Christian,
java-chris wrote:
> When you talk about " store the half-baked pdf on the disk ".
> Im trying to do that by making some serialization on the Stamper but
> nothing is serializable in ITEXT.
Java serialization currently isn't the way to go here. Simply use the
PdfStamper to store the result to whereever you want having done everything
but the actual signature injection. Instead of a signature, you may inject
some unique placeholder.
Later, when you receive the PKCS#7 container, overwrite the area reserved
for it with the hex-encoded container using standard Java facilities. All
you have to do is find that reserved area. This can be done either by using
some PDF file analysis (using a PdfReader to find the offset of the /Content
entry of your signature dictionary) or by searching the hex encoded unique
placeholder (if you had inserted one instead of the signature, see above).
java-chris wrote:
> So , im trying to do this way.
>
> [CODE]
> java.io.InputStream s = sap.getRangeStream();
The range stream contains the bytes to sign and in comparison with the file
saved as proposed above are missing the byte range where the signature
container is to be embedded. You could use this stream instead, but it might
be somewhat more difficult.
java-chris wrote:
> PdfReader reader = new PdfReader("blank.in_process");
> PdfStamper stamper = new PdfStamper(reader,new
> FileOutputStream("signedDoc.pdf"));
Continuing signing like this is (not yet) a functionality of the PdfStamper
Andreas Kuehne-2 wrote:
> - Build a semi-signed PDF with room for the signature
> - Get the hash value
> - Store the half-baked PDF on disk
> - Sign the hash and create a PKCS7-Signature, somtimes later, somewhere
> - Insert the signature into the spare bytes in the PDF
> - Ready
The step "Insert the signature into the spare bytes in the PDF" is not
intended to be done by some PdfStamper but separately.
BTW, if you can easily access the original PDF later on and if you sign in
append mode, you obviously don't need to store the whole PdfStamper output
but merely the appended part --- when you receive the PKCS#7 container, you
can inject it into the bytes reserved for it and then concatenate the
original PDF and the appended part enhanced with the signature container. In
this case you can make quite sure that your unique identifier is unique
enough.
Doing it like this is slightly more sophisticated but may be preferable if
you have to consider disc space resources, especially when you sign big PDF
files.
Regards, Michael.
--
View this message in context:
http://old.nabble.com/Merge-of-detached-signature-tp27314294p27352694.html
Sent from the iText - General mailing list archive at Nabble.com.
------------------------------------------------------------------------------
The Planet: dedicated and managed hosting, cloud storage, colocation
Stay online with enterprise data centers and the best network in the business
Choose flexible plans and management services without long-term contracts
Personal 24x7 support from experience hosting pros just a phone call away.
http://p.sf.net/sfu/theplanet-com
_______________________________________________
iText-questions mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/itext-questions
Buy the iText book: http://www.1t3xt.com/docs/book.php
Check the site with examples before you ask questions:
http://www.1t3xt.info/examples/
You can also search the keywords list: http://1t3xt.info/tutorials/keywords/
