Hi Randolph, you're guessing right. Write out the /ByteRange (maybe 50 bytes) and the /Contents (some KB in case of PKCS7, 500 Bytes should be OK for RAW-Format) value as a placeholder with iText and replace these with the calculated values later without iText. I think Acrobat does the same thing while signing.
Paulo already answered to the () - <> bracket-problem in this list, but as you have to replace the whole placeholder anyway, it may not be important. You're not allowed to change the total number of bytes or move any offsets of PDF-objects as there are crossreference tables at the end of every PDF. If you do, Acrobat will consider it broken and try to repair it. You can fill the rest of your placeholder bytes with spaces. The ByteRange values should be 1 0 2 position of the '<' bracket in the Contents-value 3 position of the '>' bracket in the Contents-Value + 1 4 total file size - third value Regards, Peter P.S.: there seems to be something wrong with your mailing character set!? hello peter! On Tue, 18 May 2004, [iso-8859-1] "S=F6lter, Peter" wrote: > Hi Randolph, > have a look at the Doc from Adobe: 'PDF Public-Key Digital Signature and > Encryption Specification' > http://partners.adobe.com/asn/developer/pdfs/tn/ppk_pdfspec.pdf yes i found this document and i see that i have to write byterange and contents - but i do not know how to do this with itext correctly. i.e. how to create a correct itext document with a PdfSignature, Dictionary ... the itext-example signature.java produces something completely different to an adobe generated pdf. so i dont even know how to genrate a itext pdf document with a wrong signature :-( > There you can find information about how Byte-Ranges are calculated. > The signature has to be calculated exactly over the bytes referenced in t= he > ByteRange parameter. this is because the signature allways has the same length, right? so when i have a document with a wrong signature i can calculate this? > The best start is to produce a signed PDF with Acrobat full version (or > download one from the Internet) > and look at it with a text editor. yes i inspected it with vi... and there are some differences: what i do is as follows: Document doc =3D new Document(); PdfWriter writer =3D PdfWriter.getInstance(doc,new =09FileOutputStream("signature.pdf")); PdfSignature pdfs=3Dnew PdfSignature("Adobe.PPKLite"); int[] byterange=3Dnew int[4]; byterange[0]=3D0; byterange[1]=3D0; byterange[2]=3D0; byterange[3]=3D0; pdfs.setByteRange(byterange); pdfs.setSubFilter("adbe.pkcs7.detached"); pdfs.setContents(bytesToHex(sig).getBytes()); //the signature pdfs.setName("10.10.10.200"); // the common name of the certificate? pdfs.setString("Type","Sig"); doc.open(); doc.add(new Paragraph("Hello World")); writer.addToBody( pdfs ); doc.close(); and what i get is something like %PDF-1.4 % 1 0 obj <</Type (Sig) /Filter /Adobe.PPKLite /Contents (308006092A864886F70D010702A0803080020101310B300906052B0E03021A050030800609= 2A864886F70D0107010000A082025830820254308201BD02044051941C300D06092A864886F= 70D010104050030713110300E06035504061307556E6B6E6F776E3110300E06035504081307= 556E6B6E6F776E3110300E06035504071307556E6B6E6F776E3110300E060355040A1307556= E6B6E6F776E3110300E060355040B1307556E6B6E6F776E311530130603550403130C31302E= 31302E31302E323030301E170D3034303331323130343233365A170D3035303331323130343= 233365A30713110300E06035504061307556E6B6E6F776E3110300E06035504081307556E6B= 6E6F776E3110300E06035504071307556E6B6E6F776E3110300E060355040A1307556E6B6E6= F776E3110300E060355040B1307556E6B6E6F776E311530130603550403130C31302E31302E= 31302E32303030819F300D06092A864886F70D010101050003818D0030818902818100DAEB2= 68737BB4E69D8AC36B378618596BAD9D26244090E18511B0F91E0F75FA365E73FC1FC44EDAE= 3D3717EA5B03A0E8EDFA48C5CBF2B174739FD02306B4443B86A846CDA1002D162026A7AD287= FC4C241F4EA954E14870DF2EA4D0E1511EE1CE17A8552443C938040AE447E5FFF471E96DB65= E2E6E99327F9F655AA41CC0BFF0203010001300D06092A864886F70D0101040500038181002= 4DEFBBF5D85BBAB7BC80EFA213D06EF59DAE9FA38463D553DC8EB580A5B5DE04B8C2680D4F9= 11D20B4E94CA7CBB63943CFECA9C85ABF7D50B444BD6790D5ECA2FDF2D9F54CD787A749EB6C= DBA53E6A7C09B62477B924B0D1C5B0C8DEA6B2F560D87C6E653F40F33D992D2E171ADE67D21= B8E069FDE5596B1E1DFA61A47767DE3182017E3082017A020101307930713110300E0603550= 4061307556E6B6E6F776E3110300E06035504081307556E6B6E6F776E3110300E0603550407= 1307556E6B6E6F776E3110300E060355040A1307556E6B6E6F776E3110300E060355040B130= 7556E6B6E6F776E311530130603550403130C31302E31302E31302E32303002044051941C30= 0906052B0E03021A0500A05D301806092A864886F70D010903310B06092A864886F70D01070= 1301C06092A864886F70D010905310F170D3034303531383134343333345A302306092A8648= 86F70D0109043116041479D1F11E9C1AF2A06A3F50FAC3EA088C00FEF05A300D06092A86488= 6F70D0101010500048180571BE326D63E73885B6E972FAD71F9EC5E2260A0D71B6DCCBA8932= C120A174356A1F06B938412F077F8D005BBE2B53B29EB1D5301CB2ED1D4A746252F09295BF8= F882D10ACB47AC68ABF2AF173A41988D8996ED15F74D01757AADDDFDC01B4DF87DA5A06312F= F799E585A9A07581D37E885CE51D829268A0ACAE274F929A2422000000000000) /Name (10.10.10.200) /SubFilter /adbe.pkcs7.detached /ByteRange [0 0 0 0] >> endobj =2E... a.s.o. there are mayor differences to a acrobat signed document: the contents value has () instead of <> brackets? i have /Type (Sig) instead of /Type /Sig ? besides these problems: 1. so if i understand it right, i create a dummy pdf with signature where x are any bytes,S are signature/content bytes xxxxxxxxxxxxxxxxxxxxxxxxSSSSSSSSSSSSSSSSSSSSxxxxxxxxxxxxx 2. i calculate the right signature and replace S bytes regards randolph ------------------------------------------------------- This SF.Net email is sponsored by: SourceForge.net Broadband Sign-up now for SourceForge Broadband and get the fastest 6.0/768 connection for only $19.95/mo for the first 3 months! http://ads.osdn.com/?ad_id=2562&alloc_id=6184&op=click _______________________________________________ iText-questions mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/itext-questions
