I am attempting to sign a PDF using an external signature similar to Code
sample 4.12: The client-side application in "Digital Signatures for PDF
documents", A White Paper by Bruno Lowagie (iText Software).
I created this ExternalSignature implementation, to get the signature from
an ARX CoSign device.
import java.security.GeneralSecurityException;
import gvl.ArxCoSignService;
import com.itextpdf.text.pdf.security.DigestAlgorithms;
import com.itextpdf.text.pdf.security.ExternalSignature;
public class ItextExternalSignature implements ExternalSignature {
ArxCoSignService arxCoSignService = new ArxCoSignService();
public String username;
public String password;
public ItextExternalSignature(String username, String password){
this.username = username;
this.password = password;
}
public String getHashAlgorithm() {
return DigestAlgorithms.SHA256;
}
public String getEncryptionAlgorithm() {
return "RSA";
}
public byte[] sign(byte[] message) throws GeneralSecurityException {
byte[] sig = null;
try {
sig = arxCoSignService.getSignatureOfDataBuffer(message,
username, password);
} catch (Exception e) {
System.out.println("ItextExternalSignature, sign, exception = "
+ e);
e.printStackTrace();
}
return sig;
}
}
**************************************************************
I use this code to sign the PDF.
def signTest(username, password) {
def fileInStream
File testPdf = new File("C:/TestDoc.pdf")
byte[] pdfBytesTest = new byte[(int) testPdf.length()]
fileInStream = new FileInputStream(testPdf)
fileInStream.read(pdfBytesTest, 0, (int) testPdf.length())
fileInStream.close()
KeyStore ks = KeyStore.getInstance("pkcs12")
ks.load(new FileInputStream("C:/Users/dlindeman/mykeystore.pfx"),
"dll".toCharArray())
String alias = (String)ks.aliases().nextElement()
PrivateKey key = (PrivateKey)ks.getKey(alias, "dll".toCharArray())
Certificate[] certificateChain = ks.getCertificateChain(alias)
// reader and stamper
PdfReader reader = new PdfReader("C:/TestDoc.pdf")
char ch = '\0'
PdfStamper stamper = PdfStamper.createSignature(reader, new
FileOutputStream("C:/TestDoc_Signed.pdf"), ch)
// appearance
PdfSignatureAppearance appearance = stamper.getSignatureAppearance()
appearance.setVisibleSignature("mySig")
appearance.setReason("It's personal.")
appearance.setLocation("Foobar")
// Create the signature
ExternalDigest externalDigest = (ExternalDigest) new
BouncyCastleDigest();
ExternalSignature externalSignature = (ExternalSignature) new
ItextExternalSignature(username, password)
MakeSignature.signDetached(appearance, externalDigest,
externalSignature, certificateChain, null, null, null, 0,
CryptoStandard.CMS)
}
The ARX CoSign device only needs the PDF bytes, username and password to
create a signature. So, I am not sure I am using the best example from the
white paper.
Is it possible to use itext to signDetached without the externalDigest or
certificateChain?
Thanks.
------------------------------------------------------------------------------
Everyone hates slow websites. So do we.
Make your web apps faster with AppDynamics
Download AppDynamics Lite for free today:
http://p.sf.net/sfu/appdyn_sfd2d_oct
_______________________________________________
iText-questions mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/itext-questions
iText(R) is a registered trademark of 1T3XT BVBA.
Many questions posted to this list can (and will) be answered with a reference
to the iText book: http://www.itextpdf.com/book/
Please check the keywords list before you ask for examples:
http://itextpdf.com/themes/keywords.php
