Hi,
I have certified the PDF and embedded the digital signature with timestamp
using iText and Bouncy Castle API's. Can anybody tells me that how to verify
the PKCS#7 digital signature, certificate chain and timestamp present in the
PDF?
I am using the same code present at the following URL:
http://itextpdf.sourceforge.net/howtosign.html#howtoverify
I have used the example given at the following location to create the
PKCS#7signature and timstamp using Bouncy Castle API:
http://www.nabble.com/PDF-Digital-signature-with-timestamp---using-Time-Stamp-Authority---example-t4147508.html
I am using external HSM device to read the keystore and keys stored on it.
But while verifying the signature, it is failing at the following line:
java.security.SignatureException: Verification failed
at com..crypto.<devieName>CertificateX509.verify(<HSMdeviceName>
CertificateX509.java:461)
at com..crypto.<deviceName>CertificateX509.verify(<HSMDeviceName>
CertificateX509.java:396)
at pdf.certify.timestamp.PdfPKCS7.verifyCertificates(PdfPKCS7.java
:648)
at MySigner.verify(MySigner.java:495)
at MySigner.signPDF(MySigner.java:367)
at MySigner.main(MySigner.java:105)
There are 3 certificates in the chain: it passes the first certificate
verification but in the second and third it fails and finally Signature
Exception.
Please let me know about the clue to resolve the above issue.
Thanks
Gurpreet Singh
-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems? Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________
iText-questions mailing list
iText-questions@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/itext-questions
Buy the iText book: http://itext.ugent.be/itext-in-action/
