Results 1 to 2 of 2
  1. #1
    Ray1184 is offline Member
    Join Date
    Oct 2011
    Location
    Milano
    Posts
    2
    Rep Power
    0

    Default [Digital Signature] Embed P7S signature inside PDF with iText and BouncyCastle

    Hi guys,

    For a work I have to sign a PDF.
    But not with a common way, because I alredy have the signature and the certificates (for example "document.p7s") and obviously the original file ("document.pdf"), and I have to put the signature inside the PDF.
    Ok I made this stuff.

    First I load the p7s inside a CMSSignedData object, and I put the signature and certificates inside the PDF.

    Java Code:
    PKCS7 pkcs7 = new PKCS7(p7s.toByteArray());
    CMSSignedData signedData = new CMSSignedData(p7s.toByteArray());
    X509Certificate[] chain2 = pkcs7.getCertificates();
    PdfSignatureAppearance sap = stamper.getSignatureAppearance();
    sap.setVisibleSignature(new Rectangle(600, 50, 150, 100), 1, null);
    sap.setSignDate(new GregorianCalendar());
    sap.setCrypto(null, chain2, null,
    				PdfSignatureAppearance.WINCER_SIGNED);
    sap.setAcro6Layers(true);
    sap.setRenderingMode(PdfSignatureAppearance.RenderingMode.DESCRIPTION);
    sap.setCertificationLevel(PdfSignatureAppearance.CERTIFIED_NO_CHANGES_ALLOWED);
    
    PdfSignature dic = new PdfSignature(PdfName.ADOBE_PPKMS,
    				PdfName.ADBE_PKCS7_DETACHED);
    			
    dic.setDate(new PdfDate(sap.getSignDate()));
    dic.setName(PdfPKCS7.getSubjectFields((X509Certificate) chain[1])
    				.getField("CN"));
    			
    sap.setCryptoDictionary(dic);
    		
    		HashMap<PdfName, Integer> exc = new HashMap<PdfName, Integer>();
    		exc.put(PdfName.CONTENTS, new Integer(4000 * 2 + 2));
    		sap.preClose(exc);
    
    			
    byte[] pk = signedData.getEncoded();
    byte[] outc = new byte[4000];
    PdfDictionary dic2 = new PdfDictionary();
    
    System.arraycopy(pk, 0, outc, 0, pk.length);
    dic2.put(PdfName.CONTENTS, new PdfString(outc).setHexWriting(true));
    sap.close(dic2);
    ... ok, the process works correctly, if I open the signed pdf I can see the graphics signature and i can read the certificate, but... If i try to validate the signed pdf (with the iText procedure or with acrobat), it said me that the signature is not valid, because the document was modified or damaged.

    How can I fix this? Can you help me?

    Thanks in advance

    -Niccolò-
    Last edited by Ray1184; 10-25-2011 at 01:11 PM.

  2. #2
    Ray1184 is offline Member
    Join Date
    Oct 2011
    Location
    Milano
    Posts
    2
    Rep Power
    0

    Default Re: [Digital Signature] Embed P7S signature inside PDF with iText and BouncyCastle

    Some news...
    I tried to implement the signature with BC from keystore and works well.
    I tried after to change only the signedData, using not the data signed with BC but the p7s loaded as byte array... always the same problem... I'm sure that the pdf and his p7s are not corrupted, so probably the problem is when the p7s it's loaded or probably i use the wronge information when i put the signature inside pdf... please help me... are two weeks that i cannot find a solution for this stuff.

    Thanks in advance

Similar Threads

  1. Digital Signature Apps
    By bagofmilk in forum Android
    Replies: 1
    Last Post: 09-12-2011, 10:40 PM
  2. Replies: 0
    Last Post: 09-10-2011, 09:34 AM
  3. expired digital signature
    By jeffell in forum Java Applets
    Replies: 0
    Last Post: 05-30-2011, 11:06 PM
  4. Replies: 0
    Last Post: 10-06-2010, 08:58 PM
  5. Digital Signature Expired
    By Pryach in forum New To Java
    Replies: 1
    Last Post: 03-09-2010, 07:15 PM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •