Alvaro, Alvaro Cuno wrote > I found some discussions about deferred signing:
Ok. So you do have some hints on how to continue. Alvaro Cuno wrote > Certainly, the FileID and the ModDate are mentioned but nothing about the > order of the objects is discussed. Where I can read about that? Is this > documented? More to the point: iText nowhere promisses or documents that running the same code produces PDFs with identical object IDs and identical order of objects. So why should it be expected to do so? I have not yet noticed different orders of objects myself, but as I have not expected the order to be a constant, I might simply have overlooked it. It after all is irrelevant... In my opinion you should try and check your use case. If I understand you correctly, you want to calculate the digest value of the document byte ranges to sign on one machine A, send that digest somewhere for signing, and receive the signature on yet another machine B to combine it with the original, unprocessed PDF. As stated in the postings to this mailing list you already found, simply starting the integrated signing process independently on machines A and B does not work as long as you want to use an unpatched iText. If those processes have to be separated that far, you instead have to store the result of the unfinished signing process (after maybe marking the signature value placeholder in some unique way) on machine A to some storage accessible from machine B, and on machine B you later have to insert the retrieved signature into that unfinished result. On this mailing list Andreas Kühne numerous times pointed to an implementation of that process. You actually can optimize that process somewhat: If signing in append mode, you only need to place the appended bytes into that storage, and you can also skip the placeholder as long as you remember its position and length. This way you may be able to restrict the intermediate storage requirements. Regards, Michael PS: You should consider updating the iText version you use and also select a different signature type: adbe.pkcs7.sha1 is a bad choice. -- View this message in context: http://itext-general.2136553.n4.nabble.com/are-the-dictionary-elements-randomly-placed-tp4656235p4656285.html Sent from the iText - General mailing list archive at Nabble.com. ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ iText-questions mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/itext-questions iText(R) is a registered trademark of 1T3XT BVBA. Many questions posted to this list can (and will) be answered with a reference to the iText book: http://www.itextpdf.com/book/ Please check the keywords list before you ask for examples: http://itextpdf.com/themes/keywords.php
