Hey, ive seen a lot of invalid signature threads, but none seems to fix my
problem.
Im signing a pdf using Itext (in java) but i always get the invalid
signature error.
Weird thing is, i can see the algorithm using for signing and the
certificates used on the pdf's properties, the error message says that the
document has been altered or corrupted since the the signature was applied.
maybe theres something wrong with the way i insert the document's hash or
how i create it?
heres the code:
try{
System.out.println("started");
// Initializes the Citizens Card
CcMethods.init();
//Creates the test files and gets their streams
File inFile = new File("C:/unsigned.pdf");
File outFile = new File("C:/signed.pdf");
FileInputStream is = new FileInputStream(inFile);
FileOutputStream os = new FileOutputStream(outFile);
// Creates a reader, gets the first page and creates a signature
PdfReader reader = new PdfReader(is);
is.close();
Rectangle rect = reader.getPageSize(1);
PdfStamper stamp = PdfStamper.createSignature(reader, os, '\0');
PdfSignatureAppearance appearance =
stamp.getSignatureAppearance();
// Sets the signature visible and on the front page (top right
corner)
appearance.setVisibleSignature(new Rectangle(rect.getWidth() -
82,
rect.getHeight()- 78, rect.getWidth() -10, rect.getHeight() -30), 1, "sig");
// Sets crypto parameters with the proper certificates
appearance.setCrypto(null, CcMethods.getChain(), null,
PdfSignatureAppearance.SELF_SIGNED);
// Reason and location
appearance.setReason("Very good reason");
appearance.setLocation("Great location");
appearance.setContact("Some sort of contact");
// Sets the signature to a value
appearance.setExternalDigest(new byte[128], null, "RSA");
appearance.preClose();
// Process of hash generation
MessageDigest md = MessageDigest.getInstance("SHA-1"); //
SHA or MD5
byte buf[] = new byte[8192];
int n;
InputStream rs = appearance.getRangeStream();
while ((n = rs.read(buf)) > 0)
md.update(buf, 0, n); // Reads it all at one go. Might
be better to
chunk it.
// Gets Hash from rangeStream
byte[] hash = md.digest();
// Signs the hash
byte[] signedHash = CcMethods.sign(hash);
if(signedHash != null){
System.out.println("Hash signed");
PdfDictionary dic = new PdfDictionary();
PdfPKCS7 sig =
appearance.getSigStandard().getSigner();
sig.setExternalDigest(signedHash, null, "RSA");
dic.put(PdfName.CONTENTS, new
PdfString(sig.getEncodedPKCS1()).setHexWriting(true));
appearance.close(dic);
}
else
System.out.println("Hash not signed");
// Finish using the Citizens Card
CcMethods.finish();
os.close();
System.out.println("finished");
}
catch (Exception e){
e.printStackTrace();
}
anyone knows what im doing wrong here?
--
View this message in context:
http://itext-general.2136553.n4.nabble.com/Another-invalid-signature-thread-tp3003710p3003710.html
Sent from the iText - General mailing list archive at Nabble.com.
------------------------------------------------------------------------------
Download new Adobe(R) Flash(R) Builder(TM) 4
The new Adobe(R) Flex(R) 4 and Flash(R) Builder(TM) 4 (formerly
Flex(R) Builder(TM)) enable the development of rich applications that run
across multiple browsers and platforms. Download your free trials today!
http://p.sf.net/sfu/adobe-dev2dev
_______________________________________________
iText-questions mailing list
iText-questions@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/itext-questions
Many questions posted to this list can (and will) be answered with a reference
to the iText book: http://www.itextpdf.com/book/
Please check the keywords list before you ask for examples:
http://itextpdf.com/themes/keywords.php
