But I added the provider to the JAVA.SECURITY file in the JRE's LIB\SECURITY
folder:
"security.provider.6=org.bouncycastle.jce.provider.BouncyCastleProvider"
When I do a listing of providers I don't see it anywhere. Is there some
other way to access it or register it?
Thanks!
webpointz wrote:
>
> I am using ColdFusion (CFMX 7.02). In order not to break the bundled
> iText version, I am using Mark Mandels JavaLoader utility to directly load
> the latest iText and Bouncy Castle jar files.
>
> No matter what I try, when I attempt to do "acrofields.verifySignature" I
> get the error "java.security.NoSuchAlgorithmException: SHA256
> MessageDigest not available".
>
> I am using the the most up-to-date (last) Sun JRE 1.4.2_19. In the
> JRE\LIB\SECURITY folder I am using the JCE files from Sun for "unlimited
> strength" along with a pointer in my Java.Security to
> "security.provider.6=org.bouncycastle.jce.provider.BouncyCastleProvider".
>
> Here is a snippet of my code and the error. According to other sources,
> SHA256 is supported in JVM 1.4.2. I should add I am getting the same
> error even when using the JRE 1.5.0_22.
>
> It works in CF9 but the current environment for the client is CFMX 7.02
> and will be for a while to come.
>
> Code:
>
> <cfscript>
>
> paths = arrayNew(1);
> paths[1] = expandPath("/iText/iText-2.1.7.jar");
> paths[2] = expandPath("/iText/bcprov-jdk14-144.jar");
> paths[3] = expandPath("/iText/bctsp-jdk14-144.jar");
>
> server.loader = createObject("component",
> "comnew.javaloader.JavaLoader").init( paths );
>
> // File with valid entrust certificate signed
> fullPathToSignedFile = ExpandPath(filetoread);
>
> // load class for PKCS##7 signature handling
> PdfPKCS7 =
> server.loader.create("com.lowagie.text.pdf.PdfPKCS7");
> // Loads the default root certificates at
> <java.home>/lib/security/cacerts
> keyStore = PdfPKCS7.loadCacertsKeyStore();
>
> // create a reader for the document
> pdfReader =
> server.loader.create("com.lowagie.text.pdf.PdfReader").init(
> fullPathToSignedFile );
> // get a read-only copy of the fields in the document
> acroFields = pdfReader.getAcroFields();
>
> // create an output stream used later to extract revisions
> outStream =
> createObject("java","java.io.FileOutputStream");
>
> // get an array of signature names
> signatureNames = acroFields.getSignatureNames();
> //for (k = 1; k LTE arrayLen(signatureNames); kk = k + 1) {
>
> // get current signature
> name = signatureNames[1];
>
> // display signature+revision information
> WriteOutput("<div
> style='float:left;font-family:arial;color:
> black;font-weight:normal;'><strong>Signature covers whole document:
> </strong>"& acroFields.signatureCoversWholeDocument(name) &"</div><br
> clear='all' />");
> WriteOutput("<div
> style='float:left;font-family:arial;color:
> black;font-weight:normal;'><strong>Document revision: </strong>"&
> acroFields.getRevision(name) &" of "& acroFields.getTotalRevisions()
> &"</div><br clear='all' />");
>
> // Start revision extraction
> out = outStream.init("revision_"&
> acroFields.getRevision(name) &
> ".pdf");
>
> // create a byte array for extracting revision
> byteClass = createObject("java",
> "java.lang.Byte").TYPE;
> byteArray =
> createObject("java","java.lang.reflect.Array").newInstance(byteClass,
> javacast("int", 8192));
>
> inputStream = acroFields.extractRevision(name);
>
> offset = javacast("int", 0);
> // read up to 8192 bytes into the array
> length = inputStream.read(byteArray);
> // if there is any data to read
> while ( length GT 0) {
> // write the bytes to the output file
> out.write(byteArray, offset, length);
> // read up to the next 8192 bytes into the array
> length = inputStream.read(byteArray);
> }
> // close the file streams
> out.close();
> inputStream.close();
> // End revision extraction
>
> pk = acroFields.verifySignature(name);
> calendar = pk.getSignDate();
> validSig = pk.verify();
>
> newVar1 =
> PdfPKCS7.getSubjectFields(pk.getSigningCertificate());
> sigNew = newVar1.getFields();
> sigC = newVar1.getField("C");
> sigCN = newVar1.getField("CN");
> sigO = newVar1.getField("O");
> sigOU = newVar1.getField("OU");
> sigEmail = newVar1.getField("E");
> certificateArray = pk.getCertificates();
>
> WriteOutput("<div
> style='float:left;font-family:arial;color:
> black;font-weight:normal;'><strong>Subject: </strong> "&
> PdfPKCS7.getSubjectFields(pk.getSigningCertificate()) &"</div>");
> WriteOutput("<br clear='all' /><div
> style='float:left;font-family:arial;color:
> black;font-weight:normal;'><strong>Document modified: </strong>"& (NOT
> pk.verify()) &"</div>");
> WriteOutput("<br clear='all' /><div
> style='float:left;font-family:arial;color:
> black;font-weight:normal;'><strong>Signers Name: </strong>"& sigCN
> &"</div>");
>
> if ( NOT IsDefined("sigEmail")) {
> sigEmail = "";
> }
>
> // verify the array of certificates
> failureArray = PdfPKCS7.verifyCertificates(
> certificateArray,
> keyStore, javacast("null", ""), calendar );
>
> // note, java null values are not defined in CF
> if ( NOT IsDefined("failureArray")) {
> WriteOutput("<br clear='all'><div
> style='float:left;font-family:arial;color:
> blue;font-weight:bold;'>Certificate verified against the KeyStore" &"
> </div>");
> success = "pass";
> }
> else {
> // WriteOutput("<br clear='all'><div
> style='float:left;color: red;'>Certificate failed[1]: "& failureArray[1]
> &" </div>");
> WriteOutput("<br clear='all'><div
> style='float:left;font-family:arial;color:
> black;font-weight:normal;'><strong>Certificate failed (Details):</strong>
> <pre>"& failureArray[1] &"</pre></div> ");
> success = "fail";
> }
> //}
>
> getComments = acroFields.getField("comments");
> getUserName = acroFields.getField("username");
>
> //WriteOutput("<br clear='all' /><br /><div
> style='float:left;font-family:arial;color:
> black;font-weight:bold;'>Finished Processing!</div>");
> </cfscript>
>
>
>
--
View this message in context:
http://old.nabble.com/iText-and-Bouncy-Castle-using-JVM-1.4.2%21-tp26269181p26273235.html
Sent from the iText - General mailing list archive at Nabble.com.
------------------------------------------------------------------------------
Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day
trial. Simplify your report design, integration and deployment - and focus on
what you do best, core application coding. Discover what's new with
Crystal Reports now. http://p.sf.net/sfu/bobj-july
_______________________________________________
iText-questions mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/itext-questions
Buy the iText book: http://www.1t3xt.com/docs/book.php
Check the site with examples before you ask questions:
http://www.1t3xt.info/examples/
You can also search the keywords list: http://1t3xt.info/tutorials/keywords/
