[iText-questions] HTML to PDF
Hi, I am new to using iText and was wanting to convert an HTML string into a PDF. I have seen a couple different examples on the web, but was wondering if you guys had a recommended best practice for doing this with iText in C#. Thanks in advance! -- Slashdot TV. Video for Nerds. Stuff that matters. http://tv.slashdot.org/___ iText-questions mailing list iText-questions@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/itext-questions iText(R) is a registered trademark of 1T3XT BVBA. Many questions posted to this list can (and will) be answered with a reference to the iText book: http://www.itextpdf.com/book/ Please check the keywords list before you ask for examples: http://itextpdf.com/themes/keywords.php
Re: [iText-questions] Sign and PDF with SmartCard and web browser only
i am actually signing the document hash in the client browser by using capicom dll in javascript *and not by itextsharp*. the actual document is in the server side. so, the signed hash is embedded in the pdf file by using itextsharp in the server. after embedding the CAPICOM generated signature in the pdf file through itextsharp i am getting the following error: The Document has been altered or corrupted since the Signature was applied. please help. -- View this message in context: http://itext-general.2136553.n4.nabble.com/Sign-and-PDF-with-SmartCard-and-web-browser-only-tp4319344p4660335.html Sent from the iText - General mailing list archive at Nabble.com. -- Slashdot TV. Video for Nerds. Stuff that matters. http://tv.slashdot.org/ ___ iText-questions mailing list iText-questions@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/itext-questions iText(R) is a registered trademark of 1T3XT BVBA. Many questions posted to this list can (and will) be answered with a reference to the iText book: http://www.itextpdf.com/book/ Please check the keywords list before you ask for examples: http://itextpdf.com/themes/keywords.php
[iText-questions] [SPAM] Re: Sign and PDF with SmartCard and web browser only
arnabroy, arnabroy wrote i am actually signing the document hash in the client browser by using capicom dll in javascript * and not by itextsharp * . the actual document is in the server side. so, the signed hash is embedded in the pdf file by using itextsharp in the server. You claim you are /signing the document hash in the client browser/. That is not true: The hash you send to the client is not the document hash but instead: Default.cs: PdfPKCS7 sgn = new PdfPKCS7(null, chain, SHA1, false); ... byte[] sh = sgn.getAuthenticatedAttributeBytes(hash, cal.TodaysDate, null, null, CryptoStandard.CMS); ... hdnSignatureHash.Text = System.Text.Encoding.Unicode.GetString(sh); Thus, you start by creating a CMS signature using iTextSharp helper classes (PdfPKCS7), take the resulting authenticated attributes to be signed, and try to send them to the client. I say 'try' because by interpreting them as Unicode of some text (Unicode.GetString(sh)) you already utterly destroy them. But let's assume you sent them to the client in a viable manner... Default.aspx: var SignedData = new ActiveXObject(CAPICOM.SignedData); SignedData.Content = document.getElementById(FeaturedContent_hdnSignatureHash).value; var Signer = new ActiveXObject(CAPICOM.Signer); Signer.Certificate = cert; var szSignature = SignedData.Sign(Signer, true, CAPICOM_ENCODE_BASE64); SignedData.Verify(szSignature, true, CAPICOM_VERIFY_SIGNATURE_ONLY); document.getElementById(FeaturedContent_hdnSignature).value = szSignature; On the client you now create a detached CMS signature of the afore-mentioned authenticated attributes and send that signature container bas64-encoded back to the server. Default.cs: Org.BouncyCastle.Cms.CmsSignedData cms = new Org.BouncyCastle.Cms.CmsSignedData(Convert.FromBase64String(hdnSignature.Text)); byte[] encodedSig = cms.GetEncoded(); byte[] paddedSig = new byte[8192]; Array.Copy(encodedSig, 0, paddedSig, 0, encodedSig.Length); PdfDictionary dic2 = new PdfDictionary(); dic2.Put(PdfName.CONTENTS, new PdfString(paddedSig).SetHexWriting(true)); sap.Close(dic2); On the server you use BouncyCastle essentially only to base64-decode the CMS container created by the client and insert it as is into the PDF. Thus, the data signed by the signature (the authenticated attributes prepared by iTextSharp) are thrown away and the signature is injected into a PDF which it hardly has anything to do with. What you need to do first: 1. Choose what shall create the CMS SignerInfo structure, either iTextSharp server-side, or CAPICOM client-side or BouncyCastle server-side. Adjust your code to that choice. 2. Transfer data properly, especially don't interpret arbitrary bytes as Unicode text but instead transfer them base64-encoded. Furthermore the CMS container created by your way of using CAPICOM is very minimal, it does not provide any of the authenticated attributes nowadays required by many signature profiles but instead only signs the given data. I don't know enough CAPICOM to tell whether it can create up-to-date signatures. You may have to switch or do some funny de- and reassembling of signature structures. regards, Michael -- View this message in context: http://itext-general.2136553.n4.nabble.com/Sign-and-PDF-with-SmartCard-and-web-browser-only-tp4319344p4660336.html Sent from the iText - General mailing list archive at Nabble.com. -- Slashdot TV. Video for Nerds. Stuff that matters. http://tv.slashdot.org/ ___ iText-questions mailing list iText-questions@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/itext-questions iText(R) is a registered trademark of 1T3XT BVBA. Many questions posted to this list can (and will) be answered with a reference to the iText book: http://www.itextpdf.com/book/ Please check the keywords list before you ask for examples: http://itextpdf.com/themes/keywords.php
[iText-questions] InlineImageParseException: Could not find image data or EI
We have some PDFs that have recently been throwing the following errors when attempting to call the processContent method. I have noticed that a few folks had noticed this with earlier versions of iText, but we are currently using iText 5.5.0. I wish I could provide the PDF, but it has a bunch of proprietary and confidential information in it. It appears there are some acknowledged bugs with this code based on the JavaDoc of the InlineImageUtils.java class: // read all content until we reach an EI operator surrounded by whitespace. // The following algorithm has two potential issues: what if the image stream // contains wsEIws ? // Plus, there are some streams that don't have the ws before the EI operator // it sounds like we would have to actually decode the content stream, which // I'd rather avoid right now. Is there any active development going on that would solve this issue for some PDFs that addresses the whitespace issues? [2014-09-02 18:45:52,433|ERROR|RESTService|genericException|88] Could not find image data or EI ExceptionConverter: com.itextpdf.text.pdf.parser.InlineImageUtils$InlineImageParseException: Could not find image data or EI at com.itextpdf.text.pdf.parser.InlineImageUtils.parseInlineImageSamples( InlineImageUtils.java:386) at com.itextpdf.text.pdf.parser.InlineImageUtils.parseInlineImage( InlineImageUtils.java:154) at com.itextpdf.text.pdf.parser.PdfContentStreamProcessor.processContent( PdfContentStreamProcessor.java:386) at com.itextpdf.text.pdf.parser.PdfReaderContentParser.processContent( PdfReaderContentParser.java:80) at com.tsgrp.opencontent.universal.annotation.XFDFAnnotationImpl. getProcessedPage(XFDFAnnotationImpl.java:508) Ben Allen *technology services **group* bal...@tsgrp.com 312-899-2943 -- Slashdot TV. Video for Nerds. Stuff that matters. http://tv.slashdot.org/___ iText-questions mailing list iText-questions@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/itext-questions iText(R) is a registered trademark of 1T3XT BVBA. Many questions posted to this list can (and will) be answered with a reference to the iText book: http://www.itextpdf.com/book/ Please check the keywords list before you ask for examples: http://itextpdf.com/themes/keywords.php
Re: [iText-questions] InlineImageParseException: Could not find image data or EI
On 9/4/2014 4:57 PM, Benjamin Allen wrote: Is there any active development going on that would solve this issue for some PDFs that addresses the whitespace issues? There's a discussion about this on the paid support system. Are you a paying customer? If so, use your access to paid support to be kept up to date. If you're not... Well, as you're talking about sensitive documents and as you're so concerned about it, why don't you get a commercial iText license to be kept up to date? You are making money using iText, why not spend some of that money rewarding the people developing and maintaining the product? -- Slashdot TV. Video for Nerds. Stuff that matters. http://tv.slashdot.org/___ iText-questions mailing list iText-questions@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/itext-questions iText(R) is a registered trademark of 1T3XT BVBA. Many questions posted to this list can (and will) be answered with a reference to the iText book: http://www.itextpdf.com/book/ Please check the keywords list before you ask for examples: http://itextpdf.com/themes/keywords.php
Re: [iText-questions] Sign and PDF with SmartCard and web browser only
hi michael,
same error file corrupted
please help
STEP1: creating the hash of the pdf file in the server
protected void Button1_Click(object sender, EventArgs e)
{
string _gstrFilePath =
Server.MapPath(~/NewFolder1/TRANSFER_[PROVISIONAL]_29_05_2014.pdf);
SHA1Managed sha1 = new SHA1Managed();
UnicodeEncoding encoding = new UnicodeEncoding();
byte[] data1 = File.ReadAllBytes(_gstrFilePath);
byte[] hash1 = sha1.ComputeHash(data1);
hdnSignatureHash.Text = Convert.ToBase64String(hash1);
}
STEP2: getting the certificate and signed hash in the client side
javascript:
function fnGetCertificate() {
var obj = new ActiveXObject('PDFSIGNATURE.PDFSIG');
var cer = obj.PdfSignature(1A87CCE901002C24);
document.getElementById(FeaturedContent_hdnCertificate).value
= cer;
}
function fnGetSignature() {
var obj = new ActiveXObject('PDFSIGNATURE.PDFSIG');
var signedhash = obj.PdfSignedHash(1A87CCE901002C24,
document.getElementById(FeaturedContent_hdnSignatureHash).value);
document.getElementById(FeaturedContent_hdnSignature).value =
signedhash;
}
.net dll in the client side
public string PdfSignature(string SerialNumber)
{
bool Success = false;
byte[] extCert = null;
String strReturn = string.Empty;
try
{
System.Security.Cryptography.X509Certificates.X509Store
store = new System.Security.Cryptography.X509Certificates.X509Store(MY,
System.Security.Cryptography.X509Certificates.StoreLocation.CurrentUser);
store.Open(System.Security.Cryptography.X509Certificates.OpenFlags.ReadOnly
| System.Security.Cryptography.X509Certificates.OpenFlags.OpenExistingOnly);
//System.Security.Cryptography.X509Certificates.X509Certificate2Collection
sel =
System.Security.Cryptography.X509Certificates.X509Certificate2UI.SelectFromCollection(store.Certificates,
null, null,
System.Security.Cryptography.X509Certificates.X509SelectionFlag.SingleSelection);
System.Security.Cryptography.X509Certificates.X509Certificate2 cert =
store.Certificates.Find(System.Security.Cryptography.X509Certificates.X509FindType.FindBySerialNumber,
SerialNumber, false)[0];
//System.Security.Cryptography.X509Certificates.X509Certificate2 cert =
store.Certificates[0];
Org.BouncyCastle.X509.X509CertificateParser cp = new
Org.BouncyCastle.X509.X509CertificateParser();
Org.BouncyCastle.X509.X509Certificate[] chain = new
Org.BouncyCastle.X509.X509Certificate[] {
cp.ReadCertificate(cert.RawData)};
return
Convert.ToBase64String(cert.Export(System.Security.Cryptography.X509Certificates.X509ContentType.Cert,
PASSWORD));
}
catch (Exception ex)
{
strReturn = ex.Message;
return strReturn;
}
}
[ComVisible(true)]
public string PdfSignedHash(string SerialNumber,string hash)
{
bool Success = false;
byte[] signedhash = null;
String strReturn = string.Empty;
try
{
System.Security.Cryptography.X509Certificates.X509Store
store = new System.Security.Cryptography.X509Certificates.X509Store(MY,
System.Security.Cryptography.X509Certificates.StoreLocation.CurrentUser);
store.Open(System.Security.Cryptography.X509Certificates.OpenFlags.ReadOnly
| System.Security.Cryptography.X509Certificates.OpenFlags.OpenExistingOnly);
//System.Security.Cryptography.X509Certificates.X509Certificate2Collection
sel =
System.Security.Cryptography.X509Certificates.X509Certificate2UI.SelectFromCollection(store.Certificates,
null, null,
System.Security.Cryptography.X509Certificates.X509SelectionFlag.SingleSelection);
System.Security.Cryptography.X509Certificates.X509Certificate2 ocert =
store.Certificates.Find(System.Security.Cryptography.X509Certificates.X509FindType.FindBySerialNumber,
SerialNumber, false)[0];
System.Security.Cryptography.RSACryptoServiceProvider
privateKey =
(System.Security.Cryptography.RSACryptoServiceProvider)ocert.PrivateKey;
signedhash =
privateKey.SignHash(Convert.FromBase64String(hash), SHA1);
return Convert.ToBase64String(signedhash);
}
catch (Exception ex)
{
strReturn = ex.Message;
return strReturn;
}
}
STEP 3: sign pdf by itextsharp in the server
protected void Button2_Click(object sender, EventArgs e)
{
string _gstrFilePath =
Server.MapPath(~/NewFolder1/TRANSFER_[PROVISIONAL]_29_05_2014.pdf);
System.Security.Cryptography.X509Certificates.X509Certificate2
oCert
Re: [iText-questions] [SPAM] Re: Encrypting signed pdf file
Yeah, I get it, it shouldn't alter the signature. I did some more testing and it got worse: it seems to be random. Some files the signature got corrupted, others didn't. I will try to compare both files at the binary level and see what I can get from it, and then I'll try to get in touch with Amazon S3 Support, as this seems unrelated to iText. Thanks for the help though. 2014-09-04 2:46 GMT-03:00 iText mailing list i...@1t3xt.info: On 9/3/2014 9:27 PM, Paulo Melo wrote: I'm signing the file client-side and after I'm uploading it to S3, but when I download the file the signature becomes invalid. I was wondering if the HTTPS transport in between the client and the S3 end-point might be corrupting the signature. That would surprise me. See it as an envelope: HTTPS puts the signed file in an envelope without changing the files. When the envelope is received the original file is taken from the envelope. Normally, no bytes are changed in the process. In your case, bytes were changed (otherwise the signature wouldn't be invalid). Compare both files on the byte level and you may get one step closer to diagnose what changed those bytes. -- Slashdot TV. Video for Nerds. Stuff that matters. http://tv.slashdot.org/ ___ iText-questions mailing list iText-questions@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/itext-questions iText(R) is a registered trademark of 1T3XT BVBA. Many questions posted to this list can (and will) be answered with a reference to the iText book: http://www.itextpdf.com/book/ Please check the keywords list before you ask for examples: http://itextpdf.com/themes/keywords.php -- Paulo Melo Equipe Clip -- Slashdot TV. Video for Nerds. Stuff that matters. http://tv.slashdot.org/___ iText-questions mailing list iText-questions@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/itext-questions iText(R) is a registered trademark of 1T3XT BVBA. Many questions posted to this list can (and will) be answered with a reference to the iText book: http://www.itextpdf.com/book/ Please check the keywords list before you ask for examples: http://itextpdf.com/themes/keywords.php
