoo big. (RSA 2k ???) > >> > >> Hello everybody! > >> > >> I've faced with problem similar to described here: > >> 26 Oct 2005 > >> http://www.mail-archive.com/[EMAIL PROTECTED] > >> net/msg19419.html > >> > >> If I'm using 1k length private key, everything is Ok, but > if I try to > >> use 2k length key, I get this: > >> > >> Exception in thread "main" > >> java.lang.IllegalArgumentException: The key > >> /Contents is too big. Is 522, reserved 264 > >> at > >> com.lowagie.text.pdf.PdfSignatureAppearance.close(PdfSignature > >> Appearance.java:1040) > >> > >> My code is based on receipt from > >> http://itextpdf.sourceforge.net/howtosign.html#signextstd > >> > >> Does anybody faced with such problem or knew how to deal with it? > >> > >> > >> > >> Here is a part of my code: > >> > >> .... > >> KeyStore ks = KeyStore.getInstance("pkcs12"); > >> ks.load(new FileInputStream(KeyFileName), > >> Pass.toCharArray()); > >> String alias = (String) ks.aliases().nextElement(); > >> PrivateKey key = > >> (PrivateKey)ks.getKey(alias,Pass.toCharArray()); > >> Certificate[] chain = ks.getCertificateChain(alias); > >> PdfReader reader = new PdfReader(InFileName); > >> FileOutputStream fout = new > >> FileOutputStream(OutFileName); > >> PdfStamper stp = > >> PdfStamper.createSignature(reader,fout,'\0'); > >> PdfSignatureAppearance sap = > >> stp.getSignatureAppearance(); > >> sap.setCrypto(key,chain, null, > >> PdfSignatureAppearance.SELF_SIGNED); > >> sap.setReason(Reason); > >> sap.setLocation(Location); > >> if (isVisible) > >> sap.setVisibleSignature(new > >> Rectangle(475,15,575,115), > >> 1, null); > >> sap.setExternalDigest(new byte[128], null, "RSA"); > >> sap.preClose(); > >> PdfPKCS7 sig = sap.getSigStandard().getSigner(); > >> Signature sign = Signature.getInstance("SHA1withRSA"); > >> sign.initSign(key); > >> byte buf[] = new byte[8192]; > >> int n; > >> InputStream inp = sap.getRangeStream(); > >> while ((n = inp.read(buf)) > 0) { > >> sign.update(buf,0,n); > >> } > >> sig.setExternalDigest(sign.sign(), null, "RSA"); > >> PdfDictionary dic = new PdfDictionary(); > >> dic.put(PdfName.CONTENTS, new > >> PdfString(sig.getEncodedPKCS1()).setHexWriting(true)); > >> sap.setCertified(true); > >> sap.close(dic); > >> ... > >> > >> > >> -------------------------------------------------------------- > >> ----------- > >> Using Tomcat but need to do more? Need to support web > >> services, security? > >> Get stuff done quickly with pre-integrated technology to make > >> your job easier > >> Download IBM WebSphere Application Server v.1.0.1 based on > >> Apache Geronimo > >> http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&; > >> dat=121642 > >> _______________________________________________ > >> iText-questions mailing list > >> [email protected] > >> https://lists.sourceforge.net/lists/listinfo/itext-questions > >> > > > > > > Aviso Legal: > > Esta mensagem é destinada exclusivamente ao destinatário. > Pode conter informação confidencial ou legalmente protegida. > A incorrecta transmissão desta mensagem não significa a perca > de confidencialidade. Se esta mensagem for recebida por > engano, por favor envie-a de volta para o remetente e > apague-a do seu sistema de imediato. É proibido a qualquer > pessoa que não o destinatário de usar, revelar ou distribuir > qualquer parte desta mensagem. > > > > Disclaimer: > > This message is destined exclusively to the intended > receiver. It may contain confidential or legally protected > information. The incorrect transmission of this message does > not mean the loss of its confidentiality. If this message is > received by mistake, please send it back to the sender and > delete it from your system immediately. It is forbidden to > any person who is not the intended receiver to use, > distribute or copy any part of this message. > > > > > > > > > > > -------------------------------------------------------------- > ---------- > > > > > -------------------------------------------------------------- > ----------- > > Using Tomcat but need to do more? Need to support web > services, security? > > Get stuff done quickly with pre-integrated technology to > make your job easier > > Download IBM WebSphere Application Server v.1.0.1 based on > Apache Geronimo > > > http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&; > dat=121642 > > > > > > > -------------------------------------------------------------- > ---------- > > > > _______________________________________________ > > iText-questions mailing list > > [email protected] > > https://lists.sourceforge.net/lists/listinfo/itext-questions > > -------------------------------------------------------------- > ----------- > Using Tomcat but need to do more? Need to support web > services, security? > Get stuff done quickly with pre-integrated technology to make > your job easier > Download IBM WebSphere Application Server v.1.0.1 based on > Apache Geronimo > http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&; > dat=121642 > _______________________________________________ > iText-questions mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/itext-questions > Aviso Legal: Esta mensagem é destinada exclusivamente ao destinatário. Pode conter informação confidencial ou legalmente protegida. A incorrecta transmissão desta mensagem não significa a perca de confidencialidade. Se esta mensagem for recebida por engano, por favor envie-a de volta para o remetente e apague-a do seu sistema de imediato. É proibido a qualquer pessoa que não o destinatário de usar, revelar ou distribuir qualquer parte desta mensagem. Disclaimer: This message is destined exclusively to the intended receiver. It may contain confidential or legally protected information. The incorrect transmission of this message does not mean the loss of its confidentiality. If this message is received by mistake, please send it back to the sender and delete it from your system immediately. It is forbidden to any person who is not the intended receiver to use, distribute or copy any part of this message. ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 _______________________________________________ iText-questions mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/itext-questions
