Hi Michael, would we be better off if iText doesn't use the given provider for hashing? The specified provider is usually intended for the signing stuff. And BC is always a good choice for hashing algorithms.
My proposal: Try hashing with BC. If the given algo is not available in BC, give the specified provider a try. Greetings Andreas > Eric, > > Eric Chow wrote >> java.security.NoSuchAlgorithmException: no such algorithm: SHA1 for >> provider SunPKCS11-GD >> at sun.security.jca.GetInstance.getService(GetInstance.java:70) >> at sun.security.jca.GetInstance.getInstance(GetInstance.java:190) >> at java.security.Security.getImpl(Security.java:662) >> at java.security.MessageDigest.getInstance(MessageDigest.java:185) >> at >> com.itextpdf.text.pdf.security.MakeSignature.signDetached(MakeSignature.java:128) >> at TestSign.sign(TestSign.java:46) >> at TestSign.main(TestSign.java:74) > There seems to be a small inconsistency concerning the use of the SunPKCS11 > provider in iText: MakeSignature.signDetached uses the given provider > (unless it is null) to retrieve the hash algorithm, too, while the PdfPKCS7 > constructor (to which the provider value is forwarded) uses it to retrieve > the hash algorithm only if it doesn't start with "SunPKCS11". This surely > will be made consistent. > > The actual problem is IMO that there are two different uses for the given > provider: It is used both for retrieving a digest algorithm and for > retrieving a Signature instance. Sometimes, though, you need different > providers for these tasks. Unless resorting to not using provider arguments, > therefore, there should be overloads with two provider arguments. > > Regards, Michael. > > -- > View this message in context: > http://itext-general.2136553.n4.nabble.com/iText-5-3-0-digital-signature-problem-tp4655635p4655637.html > Sent from the iText - General mailing list archive at Nabble.com. > > ------------------------------------------------------------------------------ > Live Security Virtual Conference > Exclusive live event will cover all the ways today's security and > threat landscape has changed and how IT managers can respond. Discussions > will include endpoint security, mobile security and the latest in malware > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > _______________________________________________ > iText-questions mailing list > iText-questions@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/itext-questions > > iText(R) is a registered trademark of 1T3XT BVBA. > Many questions posted to this list can (and will) be answered with a > reference to the iText book: http://www.itextpdf.com/book/ > Please check the keywords list before you ask for examples: > http://itextpdf.com/themes/keywords.php > -- Andreas Kühne phone: +49 177 293 24 97 mailto: kue...@trustable.de Trustable Ltd. Niederlassung Deutschland Ströverstr. 18 - 59427 Unna Amtsgericht Hamm HRB 5868 Directors Andreas Kühne, Heiko Veit Company UK Company No: 5218868 Registered in England and Wales ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ iText-questions mailing list iText-questions@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/itext-questions iText(R) is a registered trademark of 1T3XT BVBA. Many questions posted to this list can (and will) be answered with a reference to the iText book: http://www.itextpdf.com/book/ Please check the keywords list before you ask for examples: http://itextpdf.com/themes/keywords.php
