http://itext-general.2136553.n4.nabble.com/file/n2997037/signed_file.pdf
signed_file.pdf
Here you have the signed pdf.
The source code I used to sign it is exactly the following :
PdfReader reader = new PdfReader("resources/exceptions.pdf");
FileOutputStream fout = new
FileOutputStream("resources/signed_file.pdf");
PdfStamper stp = PdfStamper.createSignature(reader, fout,
'\0');
PdfSignatureAppearance sap = stp.getSignatureAppearance();
sap.setVisibleSignature(
new Rectangle(72, 732, 144, 780), 1, "Signature");
X509Certificate signingCertificate = null;
try {
// Chargement du certificat à partir du fichier
InputStream inStream = new
FileInputStream("resources/sign_certificate.cer");
CertificateFactory cf =
CertificateFactory.getInstance("X.509");
signingCertificate =
(X509Certificate)cf.generateCertificate(inStream);
inStream.close();
} catch (Exception e) {
e.printStackTrace();
return ;
}
X509Certificate intermediateCertificate = null;
try {
// Chargement du certificat à partir du fichier
InputStream inStream = new
FileInputStream("resources/intermediate_certificate.cer");
CertificateFactory cf =
CertificateFactory.getInstance("X.509");
intermediateCertificate =
(X509Certificate)cf.generateCertificate(inStream);
inStream.close();
} catch (Exception e) {
e.printStackTrace();
return ;
}
X509Certificate rootCertificate = null;
try {
// Chargement du certificat à partir du fichier
InputStream inStream = new
FileInputStream("resources/root_certificate.cer");
CertificateFactory cf =
CertificateFactory.getInstance("X.509");
rootCertificate =
(X509Certificate)cf.generateCertificate(inStream);
inStream.close();
} catch (Exception e) {
e.printStackTrace();
return ;
}
Certificate[] certificateValues = new
Certificate[]{signingCertificate,
intermediateCertificate, rootCertificate};
//TODO : A insérer la chaine de certificats ici
sap.setCrypto(null, certificateValues, null,
PdfSignatureAppearance.SELF_SIGNED);
PdfSignature dic = new PdfSignature(
PdfName.ADOBE_PPKLITE, new PdfName("adbe.pkcs7.detached"));
dic.setReason(sap.getReason());
dic.setLocation(sap.getLocation());
dic.setContact(sap.getContact());
dic.setDate(new PdfDate(sap.getSignDate()));
sap.setCryptoDictionary(dic);
int contentEstimated = 15000;
HashMap exc = new HashMap();
exc.put(PdfName.CONTENTS, new Integer(contentEstimated * 2 +
2));
sap.preClose(exc);
InputStream data = sap.getRangeStream();
MessageDigest messageDigest =
MessageDigest.getInstance("SHA1");
byte buf[] = new byte[8192];
int n;
while ((n = data.read(buf)) > 0) {
messageDigest.update(buf, 0, n);
}
byte hash[] = messageDigest.digest();
Calendar cal = Calendar.getInstance();
TSAClient tsc = null;
boolean withTS = false;
if (withTS ) {
String tsa_url =
"http://tsp.iaik.tugraz.at/tsp/TspRequest";;
String tsa_login = null;
String tsa_passw = null;
tsc = new TSAClientBouncyCastle(tsa_url, tsa_login,
tsa_passw);
}
byte[] ocsp = null;
boolean withOCSP = true;
if (withOCSP ) {
String url = "http://ocsp.testca.ipsca.com";;
X509Certificate issuerCert = (X509Certificate)
intermediateCertificate;
ocsp = new OcspClientBouncyCastle(
(X509Certificate)certificateValues[0], issuerCert,
url).getEncoded();
}
// Loading the keyStore
KeyStore ks = KeyStore.getInstance("pkcs12");
// TODO : A mettre dans une variable plus propre
ks.load(new FileInputStream("resources/xavitest_506200.pfx"),
privateKeyPassword .toCharArray());
String alias = (String) ks.aliases().nextElement();
PrivateKey privateKey = (PrivateKey) ks.getKey(alias,
privateKeyPassword.toCharArray());
PdfPKCS7 sgn = new PdfPKCS7(privateKey, certificateValues,
null, "SHA1",
null, false);
byte sh[] = sgn.getAuthenticatedAttributeBytes(hash, cal,
ocsp);
sgn.update(sh, 0, sh.length);
byte[] encodedSig = sgn.getEncodedPKCS7(hash, cal, tsc, ocsp);
if (contentEstimated + 2 < encodedSig.length)
throw new DocumentException("Not enough space");
byte[] paddedSig = new byte[contentEstimated];
System.arraycopy(encodedSig, 0, paddedSig, 0,
encodedSig.length);
PdfDictionary dic2 = new PdfDictionary();
dic2.put(
PdfName.CONTENTS, new
PdfString(paddedSig).setHexWriting(true));
sap.close(dic2);
--
View this message in context:
http://itext-general.2136553.n4.nabble.com/Adding-revocation-information-to-a-pdf-signature-java-iText-tp2956044p2997037.html
Sent from the iText - General mailing list archive at Nabble.com.
------------------------------------------------------------------------------
Download new Adobe(R) Flash(R) Builder(TM) 4
The new Adobe(R) Flex(R) 4 and Flash(R) Builder(TM) 4 (formerly
Flex(R) Builder(TM)) enable the development of rich applications that run
across multiple browsers and platforms. Download your free trials today!
http://p.sf.net/sfu/adobe-dev2dev
_______________________________________________
iText-questions mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/itext-questions
Many questions posted to this list can (and will) be answered with a reference
to the iText book: http://www.itextpdf.com/book/
Please check the keywords list before you ask for examples:
http://itextpdf.com/themes/keywords.php
