Hi
I'd love to use itext.
I want to sign my file in 3 phases:
1. Create the hash
2. Sign the hash
3. Integrate signature
But when i verify my file, itext says that it was modified.
Here is my 3 function:
static void createDigest() throws KeyStoreException, IOException,
NoSuchAlgorithmException, CertificateException, URISyntaxException,
UnrecoverableKeyException, DocumentException{
URL pdfURL = App.class.getResource("/voivang.pdf");
URL ksURL = App.class.getResource("/keystore.jks");
KeyStore keyStore = KeyStore.getInstance("JKS");
keyStore.load(new FileInputStream(new File(ksURL.toURI())),
"123456".toCharArray());
String alias = "customer";
PrivateKey privateKey = (PrivateKey) keyStore.getKey(alias,
"123456".toCharArray());
Certificate[] certificates = keyStore.getCertificateChain(alias);
PdfReader reader = new PdfReader(new FileInputStream(new
File(pdfURL.toURI())));
//FileOutputStream fout = new FileOutputStream("signed.pdf");
PdfStamper stp = PdfStamper.createSignature(reader, null, '\0');
PdfSignatureAppearance sap = stp.getSignatureAppearance();
sap.setCrypto(null,certificates , null,
PdfSignatureAppearance.WINCER_SIGNED);
//sap.setCrypto(privateKey,certificates , null,
PdfSignatureAppearance.WINCER_SIGNED);
PdfSignature dic = new PdfSignature(PdfName.ADOBE_PPKLITE, new
PdfName("adbe.pkcs7.detached"));
dic.setReason(sap.getReason());
dic.setLocation(sap.getLocation());
dic.setContact(sap.getContact());
dic.setDate(new PdfDate(sap.getSignDate()));
sap.setCryptoDictionary(dic);
// preserve some space for the contents
int contentEstimated = 15000;
HashMap<PdfName,Integer> exc = new HashMap<PdfName,Integer>();
exc.put(PdfName.CONTENTS, new Integer(contentEstimated * 2 + 2));
System.out.println(PdfName.CONTENTS);
sap.preClose(exc);
// make the digest
InputStream data = sap.getRangeStream();
MessageDigest messageDigest = MessageDigest.getInstance("SHA1");
byte buf[] = new byte[8192];
int n;
while ((n = data.read(buf)) > 0) {
messageDigest.update(buf, 0, n);
}
byte hash[] = messageDigest.digest();
File file = new File("digest");
FileUtils.writeByteArrayToFile(file, hash);
}
static void signDigest() throws Exception{
// URL pdfURL = App.class.getResource("/voivang.pdf");
URL ksURL = App.class.getResource("/keystore.jks");
KeyStore keyStore = KeyStore.getInstance("JKS");
keyStore.load(new FileInputStream(new File(ksURL.toURI())),
"123456".toCharArray());
String alias = "customer";
PrivateKey privateKey = (PrivateKey) keyStore.getKey(alias,
"123456".toCharArray());
Certificate[] certificates = keyStore.getCertificateChain(alias);
PdfPKCS7 sgn = new PdfPKCS7(privateKey, certificates, null, "SHA1",
null, false);
byte[] hash = FileUtils.readFileToByteArray(new File("digest"));
Calendar cal = Calendar.getInstance();
byte sh[] = sgn.getAuthenticatedAttributeBytes(hash, cal, null);
sgn.update(sh, 0, sh.length);
byte[] encodedSig = sgn.getEncodedPKCS7(hash, cal, null, null);
int contentEstimated = 15000;
if (contentEstimated + 2 < encodedSig.length)
throw new DocumentException("Not enough space");
byte[] paddedSig = new byte[contentEstimated];
System.arraycopy(encodedSig, 0, paddedSig, 0, encodedSig.length);
FileUtils.writeByteArrayToFile(new File("signature"), paddedSig);
}
static void putSignature() throws Exception{
URL pdfURL = App.class.getResource("/voivang.pdf");
URL ksURL = App.class.getResource("/keystore.jks");
// private key and certificate
KeyStore keyStore = KeyStore.getInstance("JKS");
keyStore.load(new FileInputStream(new File(ksURL.toURI())),
"123456".toCharArray());
String alias = "customer";
PrivateKey privateKey = (PrivateKey) keyStore.getKey(alias,
"123456".toCharArray());
Certificate[] certificates = keyStore.getCertificateChain(alias);
// reader and stamper
PdfReader reader = new PdfReader(new FileInputStream(new
File(pdfURL.toURI())));
FileOutputStream fout = new FileOutputStream("signed.pdf");
PdfStamper stp = PdfStamper.createSignature(reader, fout, '\0');
PdfSignatureAppearance sap = stp.getSignatureAppearance();
sap.setCrypto(null,certificates , null,
PdfSignatureAppearance.WINCER_SIGNED);
PdfSignature dic = new PdfSignature(PdfName.ADOBE_PPKLITE, new
PdfName("adbe.pkcs7.detached"));
// dic.setReason(sap.getReason());
// dic.setLocation(sap.getLocation());
// dic.setContact(sap.getContact());
// dic.setDate(new PdfDate(sap.getSignDate()));
sap.setCryptoDictionary(dic);
// preserve some space for the contents
int contentEstimated = 15000;
HashMap<PdfName,Integer> exc = new HashMap<PdfName,Integer>();
exc.put(PdfName.CONTENTS, new Integer(contentEstimated * 2 + 2));
sap.preClose(exc);
PdfDictionary dic2 = new PdfDictionary();
byte[] signature = FileUtils.readFileToByteArray(new
File("signature"));
dic2.put(PdfName.CONTENTS, new
PdfString(signature).setHexWriting(true));
sap.close(dic2);
}
what did i do wrong!
thanks!
--
**************************************
Nguyễn Trường Sơn
Tin3K50 - Hệ thống thông tin K50
ĐHBK Hà Nội
Mobile: 0904010635
Y!M: hunters_1094
------------------------------------------------------------------------------
Lotusphere 2011
Register now for Lotusphere 2011 and learn how
to connect the dots, take your collaborative environment
to the next level, and enter the era of Social Business.
http://p.sf.net/sfu/lotusphere-d2d
_______________________________________________
iText-questions mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/itext-questions
Many questions posted to this list can (and will) be answered with a reference
to the iText book: http://www.itextpdf.com/book/
Please check the keywords list before you ask for examples:
http://itextpdf.com/themes/keywords.php
