You are right, if I remove the manifest child, the signature becomes VALID. BUT I need also to handle the child manifest, for example this kind of manifest:
<manifest action="include" use="#f87fc978-ac45-40f4-b115-df8f1ab94354"/> If I understand well, to sign properly this document, you are telling me that I must use a XML Digital signature (add the "<signData>" node to the XFA following the DSIG recommandations). But if I use Acrobat Pro to sign this kind of document (dynamic PDF), I can see in the signed PDF that the XFA does not contain the "<signData>" node but contains the "<form>" node updated with a new checksum. And if I hard-code this checksum, my signature becomes VALID. Then I know my signature process is correct. Ideally, as the static PDF file case, I would have liked to not touch the XFA form. But apparently it cannot be done this way and I need to write over the "<form>" node. I would have imagined this checksum computation explained more clearly. What did I miss? -- View this message in context: http://itext-general.2136553.n4.nabble.com/Xfa-signature-tp2172306p3664367.html Sent from the iText - General mailing list archive at Nabble.com. ------------------------------------------------------------------------------ AppSumo Presents a FREE Video for the SourceForge Community by Eric Ries, the creator of the Lean Startup Methodology on "Lean Startup Secrets Revealed." This video shows you how to validate your ideas, optimize your ideas and identify your business strategy. http://p.sf.net/sfu/appsumosfdev2dev _______________________________________________ iText-questions mailing list iText-questions@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/itext-questions iText(R) is a registered trademark of 1T3XT BVBA. Many questions posted to this list can (and will) be answered with a reference to the iText book: http://www.itextpdf.com/book/ Please check the keywords list before you ask for examples: http://itextpdf.com/themes/keywords.php