Stephan, Stephan Wagner (calac) wrote > Now I'm not exactly sure how to further handle this problem. As far as I > can see, the isSorted variable in the ASN1Set is always false (private > member). [...]
How you should handle the problem... well, as observations point towards the signature being not conform to the standards, the main task now should be to repair the signature creation process and re-sign all previously signed documents with correct signatures. While doing so, the other issue which first caught my eye can be solved as well. Depending on your position in the whole flow, though, that might not be an option; e.g. signed documents may already have been sent out into the wild and sending documents with correct signatures after them may not be possible. Or the signing software is not under your control and due to political or management reasons cannot be exchanged or updated quickly enough. Or the original signer cannot be reached anymore and the documents cannot be resigned by anyone else. Or... In that case you may have to provide a special verification service for those non-standard signatures (Depending on legislature they may still be legally valid digital signatures...). In that service you can use a copy of the PdfPkcs7 class in which via introspection the isSorted member is set to true between "ASN1Set sseq = ASN1Set.getInstance(tagsig, false)" and "sigAttr = sseq.getEncoded(ASN1Encoding.DER)". The verification result of this service should strongly indicate, though, that the digital signature verified may not adhere to the standards and, therefore, may not positively verify in all verification services. Regards, Michael PS: Obviously, if for some weird reason still signatures are created with the original signature creation software, the recipients they are sent to should be informed about the issue, too. -- View this message in context: http://itext-general.2136553.n4.nabble.com/Signed-PDF-fails-to-verify-in-iText-Java-but-succeeds-in-iTextSharp-and-Acrobat-Reader-tp4658692p4658710.html Sent from the iText - General mailing list archive at Nabble.com. ------------------------------------------------------------------------------ See everything from the browser to the database with AppDynamics Get end-to-end visibility with application monitoring from AppDynamics Isolate bottlenecks and diagnose root cause in seconds. Start your free trial of AppDynamics Pro today! http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk _______________________________________________ iText-questions mailing list iText-questions@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/itext-questions iText(R) is a registered trademark of 1T3XT BVBA. Many questions posted to this list can (and will) be answered with a reference to the iText book: http://www.itextpdf.com/book/ Please check the keywords list before you ask for examples: http://itextpdf.com/themes/keywords.php
