You calculate the hash in the server and send it to the client, that's 20 bytes. You don't need the private key to calculate the hash. The client signs the hash and returns a PKCS7 to the server that includes it in the PDF.
Paulo > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On > Behalf Of Eneko González Benito > Sent: Monday, January 21, 2008 3:37 PM > To: Post all your questions about iText here > Subject: Re: [iText-questions] Two questions:External > signature andPDF parsing > > Bruno Lowagie escribió: > > Er... I think you should rethink your design. > You want to sign a PDF on serverside using a private > key that never leaves the client side? > This can't be done without client side software that > creates the hash. > > > So if the client has to create the hash, i need to send the > full PDF, correct? > > > Why don't you sign the PDF on client side? > > > When you say 'sign', do you mean 'calculate the hash, sign, > and resend the PDF'? > > I don't mind doing it this way but i've read somewhere > (sorry, i don't remember where) that you could sign a PDF in > the client side without sending the full PDF so i thought > that you'll only send the hash, but if it has to be created > in the client ... this takes me to the same question: do i > need to send the full PDF? > > Thanks for your patience :) > > -- > Eneko González Benito > > Ezinbestekoa ez bada, ez imprimatu mezu hau; zaindu ingurumena. > No imprima este e-mail si no es totalmente necesario; respete > el Medio Ambiente. > Don't print this e-mail unless it is absolutely necessary; > respect the environment. > Aviso Legal: Esta mensagem é destinada exclusivamente ao destinatário. Pode conter informação confidencial ou legalmente protegida. A incorrecta transmissão desta mensagem não significa a perca de confidencialidade. Se esta mensagem for recebida por engano, por favor envie-a de volta para o remetente e apague-a do seu sistema de imediato. É proibido a qualquer pessoa que não o destinatário de usar, revelar ou distribuir qualquer parte desta mensagem. Disclaimer: This message is destined exclusively to the intended receiver. It may contain confidential or legally protected information. The incorrect transmission of this message does not mean the loss of its confidentiality. If this message is received by mistake, please send it back to the sender and delete it from your system immediately. It is forbidden to any person who is not the intended receiver to use, distribute or copy any part of this message. ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ iText-questions mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/itext-questions Buy the iText book: http://itext.ugent.be/itext-in-action/
