Hi John, I hope I'm wrong but as I understand you work with the hash of the plain PDF ? You need to create the signed PDF upfront and extract _this_ hash ...
Transporting the signable hash to the client and the encrypted data back should be a problem, as it is just a byte array. Why do you fiddle it into a signature ( P7M ) on the client side ? I feel more comfortable to do this on the server side ... "... instead of calculating the sha1 of sap.getRangeStream I use the signature RSA ..." sounds strange to me ! Do you replace a hash by a signature ? Sorry for asking more questions than giving answers ;-) Greetings Andreas ----- Original Message ---- From: john wine <[EMAIL PROTECTED]> To: [email protected] Sent: Friday, July 11, 2008 2:50:45 PM Subject: [iText-questions] PDF sign from hash Hi to everybody, I'm able to sign a document using iText without problem. Now, for performance reason, I need to sign a pdf in two separate steps where: step1) my client (java applet) receive from my server only the hash of the plain pdf, using a certificate (PKCS11), generate something signed and send back to the server step2) my server, when receives data from my client, have to build the signed pdf assembling the plain pdf with the sign information received from the client I attach my test (jre 1.5.0.12, iText 2.1.1, BouncyCastle 1.3.9) At this moment, in step1 (method operationalStep1), I'm generating a P7M of the hash received plus a cypher RSA/ECB/PKCS1Padding encrypted with my private key. In step2 (method operationalStep2) I build the signed pdf in like the sample "How to sign with a smartcard using an external signature dictionary" in http://itextpdf.sourceforge.net/howtosign.html where instead of calculating the sha1 of sap.getRangeStream I use the signature RSA received from the client. Unfortunately the signed pdf that I obtain is not valid: verifying the signature there is an error during BER and it's smaller than the original Does anybody have already experienced something like this? Any suggestions or hints? Thanks in advance John ------------------------------------------------------------------------- Sponsored by: SourceForge.net Community Choice Awards: VOTE NOW! Studies have shown that voting for your favorite open source project, along with a healthy diet, reduces your potential for chronic lameness and boredom. Vote Now at http://www.sourceforge.net/community/cca08 _______________________________________________ iText-questions mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/itext-questions Do you like iText? Buy the iText book: http://www.1t3xt.com/docs/book.php Or leave a tip: https://tipit.to/itexttipjar
