Hi ! Here is the way we solved that problem : Do the signing the usual way ( using iText). Then extract the hash value and create an external signature using the given hash. Replace the signature bytes in PDF with your signature ... Done !
Not very elegant, but it does the job. Greetings Andreas ----- Ursprüngliche Nachricht ----- Von: amarianoelaide <[email protected]> Gesendet: Montag, 9. Februar 2009 18:18 An: [email protected] Betreff: [iText-questions] signing pdf with external signature Hi all, a little question about external signature. I have a pdf to sign. I read about this code: PdfReader reader = new PdfReader("my.pdf"); FileOutputStream fout = new FileOutputStream("my_signed.pdf"); PdfStamper stp = PdfStamper.createSignature(reader, fout, '\0'); PdfSignatureAppearance sap = stp.getSignatureAppearance(); sap.setCrypto(null, new Certificate[]{certificate}, null, PdfSignatureAppearance.SELF_SIGNED); sap.setReason("Hello"); sap.setLocation("Italy"); sap.setVisibleSignature(new Rectangle(100, 100, 200, 200), 1, null); sap.setExternalDigest(new byte[128], new byte[20], null); sap.preClose(); MessageDigest messageDigest = MessageDigest.getInstance("SHA1"); byte buf[] = new byte[8192]; int n; InputStream inp = sap.getRangeStream(); while ((n = inp.read(buf)) > 0) { messageDigest.update(buf, 0, n); } byte hash[] = messageDigest.digest(); String hashFirmato = somehow_signed_hash; PdfPKCS7 sig = sap.getSigStandard().getSigner(); sig.setExternalDigest(Base64.decode(hashFirmato), null, "RSA"); PdfDictionary dic = new PdfDictionary(); dic.put(PdfName.CONTENTS, new PdfString(sig.getEncodedPKCS1()).setHexWriting(true)); sap.close(dic); but I can't use this approach,because I know the certificate used to sign only after the signature operation. So I tried this: PdfReader pdf = new PdfReader("my.pdf"); PdfStamper stp = new PdfStamper(pdf, new FileOutputStream("my2.pdf")); PdfFormField sig = PdfFormField.createSignature(stp.getWriter()); sig.setWidget(new Rectangle(100, 100, 200, 200), null); sig.setFlags(PdfAnnotation.FLAGS_PRINT); sig.put(PdfName.DA, new PdfString("/Helv 0 Tf 0 g")); sig.setFieldName("Signature1"); sig.setPage(1); stp.addAnnotation(sig, 1); stp.close(); MessageDigest messageDigest = MessageDigest.getInstance("SHA1"); byte buf[] = new byte[8192]; int n; InputStream inp = new FileInputStream("my2.pdf"); while ((n = inp.read(buf)) > 0) { messageDigest.update(buf, 0, n); } byte hash[] = messageDigest.digest(); Certificate certificate = certificate_obtained_after_signing; String hashFirmato = signed_hash_obtained_from_external_signature_operation; PdfReader reader = new PdfReader("my2.pdf"); FileOutputStream fout = new FileOutputStream("my_signed.pdf"); stp = PdfStamper.createSignature(reader, fout, '\0'); PdfSignatureAppearance sap = stp.getSignatureAppearance(); sap.setCrypto(null, new Certificate[]{certificate}, null, PdfSignatureAppearance.SELF_SIGNED); sap.setReason("Hello"); sap.setLocation("Italy"); sap.setVisibleSignature("Signature1"); sap.setExternalDigest(new byte[128], new byte[20], null); sap.preClose(); PdfPKCS7 sig2 = sap.getSigStandard().getSigner(); sig2.setExternalDigest(Base64.decode(hashFirmato), null, "RSA"); PdfDictionary dic = new PdfDictionary(); dic.put(PdfName.CONTENTS, new PdfString(sig2.getEncodedPKCS1()).setHexWriting(true)); sap.close(dic); But I obtain an invalid signature. Any idea? I would appreciate any hint. Thanx -- View this message in context: http://www.nabble.com/signing-pdf-with-external-signature-tp21917425p21917425.html Sent from the iText - General mailing list archive at Nabble.com. ------------------------------------------------------------------------------ Create and Deploy Rich Internet Apps outside the browser with Adobe(R)AIR(TM) software. With Adobe AIR, Ajax developers can use existing skills and code to build responsive, highly engaging applications that combine the power of local resources and data with the reach of the web. Download the Adobe AIR SDK and Ajax docs to start building applications today-http://p.sf.net/sfu/adobe-com _______________________________________________ iText-questions mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/itext-questions Buy the iText book: http://www.1t3xt.com/docs/book.php ------------------------------------------------------------------------------ Create and Deploy Rich Internet Apps outside the browser with Adobe(R)AIR(TM) software. With Adobe AIR, Ajax developers can use existing skills and code to build responsive, highly engaging applications that combine the power of local resources and data with the reach of the web. Download the Adobe AIR SDK and Ajax docs to start building applications today-http://p.sf.net/sfu/adobe-com _______________________________________________ iText-questions mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/itext-questions Buy the iText book: http://www.1t3xt.com/docs/book.php
