Re: [iText-questions] IllegalArgumentException: The key /Contents istoo big. (RSA 2k ???)

Tue, 19 Sep 2006 10:57:21 -0700 

Interesting.  The following works!

            PdfSignatureAppearance sap = stp.getSignatureAppearance ();
            sap.setCrypto (null, signer.prepareSigning (include_cert_path), 
null, PdfSignatureAppearance.WINCER_SIGNED);

            if (reason != null)
              {
                sap.setReason (reason);
              }
            if (location != null)
              {
                sap.setLocation (location);
              }

            if (enable_signature_graphics)
              {
                sap.setVisibleSignature (new Rectangle (100, 100, 400, 130), 
reader.getNumberOfPages(), null);
              }

            sap.setCertified (certified);
            // sap.setExternalDigest (new byte[128], new byte[20], "RSA"); 

            sap.setExternalDigest (new byte[512], new byte[20], "RSA");  //  
UPGRADED
            sap.preClose ();
            MessageDigest messageDigest = MessageDigest.getInstance ("SHA1");
            byte buf[] = new byte[8192];
            int n;
            InputStream inp = sap.getRangeStream ();
            while ((n = inp.read (buf)) > 0)
              {
                messageDigest.update (buf, 0, n);
              }
            byte hash[] = messageDigest.digest ();
            PdfSigGenericPKCS sg = sap.getSigStandard ();
            PdfLiteral slit = (PdfLiteral)sg.get (PdfName.CONTENTS);
            byte[] outc = new byte[(slit.getPosLength () - 2) / 2];
            PdfPKCS7 sig = sg.getSigner ();
            sig.setExternalDigest (signer.signData (hash, 
SignatureAlgorithms.RSA_SHA1), hash, "RSA");
            PdfDictionary dic = new PdfDictionary ();
            byte[] ssig = sig.getEncodedPKCS7 ();
            System.arraycopy (ssig, 0, outc, 0, ssig.length);
            dic.put (PdfName.CONTENTS, new PdfString (outc).setHexWriting 
(true));
            sap.close (dic);

----- Original Message ----- 
From: "Android Andrew [:]" <[EMAIL PROTECTED]>
To: <[email protected]>
Sent: Friday, September 15, 2006 13:42
Subject: [iText-questions] IllegalArgumentException: The key /Contents istoo 
big. (RSA 2k ???)


Hello everybody!

I've faced with problem similar to described here:
26 Oct 2005 
http://www.mail-archive.com/[email protected]/msg19419.html

If I'm using 1k length private key, everything is Ok, but if I try to 
use 2k length key, I get this:

Exception in thread "main" java.lang.IllegalArgumentException: The key 
/Contents is too big. Is 522, reserved 264
         at 
com.lowagie.text.pdf.PdfSignatureAppearance.close(PdfSignatureAppearance.java:1040)

My code is based on receipt from 
http://itextpdf.sourceforge.net/howtosign.html#signextstd

Does anybody faced with such problem or knew how to deal with it?



Here is a part of my code:

....
             KeyStore ks = KeyStore.getInstance("pkcs12");
             ks.load(new FileInputStream(KeyFileName), Pass.toCharArray());
             String alias = (String) ks.aliases().nextElement();
             PrivateKey key = 
(PrivateKey)ks.getKey(alias,Pass.toCharArray());
             Certificate[] chain = ks.getCertificateChain(alias);
             PdfReader reader = new PdfReader(InFileName);
             FileOutputStream fout = new FileOutputStream(OutFileName);
             PdfStamper stp = PdfStamper.createSignature(reader,fout,'\0');
             PdfSignatureAppearance sap = stp.getSignatureAppearance();
             sap.setCrypto(key,chain, null, 
PdfSignatureAppearance.SELF_SIGNED);
             sap.setReason(Reason);
             sap.setLocation(Location);
             if (isVisible)
                 sap.setVisibleSignature(new Rectangle(475,15,575,115), 
1, null);
             sap.setExternalDigest(new byte[128], null, "RSA");
             sap.preClose();
             PdfPKCS7 sig = sap.getSigStandard().getSigner();
             Signature sign = Signature.getInstance("SHA1withRSA");
             sign.initSign(key);
             byte buf[] = new byte[8192];
             int n;
             InputStream inp = sap.getRangeStream();
             while ((n = inp.read(buf)) > 0) {
                 sign.update(buf,0,n);
             }
             sig.setExternalDigest(sign.sign(), null, "RSA");
             PdfDictionary dic = new PdfDictionary();
             dic.put(PdfName.CONTENTS, new 
PdfString(sig.getEncodedPKCS1()).setHexWriting(true));
             sap.setCertified(true);
             sap.close(dic);
...


-------------------------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
iText-questions mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/itext-questions


-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys -- and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
iText-questions mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/itext-questions

Reply via email to