After calling PdfSignatureAppearance.preClose() you must call
PdfSignatureAppearance.getRangeStream() to get the bytes that are going
to be signed.
Paulo
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On
> Behalf Of Fionn
> Sent: Wednesday, October 17, 2007 10:19 AM
> To: [email protected]
> Subject: [iText-questions] Signing PDF-Document with external
> Certificate and Signature (Signature is INVALID)
>
>
> Hi, i am a German student and i would like to create an
> application wich sign
> PDF-Documents with external signatures.
> Ok, the following things i want to do:
> 1) get the signature + certificate from Smard-Card(REINER) with OCF
> //the certificate
> X509Certificate tSigningCertificate =
> Gov2SmartCardHelper.getInstance().getSignatureX509Certificate();
> //sign the file and get the hash bytes with SHA1withRSA algorithm
> byte [] tBs =
> Gov2SmartCardHelper.getInstance().sign(IOHelper.getBytesFromFi
> le(tUnsignedFile));
> Certificate[] tCertificates = new
> Certificate[]{tSigningCertificate};
> 2) Add signature + certificate to the PDF-Document
>
> Calendar tCalendar = Calendar.getInstance();
> PdfStamper tStamper =
> PdfStamper.createSignature(tReader,tOutStream,'\0');
>
> PdfSignatureAppearance tSignatureAppearance =
> tStamper.getSignatureAppearance();
> tSignatureAppearance.setLayer2Text("signature.\n\nDate: today");
>
> tSignatureAppearance.setVisibleSignature(new
> com.lowagie.text.Rectangle(100, 180, 200, 200), 1, null);
> tSignatureAppearance.setSignDate(tCalendar);
> //Add the certificate
> tSignatureAppearance.setCrypto(null,tCertificates , null,
> PdfSignatureAppearance.SELF_SIGNED);
> tSignatureAppearance.setReason("AI-Signing reason");
> tSignatureAppearance.setLocation("Far far away");
> //i need this, otherwise i get a NullPointerException in the
> next line. The
> stacktrace, see end of message.
> tSignatureAppearance.setExternalDigest(new byte[128], null, "RSA");
> tSignatureAppearance.preClose();
>
> //add signature
> PdfPKCS7 tSig = tSignatureAppearance.getSigStandard().getSigner();
> tSig.setExternalDigest(tBs, null, "RSA");
>
> PdfDictionary dic = new PdfDictionary();
> dic.put(PdfName.CONTENTS, new
> PdfString(tSig.getEncodedPKCS1()).setHexWriting(true));
> tSignatureAppearance.close(dic);
>
> Its work but my Acrobat Reader says: Signature is INVALID
> - The Document hast been altered or Corrupt since th
> Signature was applied.
> - The Signer's Identety is Unknown becous it has not been
> included in your
> list of Trusted Identities and none of its parent
> Certificates are Trusted
> Identities.
>
> But i can see the certificate in Adobe-Reader!
> Sorry i am not a signing specialist but i think i have a
> working knowledge
> of signing.
>
> I would be very happy if anyone can help me or give me any tips.
>
> Greetings
>
> Fionn
>
> java.lang.NullPointerException
> at com.lowagie.text.pdf.PdfPKCS7.getEncodedPKCS1(Unknown Source)
> at
> com.lowagie.text.pdf.PdfSigGenericPKCS.setSignInfo(Unknown Source)
> at
> com.lowagie.text.pdf.PdfSignatureAppearance.preClose(Unknown Source)
> at
> com.lowagie.text.pdf.PdfSignatureAppearance.preClose(Unknown Source)
> at PDFSigner.sign(PDFSigner.java:103)
> tSignatureAppearance.close(dic);
Aviso Legal:
Esta mensagem é destinada exclusivamente ao destinatário. Pode conter
informação confidencial ou legalmente protegida. A incorrecta transmissão desta
mensagem não significa a perca de confidencialidade. Se esta mensagem for
recebida por engano, por favor envie-a de volta para o remetente e apague-a do
seu sistema de imediato. É proibido a qualquer pessoa que não o destinatário de
usar, revelar ou distribuir qualquer parte desta mensagem.
Disclaimer:
This message is destined exclusively to the intended receiver. It may contain
confidential or legally protected information. The incorrect transmission of
this message does not mean the loss of its confidentiality. If this message is
received by mistake, please send it back to the sender and delete it from your
system immediately. It is forbidden to any person who is not the intended
receiver to use, distribute or copy any part of this message.
-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems? Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________
iText-questions mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/itext-questions
Buy the iText book: http://itext.ugent.be/itext-in-action/
