You must call isAssinado(). Just getting the names is no guarantee that a signed document was not modified and the signature invalidated.
Paulo ----- Original Message ----- From: "Filipe Fedalto" <[EMAIL PROTECTED]> To: "Post all your questions about iText here" <[email protected]> Sent: Friday, June 30, 2006 7:13 PM Subject: Re: [iText-questions] Problem checking whether a document hasbeensigned Hi, Paulo, Thnk you very much for your answer. I am using JRE 1.5. Therefore it seems that it would really be a bug with the crypto provider. As you sugested, I changed the application so it would use BouncyCastle provider. Ok, so far, so good. Nevertheless, one question is still intriguing me. Is this the right way to check whether a PDF file is signed, disregarding the signature validity? Could I comment the entire for loop in my isAssinado() method? If the return of af.getSignatureNames() is not null and has at least 1 name, does that alone mean that there is a signature? Thnak you all in advance. Filipe Fedalto On 30/06/06, Paulo Soares <[EMAIL PROTECTED]> wrote: > > That's a bug with your crypto provider. Use a more recent JDK or another > crypto provider, like bouncycastle. > > Paulo > > > -----Original Message----- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED] On > > Behalf Of Filipe Fedalto > > Sent: Friday, June 30, 2006 3:59 PM > > To: [email protected] > > Subject: [iText-questions] Problem checking whether a > > document has beensigned > > > > Hi all, > > > > I'm using iText to check whether some input PDF document has > > been signed. I don't need do actually check or certify the > > signature validity. I only need to know whether the document > > is signed, even though it is signed with a self-signed test > > certificate. > > > > So I have the following method to check this "signature > > existance" in the informed PDFReader. The red line is the one > > throwing the exception, in the stack trace below. > > > > > > public static boolean isAssinado(PdfReader documentoPDF) > > throws IOException, SignatureException { > > Object[] falhas = null; > > boolean assinado = false; > > // Obter o keystore > > KeyStore kall = PdfPKCS7.loadCacertsKeyStore(); > > > > // Recuperar AcroFields do documento > > AcroFields af = documentoPDF.getAcroFields(); > > > > // Recuperar nomes de assinaturas > > ArrayList names = af.getSignatureNames(); > > LOG.debug("Nomes de Assinatura: "+names); > > assinado = names != null && names.size () > 0; > > > > // Itera os nomes de assinaturas obtidos > > if (assinado) { > > for (int k = 0; k < names.size(); ++k) { > > String name = (String) names.get(k); > > LOG.debug("Nome da Assinatura: " + name); > > LOG.debug("Assinatura todo o documento? " + > > af.signatureCoversWholeDocument(name)); > > LOG.debug("Revisão do Documento: " + af.getRevision(name) > > + " de " + af.getTotalRevisions()); > > PdfPKCS7 pk = af.verifySignature(name); > > Calendar cal = pk.getSignDate(); > > LOG.debug("Data de Assinatura: "+formatter.format(cal.getTime())); > > LOG.debug("Assunto: " + > > PdfPKCS7.getSubjectFields(pk.getSigningCertificate())); > > boolean verificado = pk.verify(); > > assinado &= verificado; > > LOG.debug("Documento foi modificado? " + !verificado); > > } > > } > > LOG.info("Documento Assinado? "+assinado); > > return assinado; > > } > > > > > > > > However, > > > > When I execute this code with real Tokens (A3), I get the > > following exception: > > ExceptionConverter: > > java.security.cert.CertificateException: > > sun.security.pkcs.ParsingException: toDerInputStream rejects > > tag type -96 > > at > > sun.security.provider.X509Factory.engineGenerateCertificates > > (Unknown Source) > > at > > java.security.cert.CertificateFactory.generateCertificates(Unk > > nown Source) > > at com.lowagie.text.pdf.PdfPKCS7.<init>(PdfPKCS7.java:250) > > at com.lowagie.text.pdf.AcroFields.verifySignature > > (AcroFields.java:1627) > > at > > com.lowagie.text.pdf.AcroFields.verifySignature(AcroFields.java:1583) > > at br.com.ect.sadel.common.PDFUtils.isAssinado > > (PDFUtils.java:50) > > at > > br.com.ect.sadel.control.PreparacaoDocumentoControle.executarP > > reparacao(PreparacaoDocumentoControle.java:267) > > at > > br.com.ect.sadel.control.PreparacaoDocumentoControle.executarP > > reparacao (PreparacaoDocumentoControle.java:129) > > at > > br.com.ect.sadel.control.PreparacaoDocumentoControle.run(Prepa > > racaoDocumentoControle.java:475) > > at java.lang.Thread.run(Unknown Source) > > Caused by: sun.security.pkcs.ParsingException : > > toDerInputStream rejects tag type -96 > > at sun.security.pkcs.PKCS7.parse(Unknown Source) > > at sun.security.pkcs.PKCS7.<init>(Unknown Source) > > at > > sun.security.provider.X509Factory.parseX509orPKCS7Cert > > (Unknown Source) > > ... 10 more > > Caused by: java.io.IOException: toDerInputStream rejects tag type -96 > > at sun.security.util.DerValue.toDerInputStream(Unknown Source) > > at sun.security.pkcs.PKCS7.parseSignedData (Unknown Source) > > at sun.security.pkcs.PKCS7.parse(Unknown Source) > > ... 13 more > > > > > > Do you have any idea about why this exception is being thrown? > > > > Is my code correct? I mean, is this the right way to check > > whether the document has been signed? Like I said, I don't > > want to certify or validate the signature, I only need to > > know whether the document has been somehow signed, no matter > > what type the signature is and what origin or validity it has. > > > > Thank you all in advance, > > > > Filipe Fedalto > > > > Cansado dos disparates e despautérios da República? > > Quer um basta nas desventuras de nossos governantes? > > Acesse http://www.monarquia.org.br e http://www.brasilimperial.org.br > > e saiba mais a respeito. > > > > > Aviso Legal: > Esta mensagem é destinada exclusivamente ao destinatário. Pode conter > informação confidencial ou legalmente protegida. A incorrecta transmissão > desta mensagem não significa a perca de confidencialidade. Se esta > mensagem > for recebida por engano, por favor envie-a de volta para o remetente e > apague-a do seu sistema de imediato. É proibido a qualquer pessoa que não > o > destinatário de usar, revelar ou distribuir qualquer parte desta mensagem. > > Disclaimer: > This message is destined exclusively to the intended receiver. It may > contain confidential or legally protected information. The incorrect > transmission of this message does not mean the loss of its > confidentiality. > If this message is received by mistake, please send it back to the sender > and delete it from your system immediately. It is forbidden to any person > who is not the intended receiver to use, distribute or copy any part of > this > message. > > Using Tomcat but need to do more? Need to support web services, security? > Get stuff done quickly with pre-integrated technology to make your job > easier > Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo > http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 > _______________________________________________ > iText-questions mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/itext-questions > -------------------------------------------------------------------------------- > Using Tomcat but need to do more? Need to support web services, security? > Get stuff done quickly with pre-integrated technology to make your job > easier > Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo > http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 -------------------------------------------------------------------------------- > _______________________________________________ > iText-questions mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/itext-questions > Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 _______________________________________________ iText-questions mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/itext-questions
