Java Mailing List Archive

http://www.junlu.com/

Home » Home (12/2007) » iText »

Re: [iText-questions] "Re-Incorporate" a signature in a PDF

Paulo Soares

2007-07-02


That's not possible to do with iText as it was several times discussed in
the mailing list. Post any followup to the mailing list.

Paulo

----- Original Message -----
From: "Keat CHAN" <keat.chan@(protected)>
To: <itext-questions@(protected)>
Sent: Monday, July 02, 2007 5:13 PM
Subject: "Re-Incorporate" a signature in a PDF



Hi,

I have a problem with digital signature.

I managed to sign a PDF with the following :
X509Certificate[] chaine = ...; PdfReader reader = new PdfReader
("original.pdf"); FileOutputStream fout = new FileOutputStream
("signed.pdf"); PdfStamper stp = PdfStamper.createSignature (reader, fout,
'\0', null, true); PdfSignatureAppearance sap =
stp.getSignatureAppearance();  sap.setCrypto (null, chaine, null,
PdfSignatureAppearance.SELF_SIGNED); ... sap.setExternalDigest (new
byte[256], null, "RSA"); sap.preClose(); PdfPKCS7 sig =
sap.getSigStandard().getSigner(); byte[] content = streamToByteArray
(sap.getRangeStream()); Signature signature = Signature.getInstance
("SHA1withRSA", provider); PrivateKey key = ...; signature.initSign (key);
signature.update (content); byte[] sign = signature.sign();
sig.setExternalDigest (sign, null, "RSA"); PdfDictionary dic = new
PdfDictionary(); dic.put (PdfName.CONTENTS, new PdfString
(sig.getEncodedPKCS1()).setHexWriting(true)); sap.close (dic); ... PKCS7
pkcs7 = new PKCS7 (sig.getEncodedPKCS7()); os = new FileOutputStream
("xxxxx.p7f"); pkcs7.encodeSignedData (os); os.close();
The PDF is signed and the signature is valid. So, there is no problem with
"signed.pdf".
With the last 4 instructions :
PKCS7 pkcs7 = new PKCS7 (sig.getEncodedPKCS7()); os = new FileOutputStream
("xxxxx.p7f"); pkcs7.encodeSignedData (os); os.close();
I want to package the signature in a PKCS#7 file, called xxxxx.p7f, and to
"re-incorporate" it in the original PDF later.
The problem is I don't managed to "re-incorporate" the signature in the
PKCS#7 file (xxxxx.p7f) in the original PDF (original.pdf) to get the same
signed one (signed.pdf).

So, I would like to know if the packaging in PKCS#7 I done (PKCS7 pkcs7 =
new PKCS7 (sig.getEncodedPKCS7())) is correct, then if the
"re-incorporation" is possible.
Thanks,
Keat


-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_______________________________________________
iText-questions mailing list
iText-questions@(protected)
https://lists.sourceforge.net/lists/listinfo/itext-questions
Buy the iText book: http://itext.ugent.be/itext-in-action/
©2008 junlu.com - Jax Systems, LLC, U.S.A.