Hi,
I am using an API that signs PDFs using an Aladdin token (Etoken pro Aladdin
72K) with RSA security. I am having trouble signing several PDFs in sequence
using the same certificate. What I want is for the RSA key to be requested
just once, as is the case with the token access password, which the API
stores in cache the first time it is entered. However, the RSA key is
requested every time a PDF is signed in sequence. Is it possible to send all
the PDFs into one container? Is there any other way to avoid entering the
RSA key n amount of times?
I am using the following code to hash and sign my documents:
----------------------------------------------------------------------------------->>
ByteBuffer outputStreamSigned = new ByteBuffer(); PdfStamper pdfStamper =
PdfStamper.createSignature(reader, outputStreamSigned, '\0', null, true);
PdfSignatureAppearance signatureApp = pdfStamper.getSignatureAppearance();
signatureApp.setCrypto(privateKey, signerCertificateChain, null,
PdfSignatureAppearance.WINCER_SIGNED);
…
X509Certificate userCert = (X509Certificate) signerCertificateChain[0];
…
// conf external ->
signatureApp.setExternalDigest(getPublicKeyBuffer(userCert), new byte[20],
"RSA");
signatureApp.preClose();
MessageDigest messageDigest = MessageDigest.getInstance("SHA1");
byte buf[] = new byte[8192];
int n;
InputStream inp = signatureApp.getRangeStream();
while ((n = inp.read(buf)) > 0) {
messageDigest.update(buf, 0, n);
}
byte hash[] = messageDigest.digest();
PdfSigGenericPKCS pdfDict = signatureApp.getSigStandard();
PdfLiteral slit = (PdfLiteral) pdfDict.get(PdfName.CONTENTS);
byte[] outc = new byte[(slit.getPosLength() - 2) / 2];
PdfPKCS7 sig = pdfDict.getSigner();
Signature sign = Signature.getInstance("SHA1withRSA");
sign.initSign(privateKey);
sign.update(hash);
sig.setExternalDigest(sign.sign(), hash, "RSA");
PdfDictionary dic = new PdfDictionary();
byte[] ssig = sig.getEncodedPKCS7(); /*<----Request RSA Key*/
System.arraycopy(ssig, 0, outc, 0, ssig.length);
dic.put(PdfName.CONTENTS, new PdfString(outc).setHexWriting(true));
signatureApp.close(dic);
----------------------------------------------------------------------------------->>
Im using jre 6, itext 2.1.7
In the following post someone mentioned that the itext API was being re
implemented and that this may solve the problem of multiple signatures in
later versions.
http://itext.2136553.n4.nabble.com/Re-Using-eToken-with-secondary-authentication-format-td3772022.html#a3776183
Do you know if this has been solved?
Thanks in advance.
Regards,
--
View this message in context:
http://itext.2136553.n4.nabble.com/PDF-multiple-signatures-problem-tp4660828.html
Sent from the iText mailing list archive at Nabble.com.
------------------------------------------------------------------------------
_______________________________________________
iText-questions mailing list
iText-questions@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/itext-questions
iText(R) is a registered trademark of 1T3XT BVBA.
Many questions posted to this list can (and will) be answered with a reference
to the iText book: http://www.itextpdf.com/book/
Please check the keywords list before you ask for examples:
http://itextpdf.com/themes/keywords.php
