This line:
MessageDigest messageDigest = MessageDigest.getInstance("SHA256");
must be
MessageDigest messageDigest = MessageDigest.getInstance("SHA1");
Paulo
-----Original Message-----
From: filip warda [mailto:[email protected]]
Sent: Friday, March 18, 2011 2:55 PM
To: [email protected]
Subject: [iText-questions] sign pdf with sha256RSA
Hi,
I Have problem to sign pdf document using certificate with sha256RSA algorithm.
If I use sha1RSA algotithm is signed succesfully, and Adobe Reader validate it
properly.
This is the code (sha256RSA):
java.security.KeyStore keystore =
java.security.KeyStore.getInstance("Windows-MY", "SunMSCAPI");
// Loading the keystore
//keystore.load(null);
keystore.load(null, null);
String sAlias = "";
int i=0;
for (Enumeration oEnum = keystore.aliases();
oEnum.hasMoreElements();)
{
sAlias = (String) oEnum.nextElement();
X509Certificate certxx;
PdfReader reader;
FileOutputStream fout;
PrivateKey key;
java.security.cert.Certificate[] chain;
try
{
chain = keystore.getCertificateChain(sAlias);
certxx = (X509Certificate) keystore.getCertificate(sAlias); //get
public cert
key = (PrivateKey) keystore.getKey(sAlias, null); //get private cert
reader = new PdfReader("C:\\Documents and
Settings\\master\\Pulpit\\FAKOR.pdf");
fout = new FileOutputStream("c:\\Documents and
Settings\\master\\Pulpi \\FAKORsigned.pdf");
try
{
java.security.Security.addProvider ( new
org.bouncycastle.jce.provider.BouncyCastleProvider ( ) ) ;
PdfStamper stp = PdfStamper.createSignature(reader, fout, '\0');
PdfSignatureAppearance sap = stp.getSignatureAppearance();
sap.setCrypto(key, chain, null, PdfSignatureAppearance.WINCER_SIGNED);
sap.setReason("Filip");
sap.setLocation("Berlin");
sap.setVisibleSignature(new Rectangle(100, 100, 200, 200), 1, null);
sap.setExternalDigest(new byte[256], new byte[32], "RSA");
sap.preClose();
MessageDigest messageDigest = MessageDigest.getInstance("SHA256");
byte buf[] = new byte[8192];
int n;
InputStream inp = sap.getRangeStream();
while ((n = inp.read(buf)) > 0) {
messageDigest.update(buf, 0, n);
}
byte hash[] = messageDigest.digest();
PdfSigGenericPKCS sg = sap.getSigStandard();
PdfLiteral slit = (PdfLiteral)sg.get(PdfName.CONTENTS);
byte[] outc = new byte[5434];
PdfPKCS7 sig = sg.getSigner();
Signature sign = Signature.getInstance("SHA256withRSA");
sign.initSign(key);
sign.update(hash);
byte[] signature = sign.sign();
sig.setExternalDigest(signature, hash, "RSA");
PdfDictionary dic = new PdfDictionary();
byte[] ssig = sig.getEncodedPKCS7();
System.arraycopy(ssig, 0, outc, 0, ssig.length);
dic.put(PdfName.CONTENTS, new PdfString(outc).setHexWriting(true));
sap.close(dic);
}
catch(Exception ex)
{
fout.close();
continue;
}
fout.close();
If use above code I create pdf file. But Adobe Reader said that there is failed
while veryfing signature. The Algotithm is not recognized.
What can I change to sign pdf with sha256RSA.
I propably see all post that i need to use PdfName.ADBE_PKCS7_DETACHED against
WINCER_SIGNED.
But I do not know how I need to use it.
Please help.
Regards Filip
------------------------------------------------------------------------------
Colocation vs. Managed Hosting
A question and answer guide to determining the best fit
for your organization - today and in the future.
http://p.sf.net/sfu/internap-sfd2d
_______________________________________________
iText-questions mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/itext-questions
iText(R) is a registered trademark of 1T3XT BVBA.
Many questions posted to this list can (and will) be answered with a reference
to the iText book: http://www.itextpdf.com/book/
Please check the keywords list before you ask for examples:
http://itextpdf.com/themes/keywords.php
Aviso Legal:
Esta mensagem é destinada exclusivamente ao destinatário. Pode conter
informação confidencial ou legalmente protegida. A incorrecta transmissão desta
mensagem não significa a perca de confidencialidade. Se esta mensagem for
recebida por engano, por favor envie-a de volta para o remetente e apague-a do
seu sistema de imediato. É proibido a qualquer pessoa que não o destinatário de
usar, revelar ou distribuir qualquer parte desta mensagem.
Disclaimer:
This message is destined exclusively to the intended receiver. It may contain
confidential or legally protected information. The incorrect transmission of
this message does not mean the loss of its confidentiality. If this message is
received by mistake, please send it back to the sender and delete it from your
system immediately. It is forbidden to any person who is not the intended
receiver to use, distribute or copy any part of this message.
------------------------------------------------------------------------------
Colocation vs. Managed Hosting
A question and answer guide to determining the best fit
for your organization - today and in the future.
http://p.sf.net/sfu/internap-sfd2d
_______________________________________________
iText-questions mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/itext-questions
iText(R) is a registered trademark of 1T3XT BVBA.
Many questions posted to this list can (and will) be answered with a reference
to the iText book: http://www.itextpdf.com/book/
Please check the keywords list before you ask for examples:
http://itextpdf.com/themes/keywords.php
