Hi,
building an application able to sign pdfs with external signatures I
encountered problems with Aladdin eTokens - which are USB tokens. (With a
lot of different Smartcard Types the application works perfectly fine).
Signing works but afterwards Acrobat can not validate the signature. It
complains: "Signature not valid - document has been altered ....".
It seams that the signature and digest are somehow not correctly embedded
into the pdf.
I really have not idea why USB tokens should not behave the same as
smartcard tokens. Or is this a known problem with Aladding Tokens?
I would be very glad if someone could give me a hint or has encountered
similar problems. Has somebody successfully signed pdfs with Aladdin
eTokesn?
Below is the used code:
Thanks in advance !
Boris
fout = new FileOutputStream(sigParams.getOutPath());
stp = PdfStamper.createSignature(sigParams.getReader(), fout, '\0');
PdfSignatureAppearance sap = stp.getSignatureAppearance();
sap.setCrypto(null, chain, null, PdfSignatureAppearance.WINCER_SIGNED);
// create a visible signature
sap.setVisibleSignature(new Rectangle(100, 100, 100, 100), 1, null);
// buffer for signature and hash
sap.setExternalDigest(new byte[512], new byte[20], "RSA");
sap.preClose();
PdfPKCS7 sig = sap.getSigStandard().getSigner();
// create a message digest for hashing the content of the pdf
MessageDigest messageDigest = MessageDigest.getInstance("SHA1");
// put the whole hash into the digest
byte buf[] = new byte[8192];
int n;
// load content to sign
InputStream inp = sap.getRangeStream();
while ((n = inp.read(buf)) > 0) {
messageDigest.update(buf, 0, n);
}
// finally create the hash value
byte[] hash = messageDigest.digest();
Signature sign = Signature.getInstance("SHA1withRSA");
sign.initSign(privKey);
sign.update(hash);
sig.setExternalDigest(sign.sign(), hash, "RSA");
PdfDictionary dic = new PdfDictionary();
PdfSigGenericPKCS sg = sap.getSigStandard();
PdfLiteral slit = (PdfLiteral)sg.get(PdfName.CONTENTS);
byte[] outc = new byte[(slit.getPosLength() - 2) / 2];
byte[] ssig = sig.getEncodedPKCS7();
System.arraycopy(ssig, 0, outc, 0, ssig.length);
// create new pdf content
dic.put(PdfName.CONTENTS, new PdfString(outc).setHexWriting(true));
sap.close(dic);
fout.close();
-------------------------------------------------------------------------
SF.Net email is sponsored by: The Future of Linux Business White Paper
from Novell. From the desktop to the data center, Linux is going
mainstream. Let it simplify your IT future.
http://altfarm.mediaplex.com/ad/ck/8857-50307-18918-4
_______________________________________________
iText-questions mailing list
iText-questions@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/itext-questions
Buy the iText book: http://itext.ugent.be/itext-in-action/
