Correct. Leonard
On Sep 9, 2008, at 1:06 PM, Paulo Soares wrote: > It won't work. You may put as many signers as you want in the PKCS7 > but the PDF specification only accepts a single signer. > > Paulo > >> -----Original Message----- >> From: [EMAIL PROTECTED] >> [mailto:[EMAIL PROTECTED] On >> Behalf Of drivexcite >> Sent: Tuesday, September 09, 2008 3:52 PM >> To: [email protected] >> Subject: Re: [iText-questions] PDF Digital Signature: >> precalculated signature and hash. >> >> >> Please, let us know your results! >> Thanks. >> >> >> Andreas Kuehne-2 wrote: >>> >>> Hi ! >>> >>> What's the problem with co-signing ? >>> PKCS7 supports it from the beginning ( guess back in the >> 90ies ). You can >>> add signers to the signature as you like. You can add new >> signers to a >>> given signature without breaking the document ( if the >> signature space >>> within the PDF is big enough, because it grows with every >> new signer ). >>> >>> I'm not sure whether Acrobat supprts co-signing, but I'll >> give it a try .. >>> >>> Greetings >>> >>> Andreas >>> >>> >>> >>> ----- Original Message ---- >>> From: Leonard Rosenthol <[EMAIL PROTECTED]> >>> To: Post all your questions about iText here >>> <[email protected]> >>> Sent: Friday, September 5, 2008 7:34:57 PM >>> Subject: Re: [iText-questions] PDF Digital Signature: precalculated >>> signature and hash. >>> >>> PDF signatures do not work the way you wish. >>> >>> The concept of "parallel signatures" that you describe is one that >>> various standards bodies are currently investigating for >> the future of >>> PDF. >>> >>> Leonard >>> >>> >>> On Sep 5, 2008, at 1:27 PM, drivexcite wrote: >>> >>>> >>>> Hi everyone, >>>> >>>> I have a static PDF document that needs to be signed by different >>>> users; the >>>> document cannot be modified until all the user's signatures are >>>> collected. >>>> >>>> Unfortunately, all the examples of multiple signatures I've seen so >>>> far, >>>> somehow change the state of the source document, and as a result, >>>> calculating the hash multiple times using >>>> PDfSignatureAppearance.getRangeStream() does not produce the same >>>> value. >>>> Apparently, the first signature protects the original document, the >>>> second >>>> signature protects the first signed version, and so on. >>>> >>>> I want all signatures protects the original document. >>>> >>>> So my questions are: >>>> 1.- It is possible to calculate a digital signature on >> a PDF document >>>> without modifying it? What stream of bytes can I use to >> obtain this >>>> result? >>>> (I'm sure getRangeStream() is not the answer) >>>> 2.- In the example "How to sign with an external >> signature and a >>>> standard >>>> filter" I noticed the hash is calculated using >> getRangeStream(), BUT >>>> the >>>> signature is calculated using the hash! Is that right? I'm not a >>>> security >>>> expert but I think the signature should be calculated using the >>>> source data, >>>> not the hash. >>>> 3.- Once the hashes and signatures has been calculated over the >>>> source >>>> data, how can I create a signed PDF version? >>>> >>>> I found a similar >>>> >> http://www.nabble.com/sign-a-pdf-document-using-external-hash- >> and-signature-tt8747172.html#a8747172 >>>> question on the forum, but it remains unanswered. >>>> >>>> Thanks! >>>> Tonatihu Díaz. >>>> -- >>>> View this message in context: >>>> >> http://www.nabble.com/PDF-Digital-Signature%3A-precalculated-s >> ignature-and-hash.-tp19336006p19336006.html >>>> Sent from the iText - General mailing list archive at Nabble.com. > > > Aviso Legal: > Esta mensagem é destinada exclusivamente ao destinatário. Pode > conter informação confidencial ou legalmente protegida. A incorrecta > transmissão desta mensagem não significa a perca de > confidencialidade. Se esta mensagem for recebida por engano, por > favor envie-a de volta para o remetente e apague-a do seu sistema de > imediato. É proibido a qualquer pessoa que não o destinatário de > usar, revelar ou distribuir qualquer parte desta mensagem. > > Disclaimer: > This message is destined exclusively to the intended receiver. It > may contain confidential or legally protected information. The > incorrect transmission of this message does not mean the loss of its > confidentiality. If this message is received by mistake, please send > it back to the sender and delete it from your system immediately. It > is forbidden to any person who is not the intended receiver to use, > distribute or copy any part of this message. > > ------------------------------------------------------------------------- > This SF.Net email is sponsored by the Moblin Your Move Developer's > challenge > Build the coolest Linux based applications with Moblin SDK & win > great prizes > Grand prize is a trip for two to an Open Source event anywhere in > the world > http://moblin-contest.org/redirect.php?banner_id=100&url=/ > _______________________________________________ > iText-questions mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/itext-questions > > Buy the iText book: http://www.1t3xt.com/docs/book.php ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ iText-questions mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/itext-questions Buy the iText book: http://www.1t3xt.com/docs/book.php
