Hi Michael my apologize I was trying to avoid dumping a bunch of code and
turning everyone off but you are right with no code it’s kind of hard to get
help or direction. So here is some code fragments, there is aJSP, the
CAPICOM activex control and a servlet.
*Step 1:
JSP makes an AJAX call to servlet
HTML/Javascript Fragments*
*Step 2:
Servlet is invoked by ajax call to get the PDF digest*
private String getDigest(String path, String fileName,
HttpServletRequest request) {
HttpSession session = request.getSession();
log.info("getDigest (begin)...");
try {
//1. Convert cert chain string to certificate class
SHA256withRSA
String myChain = "-----BEGIN CERTIFICATE-----
MIIG6DCCBdCgAwIBAgICAZowDQ
........ -----END CERTIFICATE-----";
Certificate[] certChain = {getCertificate(myChain)};
//2.Initialize reader, stamper.
PdfReader reader = new PdfReader(path + "/" + fileName);
int page = reader.getNumberOfPages() + 1;
PdfStamper stamper = PdfStamper.createSignature(reader, new
FileOutputStream(OUT_DIR + fileName), '\0');
PdfSignatureAppearance appearance =
stamper.getSignatureAppearance();
//3.Configure SignatureAppearance
appearance.setSignDate(new GregorianCalendar());
appearance.setCrypto(null, certChain, null,
PdfSignatureAppearance.WINCER_SIGNED);
appearance.setReason("Digitally Signed");
appearance.setLocation("Some Place");
appearance.setContact("madmax");
appearance.setAcro6Layers(true);
appearance.setSignatureGraphic(Image.getInstance(SIG_DIR +
"/madmax-sig.jpg"));
appearance.setRenderingMode(PdfSignatureAppearance.RenderingMode.GRAPHIC_AND_DESCRIPTION);
stamper.insertPage(page, new Rectangle (160,732, 232, 780));
appearance.setVisibleSignature(new Rectangle (160,732, 232,
780), page, "my_sig");
appearance.setExternalDigest(new byte[513], new byte[20],
"RSA");
//4. Create signature dictionary
PdfSignature dic = new PdfSignature(PdfName.ADOBE_PPKMS,
PdfName.ADBE_PKCS7_DETACHED);
dic.setName(PdfPKCS7.getSubjectFields((X509Certificate)certChain[0]).getField("CN"));
if (appearance.getSignDate()!= null) dic.setDate(new
PdfDate(appearance.getSignDate()));
if (appearance.getReason()!= null)
dic.setReason(appearance.getReason());
if (appearance.getLocation() != null)
dic.setLocation(appearance.getLocation());
if (appearance.getContact() != null)
dic.setContact(appearance.getContact());
appearance.setCryptoDictionary(dic);
//5. Reserve space for CONTENTS
int csize = 15000;
HashMap<PdfName, Integer> exc = new HashMap();
exc.put(PdfName.CONTENTS, csize * 2 + 2);
appearance.preClose(exc);
//6. Calculate content stream digest
MessageDigest messageDigest =
MessageDigest.getInstance("SHA-256");
byte buf[] = new byte[8192];
int n;
InputStream inp = appearance.getRangeStream();
while ((n = inp.read(buf)) > 0) {
messageDigest.update(buf, 0, n);
}
byte hash[] = messageDigest.digest();
session.setAttribute("stamper", stamper);
session.setAttribute("hash", new String(hash));
log.info("getDigest (end)...");
return new String(hash);
}
catch (FileNotFoundException e) {
e.printStackTrace();
}
catch (IOException e) {
e.printStackTrace();
}
catch (DocumentException e) {
e.printStackTrace();
}
catch (NoSuchAlgorithmException e) {
e.printStackTrace();
}
log.info("getDigest (end)...");
return null;
}
*Step 3:
The digest is returned to the JSP Servlet and calls the CAPICOM activex
control and call the "SignedData" method it is then rturn to the servlet a
second time
which call this metgoe to finalize the signature*
private void signPdf(String path, String fileName, String digest,
HttpServletRequest request) {
HttpSession session = request.getSession();
stamper = (PdfStamper) session.getAttribute("stamper");
appearance = stamper.getSignatureAppearance();
//1. Convert cert chain string to certificate class SHA256withRSA
String myChain = "-----BEGIN CERTIFICATE-----
MIIG6DCCBdCgAwIBAgICAZowDQ ........ -----END CERTIFICATE-----";
Certificate[] certChain = {getCertificate(myChain)};
PdfStamper stamper;
PdfSignatureAppearance appearance;
PdfDictionary dic = appearance.getCryptoDictionary();
//1. Sign the PDF
byte[] hash = ((String) session.getAttribute("hash")).getBytes();
log.info("signPdf with Digest (begin)...");
try {
byte[] data = Base64.decodeBase64(digest.trim().getBytes());
log.info(">> " + digest.length());
Calendar cal = appearance.getSignDate();
byte[] ocsp = null;
PdfPKCS7 sig = new PdfPKCS7(null, certChain, null, "SHA-256",
null, false);
sig.setExternalDigest(hash, data, "RSA");
PdfLiteral pdfLiteral = (PdfLiteral) dic.get(PdfName.CONTENTS);
byte[] outc = new byte[(pdfLiteral.getPosLength() - 2) / 2];
byte[] ssig = sig.getEncodedPKCS7(null, cal, null, ocsp);
Arrays.fill(outc,(byte)0);
System.arraycopy(ssig, 0, outc, 0, ssig.length);
PdfDictionary dic2 = new PdfDictionary();
dic2.put(PdfName.CONTENTS, new
PdfString(outc).setHexWriting(true));
appearance.close(dic2);
}
catch (IOException e) {
e.printStackTrace();
}
catch (DocumentException e) {
e.printStackTrace();
}
catch (Exception e) {
e.printStackTrace();
}
log.info("signPdf with Digest (end)...");
}
--
View this message in context:
http://itext-general.2136553.n4.nabble.com/Sign-and-PDF-with-SmartCard-and-web-browser-only-tp4319344p4340836.html
Sent from the iText - General mailing list archive at Nabble.com.
------------------------------------------------------------------------------
Try before you buy = See our experts in action!
The most comprehensive online learning library for Microsoft developers
is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3,
Metro Style Apps, more. Free future releases when you subscribe now!
http://p.sf.net/sfu/learndevnow-dev2
_______________________________________________
iText-questions mailing list
iText-questions@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/itext-questions
iText(R) is a registered trademark of 1T3XT BVBA.
Many questions posted to this list can (and will) be answered with a reference
to the iText book: http://www.itextpdf.com/book/
Please check the keywords list before you ask for examples:
http://itextpdf.com/themes/keywords.php
