Diego,
One more times, thanks a lot. I just add the following part of your code
and it works! :
* //Create Permissions Dictionary COSDictionary permissions =
new COSDictionary(); permissions.setItem("DocMDP", signature);
//Add Permissions to Catalog COSDictionary catalog =
document.getDocumentCatalog().getCOSObject();
catalog.setItem("Perms", permissions);*
Many Thanks!
Damien.
2016-10-19 15:43 GMT+02:00 Diego Azevedo <[email protected]>:
> Ok, I searched for "DocMDP" on ISO 32000 and found this:
>
> * On a 'Signature Field Dictionary', one *could *have a 'Seed Value
> Dictionary' with a 'MDP entry'
> o This entry *shall *have a dictionary with only one entry: 'P'
> and a integer value <0-3>:
> + 0 - Author Signature
> + 1-3 - Same meaning from the P entry on the DocMDP Transform
> Parameters Dictionary
> * A certification Signature *may *be referenced from the DocMDP entry
> in the Permissions Dictionary
> o The signature Dictionary *shall *contain a signature reference
> dictionary with the DocMDP transform method
> o It *should *have a Legal Attestation Dictionary
> o It *shall *be the first signed field in the document
>
> There where a few specific things about these entries and dictionaries,
> but these are the changes that should be made from the beginning:
>
> * Create the Signature Reference Dictionary and add it to the
> signature - OK
> * Create a Permissions Dictionary and add it to Catalog:
>
> //Create Permissions Dictionary
> COSDictionary permissions = new COSDictionary();
> permissions.setItem("DocMDP", signature);
>
> //Add Permissions to Catalog
> COSDictionary catalog =
> document.getDocumentCatalog().getCOSObject();
> catalog.setItem("Perms", permissions);
>
> * Create a Legal Attestation Dictionary and add it to catalog:
>
> //Create Legal Attestation Dictionary (I'd totally leave this
> out on my implementation - Way too much trouble for something
> optional)
> COSDictionary legalAttestation= new COSDictionary();
> <All entries are optional, and are like this:>
> legalAttestation.setInt("JavaScriptActions", 10);// Means there
> are 10 Javascript actions
> legalAttestation.setInt("LaunchActions", 10);// Means there are
> 10 Launch actions
> [...]
>
> //Add Permissions to Catalog
> COSDictionary catalog =
> document.getDocumentCatalog().getCOSObject();
> catalog.setItem("Legal", legalAttestation);
>
> * Create a Seed Value Dictionary and add it to the Signature Field
> Dictionary
> o The Signature Field Dictionary is manipulated by pdfbox itself
> on document.addSignature. So, if necessary, it would be
> something like this that would be changed in the source code:
>
> //Get the references
> COSArray references = (COSArray)
> signature.getCOSObject().getItem("Reference");
> COSDictionary reference = null;
> if( references != null){
>
> // loop all references, looking for a DocMDP TransformMethod
> for(int i = 0; i< references.size(); i++){
>
> reference = (COSDictionary) references.getObject(i);
> if(reference.getNameAsString("TransformMethod").equals("Doc
> MDP")){
>
> // if it is a DocMDP, it shall heve TransformParams
> as a integer
> COSDictionary transform = (COSDictionary)
> reference.getItem("TransformParams");
> int pEntry = transform.getInt("P");
>
> //Add to the SeedValue Dictionary
> PDSeedValue seedValue = ?; //How to get the
> SeedValue? Should we create a new one? - Only
> someone from the project could tell you that (along
> with where this code should be placed)
> PDSeedValueMDP mdp = new PDSeedValueMDP();
> mdp.setP(pEntry);
> seedValue.setMPD(mdp);
>
> }
>
> }
>
> }
>
> I only saw your reply now. The document you sent me only did the first
> change (permissions Dictionary). Try it and tell me if it worked
>
> []'s
>
> Diego Azevedo
>
>
> On 19/10/2016 09:25, Diego Azevedo wrote:
>
>> Damien,
>>
>> Can you upload a correctly certified PDF somewhere and share the link?
>> Wîth the original one, if possible?
>>
>> I'll try to mimic the behavior.
>>
>> []'s
>>
>> Diego Azevedo
>>
>> On 19/10/2016 07:10, Damien Butaye wrote:
>>
>>> In some Java code of different PDF Signatue framework, I saw the use of
>>> the
>>> "Perms" dictionnary to certify PDF. Do you have any idea if the "Perms"
>>> can
>>> help to see the blue ribbon?
>>>
>>> 2016-10-19 10:48 GMT+02:00 Damien Butaye <[email protected]>:
>>>
>>> Yes but in my case my certificate has the authorization to certify
>>>> document (the cross is green beside the "Certify Document" in your
>>>> previous
>>>> printscreen).
>>>> I wonder me if another information must be present in the PDF to show
>>>> the
>>>> blue ribbon?!
>>>>
>>>> 2016-10-18 17:40 GMT+02:00 Diego Azevedo <[email protected]>:
>>>>
>>>> No, but in my case it would never happen, because my certificate is
>>>>> trusted for signing, but not certifying:
>>>>>
>>>>> Image: http://imgur.com/XYZCB8H
>>>>>
>>>>> []'s
>>>>>
>>>>> Diego Azevedo
>>>>>
>>>>> On 18/10/2016 13:30, Damien Butaye wrote:
>>>>>
>>>>> One last question, have you got the "blue ribbon" on the top the pdf
>>>>>> when you open it with Acrobat? In my case not, although it is well
>>>>>> certified as shown in the Acrobat Signature Panel.
>>>>>>
>>>>>>
>>>>>>
>>>>>> 2016-10-18 15:58 GMT+02:00 Damien Butaye <[email protected]
>>>>>> <mailto:[email protected]>>:
>>>>>>
>>>>>> Nice! Thank you very much!
>>>>>>
>>>>>> (Btw, it could be nice to integrate in a future release a method
>>>>>> certify() in the PDSignature object).
>>>>>>
>>>>>> obrigado!
>>>>>>
>>>>>> 2016-10-18 15:42 GMT+02:00 Diego Azevedo <[email protected]
>>>>>> <mailto:[email protected]>>:
>>>>>>
>>>>>> Hello Damien,
>>>>>>
>>>>>> I made a typo:
>>>>>>
>>>>>> dictionary.setItem("Reference", reference_*s*_); // Add
>>>>>> Array to Signature dictionary
>>>>>>
>>>>>> There is no point in creating the array, add the "SigRef"
>>>>>> dictionary to it... and not use the array on the "Sig"
>>>>>> dictionary. So... just add the 'S' to the variable and
>>>>>> re-run
>>>>>> it. Just tested here, and it worked fine =)
>>>>>>
>>>>>> []'s
>>>>>>
>>>>>>
>>>>>> -- *_______________________________________________
>>>>>>
>>>>>> Diego Azevedo
>>>>>> Developer
>>>>>> E-SEC Segurança Digital
>>>>>> www.esec.com.br <http://www.esec.com.br>
>>>>>> +55 61 3323-4410 <tel:%2B55%2061%203323-4410>*
>>>>>>
>>>>>>
>>>>>> On 18/10/2016 10:21, Damien Butaye wrote:
>>>>>>
>>>>>> Hello Diego,
>>>>>>>
>>>>>>> Thank you for your help. I just tried your code but it
>>>>>>> seems
>>>>>>> that it doesn't work. The result has nor signature nor
>>>>>>> certify element. I'll try again.
>>>>>>> If you have any idea, don't hesitate ;)
>>>>>>>
>>>>>>> Damien.
>>>>>>>
>>>>>>> 2016-10-18 13:04 GMT+02:00 Diego Azevedo
>>>>>>> <[email protected] <mailto:[email protected]>>:
>>>>>>>
>>>>>>>
>>>>>>> From what I'm reading on ISO 32000, the certification
>>>>>>> Signature is a normal signature, but with a DocMDP
>>>>>>> transform method. So the ou should do something like
>>>>>>> this:
>>>>>>>
>>>>>>> PDSignature signature = new PDSignature;
>>>>>>> [..] //do your thing
>>>>>>> COSDictinary dictionary = signature.getCOSObject();
>>>>>>>
>>>>>>> //Create a reference dictionary
>>>>>>> COSDictionary reference = new COSDictionary();
>>>>>>> reference.setItem("Type",
>>>>>>> COSName.getPDFName("SigRef"));
>>>>>>> reference.setItem("TransformMethod",
>>>>>>> COSName.getPDFName("DocMDP"));
>>>>>>> reference.setItem("DigestMethod",
>>>>>>> COSName.getPDFName("SHA1")); //Only MD5 or SHA1...
>>>>>>> Go
>>>>>>> with the least worse
>>>>>>>
>>>>>>> //Now we add DocMDP specific stuff
>>>>>>> COSDictionary transformParameters = new
>>>>>>> COSDictionary();
>>>>>>> transformParameters.setItem("Type",
>>>>>>> COSName.getPDFName("TransformParams"));
>>>>>>> transformParameters.setInteger("P", <1, 2 or 3>);
>>>>>>> //
>>>>>>> 1- no changes permited; 2- fill forms and signing;
>>>>>>> 3-
>>>>>>> Same as 2 plus annotation creation, deletion an
>>>>>>> modification.
>>>>>>> transformParameters.setItem("V",
>>>>>>> COSName.getPDFName("1.2")); // This is right, it's a
>>>>>>> name, not a number.
>>>>>>>
>>>>>>> // Add everything in order
>>>>>>> reference.setItem("TransformParams",
>>>>>>> transformParameters ); // Add DocMDP stuff to the
>>>>>>> SigRef Dictionary;
>>>>>>> COSArray references = new COSArray();
>>>>>>> references.add(reference); // Add SigRef Dictionary
>>>>>>> to a Array
>>>>>>> dictionary.setItem("Reference", reference); // Add
>>>>>>> Array to Signature dictionary
>>>>>>>
>>>>>>> I didn't try it myself, just wrote based on PdfBox API
>>>>>>> and ISO specification. May have errors.
>>>>>>>
>>>>>>> On 18/10/2016 06:12, Damien Butaye wrote:
>>>>>>>
>>>>>>> Hello Tilman,
>>>>>>>>
>>>>>>>> Here follows two links explaining the difference :
>>>>>>>>
>>>>>>>>
>>>>>>>> 1.http://www.investintech.com/
>>>>>>>> resources/articles/certifyingsigningpdf/
>>>>>>>> <http://www.investintech.com/r
>>>>>>>> esources/articles/certifyingsigningpdf/>
>>>>>>>> 2.
>>>>>>>> http://stackoverflow.com/quest
>>>>>>>> ions/16710439/how-to-add-blank-page-in-digitally-signed-pdf-
>>>>>>>> using-java/16711745#16711745
>>>>>>>> <http://stackoverflow.com/ques
>>>>>>>> tions/16710439/how-to-add-blank-page-in-digitally-signed-pdf
>>>>>>>> -using-java/16711745#16711745>Damien.
>>>>>>>> 2016-10-18 8:49 GMT+02:00 Tilman Hausherr
>>>>>>>> <[email protected]> <mailto:[email protected]>
>>>>>>>> :
>>>>>>>>
>>>>>>>> Dear all,
>>>>>>>>>
>>>>>>>>> I'm looking for a solution to certify a PDF.
>>>>>>>>>> Currently I'm able to
>>>>>>>>>> sign a
>>>>>>>>>> PDF using PDFBox but I can't certify it. Is-it
>>>>>>>>>> possible
>>>>>>>>>> to do it with
>>>>>>>>>> PDFBox?
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> Thank you for your help!
>>>>>>>>>>
>>>>>>>>>> What's the difference? (See my other answer from
>>>>>>>>>> today)
>>>>>>>>>>
>>>>>>>>> Tilman
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> ------------------------------
>>>>>>>>> ---------------------------------------
>>>>>>>>> To unsubscribe, e-mail:users-unsubscribe@pdfbo
>>>>>>>>> x.apache.org
>>>>>>>>> <mailto:[email protected]>
>>>>>>>>> For additional commands,
>>>>>>>>> e-mail:[email protected]
>>>>>>>>> e.org
>>>>>>>>> <mailto:[email protected]>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>
