A signature with an empty timestamp attribute will cause an exception. Sample pdf file test1.pdf:
http://old.nabble.com/PDF-signature-validation-problems-p25995965.html Issue in PdfPKCS7.java Old: AttributeTable attble = new AttributeTable(unat); Attribute ts = attble.get(PKCSObjectIdentifiers.id_aa_signatureTimeStampToken); if (ts != null) { New: AttributeTable attble = new AttributeTable(unat); Attribute ts = attble.get(PKCSObjectIdentifiers.id_aa_signatureTimeStampToken); if (ts != null && ts.getAttrValues().size() > 0) { BTW: there are alot of assumptions in this class about existing asn1 objects (.getObjectAt(0)) without any range checks, most of the code is redundant because bouncycastles already offers CMSProcessableByteArray data = new CMSProcessableByteArray(pdfDataToVerify); // BYTERANGES cmsSignedData = new CMSSignedData(data, dataSignature); The approach is different for pkcs1 rsa signatures tho. ------------------------------------------------------------------------------ The Planet: dedicated and managed hosting, cloud storage, colocation Stay online with enterprise data centers and the best network in the business Choose flexible plans and management services without long-term contracts Personal 24x7 support from experience hosting pros just a phone call away. http://p.sf.net/sfu/theplanet-com _______________________________________________ iText-questions mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/itext-questions Buy the iText book: http://www.1t3xt.com/docs/book.php Check the site with examples before you ask questions: http://www.1t3xt.info/examples/ You can also search the keywords list: http://1t3xt.info/tutorials/keywords/
