Hi Diego, Only thing is I am not discarding changes so my steps are more like - Grab original PDF - add signature dictionary and get the hash - send the hash to client - Wait for data on Standard Input. - Wait for Client to send the signed hash back, This data is then feeded to the paused program, that is, the data is sent to standard input of the program - add the CMS. :)
On Thu, May 25, 2017 at 7:07 PM Diego Azevedo <[email protected]> wrote: > Hey, Paresh > > I had the same problem with a similar workflow, and glancing at your code I > think you did the same as I did before: > > > - Grab original PDF > - add signature dictionary and get the hash > - discart changes > - send the hash to client > - mount CMS package with information returned from client > - grab original PDF > - add signature dictionary AND the CMS > > This won't work. Adding the same dictionary, with the same information, in > two different moments will create two different PDFs, with different > hashes. > The cause is the trailer dictionary. It has an ID entry that will always > change. > > If that's really the cause (I only glanced at your code), you have two > workarrounds: > > - Change PDFbox to create the same ID in different moments (It uses the > document itself and I think it also uses "currentTimeInMilis" somewhere) > - save your PDF with a garbage signature and update it latter with the > CMS > > > > > On Thu, May 25, 2017 at 7:42 AM, Paresh Chouhan < > [email protected] > > wrote: > > > oh I cannot attach the image, see my work flow is something like this > > http://i64.tinypic.com/29v02u.png > > so I am doing the signing on the client and reattaching the signed hash > > that I receive from client. > > > > On Thu, May 25, 2017 at 4:09 PM Paresh Chouhan < > > [email protected]> wrote: > > > >> On Thu, May 25, 2017 at 3:13 PM Tilman Hausherr <[email protected]> > >> wrote: > >> > >>> Am 25.05.2017 um 08:22 schrieb Paresh Chouhan: > >>> > Original PDF : https://www.mediafire.com/?bg9z4c9450v01io > >>> > Signed PDF : https://www.mediafire.com/?fqvnf9mg50pfzjh > >>> > >>> Thanks... I wanted to see the files first because I'm lazy and had > hoped > >>> it's some obvious problem in the PDF itself, but it isn't. So I looked > >>> at your code... the signing is quite different than in our example, why > >>> is this so? The "CreateSignatureBase" class has the code to produce the > >>> signature. > >>> > >>> That you mention a HSM isn't really relevant... At work, I'm signing > >>> with a PKI card and all I had to change was getting the keystore. > >>> > >>> Tilman > >>> > >>> --------------------------------------------------------------------- > >>> To unsubscribe, e-mail: [email protected] > >>> For additional commands, e-mail: [email protected] > >>> > >> [image: workflow.png] > >>> > >> -- > >> Regards > >> Paresh Chouhan > >> https://github.com/pareshchouhan > >> > > -- > > Regards > > Paresh Chouhan > > https://github.com/pareshchouhan > > > > > > -- > []'s > > Diego Azevedo > -- Regards Paresh Chouhan https://github.com/pareshchouhan
