Shouldn't the signature.sign() be after the signature.update()?
Paulo
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On
> Behalf Of [EMAIL PROTECTED]
> Sent: Saturday, July 29, 2006 2:00 PM
> To: [email protected]
> Subject: [iText-questions] Signing PDF with a PKCS11 smart card
>
> Hello!
> I'm rather new to both iText and smart cards, but I need to
> sign a PDF twice,
> preserving the first signature, using a pkcs#11 provider (I
> use the Sun
> implementation).
> With standard Java I managed to load the right DLL and get
> access to the
> keystore and eventually to the certificate and the interface
> to the private key.
> I know the latter is not the actual key, so signing with the
> chunk suggested in
> the javadoc of PDFStamper.createSignature won't work. Instead I tried
>
> PdfReader reader = new PdfReader(this.fileToSign);
> FileOutputStream fout = new FileOutputStream(this.signedFile);
> PdfStamper stamper = PdfStamper.createSignature(reader,
> fout, '\0', new
> File("/temp"), true);
> PdfSignatureAppearance sap =
> stamper.getSignatureAppearance(); // I
> want it invisible
> sap.setReason(this.reason);
> sap.setLocation(this.location);
>
> java.util.Calendar now=java.util.Calendar.getInstance();
> sap.setSignDate(now);
> sap.setCrypto(null, chain, null,
> PdfSignatureAppearance.SELF_SIGNED);
> sap.setExternalDigest(new byte[128], null, "RSA");
> sap.preClose();
> byte[] content =
> inputStreamToByteArray(sap.getRangeStream()); //
> <<<<<<<<< Exception thrown here <<<<<<<<<<<
> Signature signature =
> Signature.getInstance("SHA1withRSA", provider);
> byte[] signatureBytes = signature.sign();
> signature.initSign((PrivateKey)key);
> signature.update(content);
>
> PdfPKCS7 sig = sap.getSigStandard().getSigner();
> sig.setExternalDigest(signatureBytes, null, "RSA");
> PdfDictionary dic = new PdfDictionary();
> dic.put(PdfName.CONTENTS, new
> PdfString(sig.getEncodedPKCS1()).setHexWriting(true));
> sap.close(dic);
>
> When I reach
> byte[] signatureBytes = signature.sign();
> I get a SignatureException: "object not initialized for signing"
> On the smart card I use are two aliases: I get the same
> result with both of them
> (although I must admit I'm not sure which one I should use: I
> don't know exactly
> what they represent!)
> I figured that if the code I use worked, I could use it "as
> is" to append the
> second signature.
> Please could someone either help me with the code for signing
> (maybe twice ;) )
> or address me to a good tutorial about what's inside a PKCS11
> smart card and how
> it's organized?
> Thanks in advance!
>
>
>
> --------------------------------------------------------------
> -----------
> Take Surveys. Earn Cash. Influence the Future of IT
> Join SourceForge.net's Techsay panel and you'll get the
> chance to share your
> opinions on IT & business topics through brief surveys -- and
> earn cash
> http://www.techsay.com/default.php?page=join.php&p=sourceforge
> &CID=DEVDEV
> _______________________________________________
> iText-questions mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/itext-questions
>
Aviso Legal:
Esta mensagem é destinada exclusivamente ao destinatário. Pode conter
informação confidencial ou legalmente protegida. A incorrecta transmissão desta
mensagem não significa a perca de confidencialidade. Se esta mensagem for
recebida por engano, por favor envie-a de volta para o remetente e apague-a do
seu sistema de imediato. É proibido a qualquer pessoa que não o destinatário de
usar, revelar ou distribuir qualquer parte desta mensagem.
Disclaimer:
This message is destined exclusively to the intended receiver. It may contain
confidential or legally protected information. The incorrect transmission of
this message does not mean the loss of its confidentiality. If this message is
received by mistake, please send it back to the sender and delete it from your
system immediately. It is forbidden to any person who is not the intended
receiver to use, distribute or copy any part of this message.
-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys -- and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
iText-questions mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/itext-questions
