Hi Paulo.
Can I control when I build PDFApparence that byterange only has two parts ?
Diffrence betwen my code and the sample that use keyStore before call
preclose is :
With KeyStore :
sap.setCrypto(key, chain, null,
PdfSignatureAppearance.WINCER_SIGNED);
sap.setReason("I'm the author");
sap.setLocation("Lisbon");
sap.setVisibleSignature("Signature1");
sap.setExternalDigest(null, new byte[20], null);
My code :
sap.setVisibleSignature("Signature1");
sap.setLayer2Text("This is some custom made text.");
PdfDictionary dic = new PdfDictionary();
dic.put(PdfName.FT, PdfName.SIG);
dic.put(PdfName.FILTER, new PdfName("Adobe.PPKMS"));
dic.put(PdfName.SUBFILTER, new PdfName("adbe.pkcs7.detached"));
sap.setCryptoDictionary(dic);
HashMap exc = new HashMap();
exc.put(PdfName.NAME, new Integer(0xF));
exc.put(PdfName.REASON, new Integer(0x10));
exc.put(PdfName.CONTENTS, new Integer(0x133A));
Is it normal that using this code, the byteRange value is divided in all
parts ?
Another question is :
My pkcs7 constructor function calculate the hash from a data input
internally. If I use the sap.getRangeStream() output as my data input, is
this correct ?
Regards.
From: "Paulo Soares" <[EMAIL PROTECTED]>
Reply-To: "Paulo Soares" <[EMAIL PROTECTED]>
To: "Juan Sanchez"
<[EMAIL PROTECTED]>,<itext-questions@lists.sourceforge.net>,"Leonard
Rosenthol" <[EMAIL PROTECTED]>
Subject: Re: [iText-questions] Add signatures in a existing blank
signature
Date: Fri, 12 Aug 2005 00:15:22 +0100
In theory Acrobat doesn't care but in practice, at least with Acrobat 6, if
the byte range has more than one exclude section it always fails. Other
Acrobat plug-in may behave differently but with the standard crypto that's
what I see.
----- Original Message -----
From: "Leonard Rosenthol" <[EMAIL PROTECTED]>
To: "Paulo Soares" <[EMAIL PROTECTED]>; "Juan Sanchez"
<[EMAIL PROTECTED]>; <itext-questions@lists.sourceforge.net>
Sent: Thursday, August 11, 2005 8:45 PM
Subject: Re: [iText-questions] Add signatures in a existing blank signature
> At 12:36 PM 8/11/2005, Paulo Soares wrote:
> >As I said, if you want Acrobat to verify the signature you can only
exclude
> >the Contents from the byte range.
>
> Assuming that is what is being hashed and marked as such.
>
> You can actually exclude anything you want - and as long as
> your byte ranges and hashes match, Acrobat doesn't care what you've
excluded.
>
> It is, however, a potential security hole to exclude
> anything else - but there may be good reason.
>
>
> Leonard
>
>
>
>
--------------------------------------------------------------------------
-
> Leonard Rosenthol
<mailto:[EMAIL PROTECTED]>
> Chief Technical Officer <http://www.pdfsages.com>
> PDF Sages, Inc. 215-938-7080 (voice)
> 215-938-0880 (fax)
>
_________________________________________________________________
Don't just search. Find. Check out the new MSN Search!
http://search.msn.click-url.com/go/onm00200636ave/direct/01/
-------------------------------------------------------
SF.Net email is Sponsored by the Better Software Conference & EXPO
September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices
Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA
Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf
_______________________________________________
iText-questions mailing list
iText-questions@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/itext-questions
