Bingo!
Found out that you were indeed correct. The providers in CFMX were NOT
loading this MessageDigest. It seems that CFMX has an issue loading the
extra provider, so the fix is to add the provider to the JAVA.SECURITY file
in the JRE\LIB\SECURITY folder AND place the BC*.jar files in the
JRE\LIB\EXT folder.
Once I restarted the CFMX7 server everything worked like a charm.
Thanks for your assistance.
webpointz wrote:
>
> But I added the provider to the JAVA.SECURITY file in the JRE's
> LIB\SECURITY folder:
>
> "security.provider.6=org.bouncycastle.jce.provider.BouncyCastleProvider"
>
> When I do a listing of providers I don't see it anywhere. Is there some
> other way to access it or register it?
>
> Thanks!
>
>
>
> webpointz wrote:
>>
>> I am using ColdFusion (CFMX 7.02). In order not to break the bundled
>> iText version, I am using Mark Mandels JavaLoader utility to directly
>> load the latest iText and Bouncy Castle jar files.
>>
>> No matter what I try, when I attempt to do "acrofields.verifySignature" I
>> get the error "java.security.NoSuchAlgorithmException: SHA256
>> MessageDigest not available".
>>
>> I am using the the most up-to-date (last) Sun JRE 1.4.2_19. In the
>> JRE\LIB\SECURITY folder I am using the JCE files from Sun for "unlimited
>> strength" along with a pointer in my Java.Security to
>> "security.provider.6=org.bouncycastle.jce.provider.BouncyCastleProvider".
>>
>> Here is a snippet of my code and the error. According to other sources,
>> SHA256 is supported in JVM 1.4.2. I should add I am getting the same
>> error even when using the JRE 1.5.0_22.
>>
>> It works in CF9 but the current environment for the client is CFMX 7.02
>> and will be for a while to come.
>>
>> Code:
>>
>> <cfscript>
>>
>> paths = arrayNew(1);
>> paths[1] = expandPath("/iText/iText-2.1.7.jar");
>> paths[2] = expandPath("/iText/bcprov-jdk14-144.jar");
>> paths[3] = expandPath("/iText/bctsp-jdk14-144.jar");
>>
>> server.loader = createObject("component",
>> "comnew.javaloader.JavaLoader").init( paths );
>>
>> // File with valid entrust certificate signed
>> fullPathToSignedFile = ExpandPath(filetoread);
>>
>> // load class for PKCS##7 signature handling
>> PdfPKCS7 =
>> server.loader.create("com.lowagie.text.pdf.PdfPKCS7");
>> // Loads the default root certificates at
>> <java.home>/lib/security/cacerts
>> keyStore = PdfPKCS7.loadCacertsKeyStore();
>>
>> // create a reader for the document
>> pdfReader =
>> server.loader.create("com.lowagie.text.pdf.PdfReader").init(
>> fullPathToSignedFile );
>> // get a read-only copy of the fields in the document
>> acroFields = pdfReader.getAcroFields();
>>
>> // create an output stream used later to extract revisions
>> outStream =
>> createObject("java","java.io.FileOutputStream");
>>
>> // get an array of signature names
>> signatureNames = acroFields.getSignatureNames();
>> //for (k = 1; k LTE arrayLen(signatureNames); kk = k + 1) {
>>
>> // get current signature
>> name = signatureNames[1];
>>
>> // display signature+revision information
>> WriteOutput("<div
>> style='float:left;font-family:arial;color:
>> black;font-weight:normal;'><strong>Signature covers whole document:
>> </strong>"& acroFields.signatureCoversWholeDocument(name) &"</div><br
>> clear='all' />");
>> WriteOutput("<div
>> style='float:left;font-family:arial;color:
>> black;font-weight:normal;'><strong>Document revision: </strong>"&
>> acroFields.getRevision(name) &" of "& acroFields.getTotalRevisions()
>> &"</div><br clear='all' />");
>>
>> // Start revision extraction
>> out = outStream.init("revision_"&
>> acroFields.getRevision(name)
>> & ".pdf");
>>
>> // create a byte array for extracting revision
>> byteClass = createObject("java",
>> "java.lang.Byte").TYPE;
>> byteArray =
>> createObject("java","java.lang.reflect.Array").newInstance(byteClass,
>> javacast("int", 8192));
>>
>> inputStream = acroFields.extractRevision(name);
>>
>> offset = javacast("int", 0);
>> // read up to 8192 bytes into the array
>> length = inputStream.read(byteArray);
>> // if there is any data to read
>> while ( length GT 0) {
>> // write the bytes to the output file
>> out.write(byteArray, offset, length);
>> // read up to the next 8192 bytes into the array
>> length = inputStream.read(byteArray);
>> }
>> // close the file streams
>> out.close();
>> inputStream.close();
>> // End revision extraction
>>
>> pk = acroFields.verifySignature(name);
>> calendar = pk.getSignDate();
>> validSig = pk.verify();
>>
>> newVar1 =
>> PdfPKCS7.getSubjectFields(pk.getSigningCertificate());
>> sigNew = newVar1.getFields();
>> sigC = newVar1.getField("C");
>> sigCN = newVar1.getField("CN");
>> sigO = newVar1.getField("O");
>> sigOU = newVar1.getField("OU");
>> sigEmail = newVar1.getField("E");
>> certificateArray = pk.getCertificates();
>>
>> WriteOutput("<div
>> style='float:left;font-family:arial;color:
>> black;font-weight:normal;'><strong>Subject: </strong> "&
>> PdfPKCS7.getSubjectFields(pk.getSigningCertificate()) &"</div>");
>> WriteOutput("<br clear='all' /><div
>> style='float:left;font-family:arial;color:
>> black;font-weight:normal;'><strong>Document modified: </strong>"& (NOT
>> pk.verify()) &"</div>");
>> WriteOutput("<br clear='all' /><div
>> style='float:left;font-family:arial;color:
>> black;font-weight:normal;'><strong>Signers Name: </strong>"& sigCN
>> &"</div>");
>>
>> if ( NOT IsDefined("sigEmail")) {
>> sigEmail = "";
>> }
>>
>> // verify the array of certificates
>> failureArray = PdfPKCS7.verifyCertificates(
>> certificateArray,
>> keyStore, javacast("null", ""), calendar );
>>
>> // note, java null values are not defined in CF
>> if ( NOT IsDefined("failureArray")) {
>> WriteOutput("<br clear='all'><div
>> style='float:left;font-family:arial;color:
>> blue;font-weight:bold;'>Certificate verified against the KeyStore" &"
>> </div>");
>> success = "pass";
>> }
>> else {
>> // WriteOutput("<br clear='all'><div
>> style='float:left;color: red;'>Certificate failed[1]: "& failureArray[1]
>> &" </div>");
>> WriteOutput("<br clear='all'><div
>> style='float:left;font-family:arial;color:
>> black;font-weight:normal;'><strong>Certificate failed (Details):</strong>
>> <pre>"& failureArray[1] &"</pre></div> ");
>> success = "fail";
>> }
>> //}
>>
>> getComments = acroFields.getField("comments");
>> getUserName = acroFields.getField("username");
>>
>> //WriteOutput("<br clear='all' /><br /><div
>> style='float:left;font-family:arial;color:
>> black;font-weight:bold;'>Finished Processing!</div>");
>> </cfscript>
>>
>>
>>
>
>
--
View this message in context:
http://old.nabble.com/iText-and-Bouncy-Castle-using-JVM-1.4.2%21-tp26269181p26273930.html
Sent from the iText - General mailing list archive at Nabble.com.
------------------------------------------------------------------------------
Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day
trial. Simplify your report design, integration and deployment - and focus on
what you do best, core application coding. Discover what's new with
Crystal Reports now. http://p.sf.net/sfu/bobj-july
_______________________________________________
iText-questions mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/itext-questions
Buy the iText book: http://www.1t3xt.com/docs/book.php
Check the site with examples before you ask questions:
http://www.1t3xt.info/examples/
You can also search the keywords list: http://1t3xt.info/tutorials/keywords/
