Sorry about post it again, but the replys i found, doesnt match with my question.
Im doing a java application to sign pdf. The signing process its not a problem, but now, we want to add time stamping to our application. We access to the web browser key store to get the user certificate. we get te user certificates without problems and sign the pdf. i have tried to sign a pdf with a time stamp like itext howto(http://itextpdf.sourceforge.net/howtosign.html), but applied to microsoft key store this way: Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider()); String TSA_URL = "http://tsa.safelayer.com:8093";; String TSA_ACCNT = ""; String TSA_PASSW = ""; String IN_FILE = "c:\\hello.pdf"; String OUT_FILE = "c:\\hello_signed.pdf"; ks = KeyStore.getInstance("Windows-MY"); ks.load(null, null); Enumeration aliases = ks.aliases(); String alias = (String) aliases.nextElement(); PrivateKey key = (PrivateKey)ks.getKey(alias, PASS.toCharArray()); Certificate[] chain = ks.getCertificateChain(alias); TSAClient tsc = new TSAClientBouncyCastle(TSA_URL, TSA_ACCNT, TSA_PASSW); PdfReader reader = new PdfReader(IN_FILE); FileOutputStream fout = new FileOutputStream(OUT_FILE); PdfStamper stp = PdfStamper.createSignature(reader, fout, '\0'); PdfSignatureAppearance sap = stp.getSignatureAppearance(); sap.setCrypto(null, chain, null, PdfSignatureAppearance.SELF_SIGNED); sap.setVisibleSignature(new Rectangle(100, 100, 300, 200), 1, "Signature"); PdfSignature dic = new PdfSignature(PdfName.ADOBE_PPKLITE, new PdfName("adbe.pkcs7.detached")); dic.setReason(sap.getReason()); dic.setLocation(sap.getLocation()); dic.setContact(sap.getContact()); dic.setDate(new PdfDate(sap.getSignDate())); sap.setCryptoDictionary(dic); int contentEstimated = 15000; HashMap exc = new HashMap(); exc.put(PdfName.CONTENTS, new Integer(contentEstimated * 2 + 2)); sap.preClose(exc); PdfPKCS7 sgn = new PdfPKCS7(key, chain, null, "SHA1", null, false); InputStream data = sap.getRangeStream(); MessageDigest messageDigest = MessageDigest.getInstance("SHA1"); byte buf[] = new byte[8192]; int n; while ((n = data.read(buf)) > 0) { messageDigest.update(buf, 0, n); } byte hash[] = messageDigest.digest(); Calendar cal = Calendar.getInstance(); byte[] ocsp = null; if (chain.length >= 2) { String url = PdfPKCS7.getOCSPURL((X509Certificate)chain[0]); if (url != null && url.length() > 0) ocsp = new OcspClientBouncyCastle((X509Certificate)chain[0], (X509Certificate)chain[1], url).getEncoded(); } byte sh[] = sgn.getAuthenticatedAttributeBytes(hash, cal, ocsp); sgn.update(sh, 0, sh.length); byte[] encodedSig = sgn.getEncodedPKCS7(hash, cal, tsc, ocsp); if (contentEstimated + 2 < encodedSig.length) throw new Exception("Not enough space"); byte[] paddedSig = new byte[contentEstimated]; System.arraycopy(encodedSig, 0, paddedSig, 0, encodedSig.length); PdfDictionary dic2 = new PdfDictionary(); dic2.put(PdfName.CONTENTS, new PdfString(paddedSig).setHexWriting(true)); sap.close(dic2); but when i run the code i get the following error: ExceptionConverter: java.lang.Exception: Failed to get TSA response from 'http://tsa.safelayer.com:8093' at com.lowagie.text.pdf.TSAClientBouncyCastle.getTimeStampToken(Unknown Source) at com.lowagie.text.pdf.TSAClientBouncyCastle.getTimeStampToken(Unknown Source) at com.lowagie.text.pdf.PdfPKCS7.getEncodedPKCS7(Unknown Source) and it could be posible because the TSA service its correct and it works, and it no matter because i have tried several tsa services and i get allways the same message. Any idea?? im doing anything bad?, because i tried to follow the itext how to but applied to my code Anyone know another tutorial or link where i can find more info. thx alot for all, and sorry for my inglish -- View this message in context: http://old.nabble.com/PDF-and-timeStamping-tp26621719p26621719.html Sent from the iText - General mailing list archive at Nabble.com. ------------------------------------------------------------------------------ Join us December 9, 2009 for the Red Hat Virtual Experience, a free event focused on virtualization and cloud computing. Attend in-depth sessions from your desk. Your couch. Anywhere. http://p.sf.net/sfu/redhat-sfdev2dev _______________________________________________ iText-questions mailing list iText-questions@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/itext-questions Buy the iText book: http://www.1t3xt.com/docs/book.php Check the site with examples before you ask questions: http://www.1t3xt.info/examples/ You can also search the keywords list: http://1t3xt.info/tutorials/keywords/
