For WINCER_SIGNED the hash algorithm has to be SHA1. As I said in another mail the signature code is being revised.
Paulo > -----Original Message----- > From: mamueller [mailto:[email protected]] > Sent: Tuesday, December 22, 2009 8:56 AM > To: [email protected] > Subject: [iText-questions] External signature in Wincer Sign > Mode SHA256 does not work > > > Hello, > > i have tried to run the example with an external signature in > WINCER SIGNED > MODE, like described on: > (http://itextpdf.sourceforge.net/howtosign.html#signextstd). > With Algorithm SHA1 sign and verification works fine. > But if i replace the SHA1 through SHA256 the sign process > works without > errors, but the verification of the signed document with > Acrobat reader > 9.1.3 fails with message: "The document was changed or > damaged after put > signature" > > The code for signing: > > Security.addProvider(new BouncyCastleProvider()); > > ks.load(new FileInputStream("my_private_key.pfx"), > "my_password".toCharArray()); > String alias = (String)ks.aliases().nextElement(); > PrivateKey key = (PrivateKey)ks.getKey(alias, > "my_password".toCharArray()); > Certificate[] chain = ks.getCertificateChain(alias); > PdfReader reader = new PdfReader("c:\\original.pdf"); > FileOutputStream fout = new > FileOutputStream("c:\\aax2xsigned.pdf"); > PdfStamper stp = PdfStamper.createSignature(reader, > fout, '\0'); > PdfSignatureAppearance sap = stp.getSignatureAppearance(); > sap.setCrypto(key, chain, null, > PdfSignatureAppearance.WINCER_SIGNED); > sap.setReason("I'm the author"); > sap.setLocation("Lisbon"); > // comment next line to have an invisible signature > sap.setVisibleSignature(new Rectangle(100, 100, 200, > 200), 1, null); > sap.setExternalDigest(new byte[128], new byte[20], "RSA"); > sap.preClose(); > MessageDigest messageDigest = > MessageDigest.getInstance("SHA256"); > byte buf[] = new byte[8192]; > int n; > InputStream inp = sap.getRangeStream(); > while ((n = inp.read(buf)) > 0) { > messageDigest.update(buf, 0, n); > } > byte hash[] = messageDigest.digest(); > PdfSigGenericPKCS sg = sap.getSigStandard(); > PdfLiteral slit = (PdfLiteral)sg.get(PdfName.CONTENTS); > byte[] outc = new byte[(slit.getPosLength() - 2) / 2]; > PdfPKCS7 sig = sg.getSigner(); > Signature sign = Signature.getInstance("SHA256WithRSA"); > sign.initSign(key); > sign.update(hash); > sig.setExternalDigest(sign.sign(), hash, "RSA"); > PdfDictionary dic = new PdfDictionary(); > byte[] ssig = sig.getEncodedPKCS7(); > System.arraycopy(ssig, 0, outc, 0, ssig.length); > dic.put(PdfName.CONTENTS, new > PdfString(outc).setHexWriting(true)); > sap.close(dic); > > Kind regards and merry christmas > > Manfred Aviso Legal: Esta mensagem é destinada exclusivamente ao destinatário. Pode conter informação confidencial ou legalmente protegida. A incorrecta transmissão desta mensagem não significa a perca de confidencialidade. Se esta mensagem for recebida por engano, por favor envie-a de volta para o remetente e apague-a do seu sistema de imediato. É proibido a qualquer pessoa que não o destinatário de usar, revelar ou distribuir qualquer parte desta mensagem. Disclaimer: This message is destined exclusively to the intended receiver. It may contain confidential or legally protected information. The incorrect transmission of this message does not mean the loss of its confidentiality. If this message is received by mistake, please send it back to the sender and delete it from your system immediately. It is forbidden to any person who is not the intended receiver to use, distribute or copy any part of this message.
------------------------------------------------------------------------------ This SF.Net email is sponsored by the Verizon Developer Community Take advantage of Verizon's best-in-class app development support A streamlined, 14 day to market process makes app distribution fast and easy Join now and get one step closer to millions of Verizon customers http://p.sf.net/sfu/verizon-dev2dev
_______________________________________________ iText-questions mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/itext-questions Buy the iText book: http://www.1t3xt.com/docs/book.php Check the site with examples before you ask questions: http://www.1t3xt.info/examples/ You can also search the keywords list: http://1t3xt.info/tutorials/keywords/
