Self signed mode only supports SHA1withRSA with 1024 bit key. Acrobat may
accept more but the pdf reference doesn't. This is an old PKCS1 format that you
should not use.
Paulo
> -----Original Message-----
> From: mamueller [mailto:[email protected]]
> Sent: Thursday, September 10, 2009 9:54 AM
> To: [email protected]
> Subject: [iText-questions] Signature verification: Acrobat
> says valid, itext says invalid
>
>
> Hello,
>
> I have signed a PDF document with an external signature:
>
> Sign Parameters:
>
> - SHA256withRSA
> - 2048 Bit key
> - Self Signed Mode
>
> If i verify the PDF with Acrobat it says: "valid signature".
> But itext says "invalid signature";
>
> If i switch the hash alogo to SHA1withRSA and sign the
> document, Acrobat and
> also itext says signature is valid.
> Other hash Algos like MD5withRSA, SHA384withRSA, ... also
> fails with itext.
>
> Signed PDF with: SHA256withRSA, Self Signed Mode :
> http://www.nabble.com/file/p25379604/signed.pdf signed.pdf
>
> Has anybody an idea why itext says invalid signature?
>
> Thanks in advance
>
> Manfred
>
> Here is the verification source:
>
> try {
> String pkcs12Key = "C:\\myCert2048.p12";
>
> String fileKeyPassword = "my_password" ;
> Security.addProvider(new BouncyCastleProvider());
> KeyStore ks = KeyStore.getInstance("pkcs12", "BC");
>
> ks.load(new FileInputStream(pkcs12Key),
> fileKeyPassword.toCharArray());
> String alias =
> (String)ks.aliases().nextElement();
> X509Certificate cert = (X509Certificate)
> ks.getCertificate(alias);
> Certificate[] chain =
> ks.getCertificateChain(alias);
> PdfReader pdfReader = new
> PdfReader("c:\\signed.pdf");
>
> AcroFields acroFields = pdfReader.getAcroFields();
>
> ArrayList<String> signatureNames =
> acroFields.getSignatureNames();
> String signatureFieldName;
>
> for (Iterator<String> it = signatureNames.iterator();
> it.hasNext();) {
> signatureFieldName = (String) it.next();
>
> PdfPKCS7 pkcs7 =
> acroFields.verifySignature(signatureFieldName, "BC");
>
> pkcs7.verify(); // returns false, although
> acrobat says
> valid!
>
> }
> }
>
> catch (Exception ex) {
> ex.printStackTrace();
> }
Aviso Legal:
Esta mensagem é destinada exclusivamente ao destinatário. Pode conter
informação confidencial ou legalmente protegida. A incorrecta transmissão desta
mensagem não significa a perca de confidencialidade. Se esta mensagem for
recebida por engano, por favor envie-a de volta para o remetente e apague-a do
seu sistema de imediato. É proibido a qualquer pessoa que não o destinatário de
usar, revelar ou distribuir qualquer parte desta mensagem.
Disclaimer:
This message is destined exclusively to the intended receiver. It may contain
confidential or legally protected information. The incorrect transmission of
this message does not mean the loss of its confidentiality. If this message is
received by mistake, please send it back to the sender and delete it from your
system immediately. It is forbidden to any person who is not the intended
receiver to use, distribute or copy any part of this message.
------------------------------------------------------------------------------
Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day
trial. Simplify your report design, integration and deployment - and focus on
what you do best, core application coding. Discover what's new with
Crystal Reports now. http://p.sf.net/sfu/bobj-july
_______________________________________________
iText-questions mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/itext-questions
Buy the iText book: http://www.1t3xt.com/docs/book.php
Check the site with examples before you ask questions:
http://www.1t3xt.info/examples/
You can also search the keywords list: http://1t3xt.info/tutorials/keywords/
