Hi,
I Have problem to sign pdf document using certificate with sha256RSA algorithm.
If I use sha1RSA algotithm is signed succesfully, and Adobe Reader validate it
properly.
This is the code (sha256RSA):
java.security.KeyStore keystore =
java.security.KeyStore.getInstance("Windows-MY", "SunMSCAPI");
// Loading the keystore
//keystore.load(null);
keystore.load(null, null);
String sAlias = "";
int i=0;
for (Enumeration oEnum = keystore.aliases();
oEnum.hasMoreElements();)
{
sAlias = (String) oEnum.nextElement();
X509Certificate certxx;
PdfReader reader;
FileOutputStream fout;
PrivateKey key;
java.security.cert.Certificate[] chain;
try
{
chain = keystore.getCertificateChain(sAlias);
certxx = (X509Certificate) keystore.getCertificate(sAlias); //get
public cert
key = (PrivateKey) keystore.getKey(sAlias, null); //get private cert
reader = new PdfReader("C:\\Documents and
Settings\\master\\Pulpit\\FAKOR.pdf");
fout = new FileOutputStream("c:\\Documents and
Settings\\master\\Pulpi \\FAKORsigned.pdf");
try
{
java.security.Security.addProvider ( new
org.bouncycastle.jce.provider.BouncyCastleProvider ( ) ) ;
PdfStamper stp = PdfStamper.createSignature(reader, fout, '\0');
PdfSignatureAppearance sap = stp.getSignatureAppearance();
sap.setCrypto(key, chain, null, PdfSignatureAppearance.WINCER_SIGNED);
sap.setReason("Filip");
sap.setLocation("Berlin");
sap.setVisibleSignature(new Rectangle(100, 100, 200, 200), 1, null);
sap.setExternalDigest(new byte[256], new byte[32], "RSA");
sap.preClose();
MessageDigest messageDigest = MessageDigest.getInstance("SHA256");
byte buf[] = new byte[8192];
int n;
InputStream inp = sap.getRangeStream();
while ((n = inp.read(buf)) > 0) {
messageDigest.update(buf, 0, n);
}
byte hash[] = messageDigest.digest();
PdfSigGenericPKCS sg = sap.getSigStandard();
PdfLiteral slit = (PdfLiteral)sg.get(PdfName.CONTENTS);
byte[] outc = new byte[5434];
PdfPKCS7 sig = sg.getSigner();
Signature sign = Signature.getInstance("SHA256withRSA");
sign.initSign(key);
sign.update(hash);
byte[] signature = sign.sign();
sig.setExternalDigest(signature, hash, "RSA");
PdfDictionary dic = new PdfDictionary();
byte[] ssig = sig.getEncodedPKCS7();
System.arraycopy(ssig, 0, outc, 0, ssig.length);
dic.put(PdfName.CONTENTS, new PdfString(outc).setHexWriting(true));
sap.close(dic);
}
catch(Exception ex)
{
fout.close();
continue;
}
fout.close();
If use above code I create pdf file. But Adobe Reader said that there is failed
while veryfing signature. The Algotithm is not recognized.
What can I change to sign pdf with sha256RSA.
I propably see all post that i need to use PdfName.ADBE_PKCS7_DETACHED against
WINCER_SIGNED.
But I do not know how I need to use it.
Please help.
Regards Filip
------------------------------------------------------------------------------
Colocation vs. Managed Hosting
A question and answer guide to determining the best fit
for your organization - today and in the future.
http://p.sf.net/sfu/internap-sfd2d
_______________________________________________
iText-questions mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/itext-questions
iText(R) is a registered trademark of 1T3XT BVBA.
Many questions posted to this list can (and will) be answered with a reference
to the iText book: http://www.itextpdf.com/book/
Please check the keywords list before you ask for examples:
http://itextpdf.com/themes/keywords.php
