Hi Michael, > Actually the /Cert key is not in the table of signature dictionary entries. > Thus, one could argue that adbe.x509.rsa_sha1 may not be used for PDF/A > signing as such signatures require the /Cert entry while adbe.pkcs7.* is > perfectly ok. ;) That is actually not correct. If you look in the 1.4 spec ch. 8.6 'signatures' it states: "Note: The specification for public-key digital signature authentication is available in the Adobe document PDF Public-Key Digital Signature and Encryption Specification (see the Bibliography)." And there on page 5 you'll find your 'Cert' key...
However i just saw in that document that pkcs7 was indeed supported since 1.4. Good that we talked about it :-) But still think that removing that code is not a good idea for documents >=1.7. Changing the default provider or something similar seems to be a better way... Regards, ToM ------------------------------------------------------------------------------ The ultimate all-in-one performance toolkit: Intel(R) Parallel Studio XE: Pinpoint memory and threading errors before they happen. Find and fix more than 250 security defects in the development cycle. Locate bottlenecks in serial and parallel code that limit performance. http://p.sf.net/sfu/intel-dev2devfeb _______________________________________________ iText-questions mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/itext-questions Many questions posted to this list can (and will) be answered with a reference to the iText book: http://www.itextpdf.com/book/ Please check the keywords list before you ask for examples: http://itextpdf.com/themes/keywords.php
