Hi Salvo, thanks for the code, But additionally I would like to see how you put the signature into the the PDF. As Michael pointed out yesterday openening and saving the PDF would break the old hash ...
Greeting and looking forward for your example Andreas ----- Original Message ---- From: Mr.Salvatore Rapisarda <[email protected]> To: Post all your questions about iText here <[email protected]> Sent: Sun, March 14, 2010 11:06:10 AM Subject: Re: [iText-questions] Java applet for signing PDF documents Il 13/03/2010 16.40, mkl ha scritto: > > Salvo, > > > Salvo Rapisarda wrote: >> [...] A postback of page is made with Javascript and the output of >> signature was encapsuled with iTextSharp inside the PDF at server-side. >> All it's done without problem, but when I open signed version of PDF with >> Acrobat Reader the sign is not valid with reason: the document was >> modified after the signing. >> >> So the question is: I have made some mistake in my code or it's not >> possible to do a "asynchronous" signature process? > > In principle it is possible, but you have to take care. > > On the one hand, you must be sure --- as Andreas already mentioned --- to > calculate the hash for the range stream returned by > PdfSignatureAppearance.getRangeStream(), not simply the whole PDF file. > > On the other hand, you should be aware that when you start creating a > signature at different times, the range streams will be different, even if > you use the same explicite input data. You have to inject the returned > signature container in the very PdfStamper instance whose > PdfSignatureAppearance's RangeStream you used. > > Regards, Michael. Yes, I use getRangeStream() for calculate the PDF hash. This is the VB.NET (in asp.net web page) code: Public Sub GetHash(ByVal pdfInput As String) Dim reader As New PdfReader(pdfInput) Dim mm As New MemoryStream Dim st As PdfStamper = PdfStamper.CreateSignature(reader, mm, "\0", Nothing, True) Dim sap As PdfSignatureAppearance = st.SignatureAppearance sap.Acro6Layers = True sap.SetCrypto(Nothing, Nothing, Nothing, Nothing) Dim dic As New PdfSignature(PdfName.ADOBE_PPKMS, PdfName.ADBE_PKCS7_SHA1) dic.Name = "TEST" sap.CryptoDictionary = dic Dim csize As Integer = 4000 Dim exc As Hashtable = New Hashtable exc(PdfName.CONTENTS) = csize * 2 + 2 sap.PreClose(exc) Dim sha As HashAlgorithm = New SHA1CryptoServiceProvider sHash = Convert.ToBase64String(sha.ComputeHash(sap.RangeStream)) mm.Close() mm.Dispose() End Sub Where sHash is the Base64String of ComputeHash output. This is the Java code: CMSSignedDataGenerator generator = new CMSSignedDataGenerator(); CMSSignedDataGenerator.DIGEST_SHA1); generator.addSigner(theKey, theCertificate,CMSSignedDataGenerator.DIGEST_SHA1); ArrayList list = new ArrayList(); list.add(theCertificate); Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider()); chainStore = CertStore.getInstance("Collection", new CollectionCertStoreParameters(list), "BC"); generator.addCertificatesAndCRLs(chainStore); CMSProcessable content = new CMSProcessableByteArray(dataToSign); CMSSignedData signedData = generator.generate(content,true, "SunMSCAPI"); signature = signedData.getEncoded(); base64SignedString = new String(Base64.encode(signature)); There is another fact. If I save the content of "base64SignedString" in a .P7S file (always Base64) and verify the signature with external program there are no problem with signature! :S :S :S Only for Acrobat the signature isn't valid! Tomorrow I post to you a example of PDF signed with my program. Thank you for all your reply. Salvo. ------------------------------------------------------------------------------ Download IntelĀ® Parallel Studio Eval Try the new software tools for yourself. Speed compiling, find bugs proactively, and fine-tune applications for parallel performance. See why Intel Parallel Studio got high marks during beta. http://p.sf.net/sfu/intel-sw-dev _______________________________________________ iText-questions mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/itext-questions Buy the iText book: http://www.1t3xt.com/docs/book.php Check the site with examples before you ask questions: http://www.1t3xt.info/examples/ You can also search the keywords list: http://1t3xt.info/tutorials/keywords/ ------------------------------------------------------------------------------ Download Intel® Parallel Studio Eval Try the new software tools for yourself. Speed compiling, find bugs proactively, and fine-tune applications for parallel performance. See why Intel Parallel Studio got high marks during beta. http://p.sf.net/sfu/intel-sw-dev _______________________________________________ iText-questions mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/itext-questions Buy the iText book: http://www.1t3xt.com/docs/book.php Check the site with examples before you ask questions: http://www.1t3xt.info/examples/ You can also search the keywords list: http://1t3xt.info/tutorials/keywords/
