Hi,
I have a problem with signature verification for signatures that are using
SHA-256, SHA-384 or SHA-512 hash algorithms. Verification from Adobe Reader
X goes just fine, reporting signature is valid but verification from iText
is throwing exception. I'm using iText 5.2.1.
Example of .pdf that is failing verification is attached:
http://itext-general.2136553.n4.nabble.com/file/n4652242/test_sign_SHA512.pdf
test_sign_SHA512.pdf
Stack trace for exception is:
ExceptionConverter: java.security.NoSuchAlgorithmException: SHA512
MessageDigest
not available
at sun.security.jca.GetInstance.getInstance(Unknown Source)
at java.security.Security.getImpl(Unknown Source)
at java.security.MessageDigest.getInstance(Unknown Source)
at com.itextpdf.text.pdf.PdfPKCS7.(PdfPKCS7.java:564)
at com.itextpdf.text.pdf.PdfPKCS7.(PdfPKCS7.java:415)
at
com.itextpdf.text.pdf.AcroFields.verifySignature(AcroFields.java:2307
)
at
com.itextpdf.text.pdf.AcroFields.verifySignature(AcroFields.java:2257
)
at
com.spica.eppl.client.controller.MainController.handleVerifyPdfSignat
ure(MainController.java:137)
Code for signature verification:
PdfReader reader = new PdfReader(signedPdfFilePath);
AcroFields af = reader.getAcroFields();
PdfPKCS7 pkcs = af.verifySignature("Racunopolagac"); //line 137 that throw
exception
Code used for signing:
PdfReader reader = new PdfReader(srcPdf);
FileOutputStream fout = new FileOutputStream(dstPdf);
PdfStamper stp = PdfStamper.createSignature(reader, fout, '\0', null,
signData.isAppend());
PdfSignatureAppearance sap = stp.getSignatureAppearance();
sap.setCrypto(null, chain, crls, null);
PdfSignature dic = new PdfSignature(PdfName.ADOBE_PPKLITE,
PdfName.ADBE_PKCS7_DETACHED);
String hashAlgorithm = signData.getEmbedSettings().getHashAlgorithm(); /*
SHA1, SHA-256, SHA-384, SHA-512 */
PdfPKCS7 sgn = new PdfPKCS7(pk, chain, crls, hashAlgorithm, null, false);
InputStream data = sap.getRangeStream();
MessageDigest messageDigest = MessageDigest.getInstance(hashAlgorithm);
--
View this message in context:
http://itext-general.2136553.n4.nabble.com/Problem-with-signature-verification-when-using-SHA2-algorithms-tp4652242.html
Sent from the iText - General mailing list archive at Nabble.com.------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
iText-questions mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/itext-questions
iText(R) is a registered trademark of 1T3XT BVBA.
Many questions posted to this list can (and will) be answered with a reference
to the iText book: http://www.itextpdf.com/book/
Please check the keywords list before you ask for examples:
http://itextpdf.com/themes/keywords.php
