You are using a version of iText that should no longer be used:
http://stackoverflow.com/questions/25696851/can-itext-2-1-7-or-earlier-can-be-used-commercially
That version has been removed from all official servers because it is
not supported, nor are the signatures you are creating. When you use
WINCER_SIGNED, you create /adbe.pkcs7.sha1 signatures. These aren't
compliant with PAdES and will be deprecated in PDF 2.0. Read this book
for more info: http://itextpdf.com/book/digitalsignatures
On 5/26/2015 16:42 PM, Diego C wrote:
> Hi,
> I am using an API that signs PDFs using an Aladdin token (Etoken pro Aladdin
> 72K) with RSA security. I am having trouble signing several PDFs in sequence
> using the same certificate. What I want is for the RSA key to be requested
> just once, as is the case with the token access password, which the API
> stores in cache the first time it is entered. However, the RSA key is
> requested every time a PDF is signed in sequence. Is it possible to send all
> the PDFs into one container? Is there any other way to avoid entering the
> RSA key n amount of times?
> I am using the following code to hash and sign my documents:
>
> ----------------------------------------------------------------------------------->>
> ByteBuffer outputStreamSigned = new ByteBuffer(); PdfStamper pdfStamper =
> PdfStamper.createSignature(reader, outputStreamSigned, '\0', null, true);
> PdfSignatureAppearance signatureApp = pdfStamper.getSignatureAppearance();
> signatureApp.setCrypto(privateKey, signerCertificateChain, null,
> PdfSignatureAppearance.WINCER_SIGNED);
> …
> X509Certificate userCert = (X509Certificate) signerCertificateChain[0];
> …
> // conf external ->
> signatureApp.setExternalDigest(getPublicKeyBuffer(userCert), new byte[20],
> "RSA");
> signatureApp.preClose();
> MessageDigest messageDigest = MessageDigest.getInstance("SHA1");
> byte buf[] = new byte[8192];
> int n;
> InputStream inp = signatureApp.getRangeStream();
> while ((n = inp.read(buf)) > 0) {
> messageDigest.update(buf, 0, n);
> }
> byte hash[] = messageDigest.digest();
> PdfSigGenericPKCS pdfDict = signatureApp.getSigStandard();
> PdfLiteral slit = (PdfLiteral) pdfDict.get(PdfName.CONTENTS);
> byte[] outc = new byte[(slit.getPosLength() - 2) / 2];
> PdfPKCS7 sig = pdfDict.getSigner();
> Signature sign = Signature.getInstance("SHA1withRSA");
> sign.initSign(privateKey);
> sign.update(hash);
>
> sig.setExternalDigest(sign.sign(), hash, "RSA");
> PdfDictionary dic = new PdfDictionary();
>
> byte[] ssig = sig.getEncodedPKCS7(); /*<----Request RSA Key*/
>
> System.arraycopy(ssig, 0, outc, 0, ssig.length);
> dic.put(PdfName.CONTENTS, new PdfString(outc).setHexWriting(true));
> signatureApp.close(dic);
>
> ----------------------------------------------------------------------------------->>
>
> Im using jre 6, itext 2.1.7
> In the following post someone mentioned that the itext API was being re
> implemented and that this may solve the problem of multiple signatures in
> later versions.
> http://itext.2136553.n4.nabble.com/Re-Using-eToken-with-secondary-authentication-format-td3772022.html#a3776183
> Do you know if this has been solved?
> Thanks in advance.
>
> Regards,
>
>
>
> --
> View this message in context:
> http://itext.2136553.n4.nabble.com/PDF-multiple-signatures-problem-tp4660828.html
> Sent from the iText mailing list archive at Nabble.com.
>
> ------------------------------------------------------------------------------
> _______________________________________________
> iText-questions mailing list
> iText-questions@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/itext-questions
>
> iText(R) is a registered trademark of 1T3XT BVBA.
> Many questions posted to this list can (and will) be answered with a
> reference to the iText book: http://www.itextpdf.com/book/
> Please check the keywords list before you ask for examples:
> http://itextpdf.com/themes/keywords.php
------------------------------------------------------------------------------
_______________________________________________
iText-questions mailing list
iText-questions@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/itext-questions
iText(R) is a registered trademark of 1T3XT BVBA.
Many questions posted to this list can (and will) be answered with a reference
to the iText book: http://www.itextpdf.com/book/
Please check the keywords list before you ask for examples:
http://itextpdf.com/themes/keywords.php
