External signature not valid
|
View:
New views
3 Messages
—
Rating Filter:
Alert me
|
 |
External signature not valid
by mtrekker
::
Rate this Message:
I am trying to create external signature using SmartCard.
1) I hash PDF's ByteStream data using SHA1 2) this hash is being encrypted using SmartCard internals (mechanism SHA1_RSA) 3) can't use MS API like described here: http://itextpdf.sourceforge.net/howtosign.html#signextitextsharp2. I end up with Reader error complayining "an error occured while attempting to validate this signature". What am I doing wrong ? public static void SignUsingMartCard(string filename, string outfile) { X509Certificate2 card = GetCertificate(); Org.BouncyCastle.X509.X509CertificateParser cp = new Org.BouncyCastle.X509.X509CertificateParser(); Org.BouncyCastle.X509.X509Certificate[] chain = new Org.BouncyCastle.X509.X509Certificate[] { cp.ReadCertificate(card.RawData) }; PdfReader reader = new PdfReader(filename); PdfStamper stp = PdfStamper.CreateSignature(reader, new FileStream(outfile, FileMode.Create), '\0'); PdfSignatureAppearance sap = stp.SignatureAppearance; sap.SetVisibleSignature(new Rectangle(100, 100, 300, 200), 1, null); sap.SignDate = DateTime.Now; sap.SetCrypto(null, chain, null, null); sap.Reason = "I like to sign using C#"; sap.Location = "Universe"; sap.Acro6Layers = true; sap.Render = PdfSignatureAppearance.SignatureRender.NameAndDescription; PdfSignature dic = new PdfSignature(PdfName.ADOBE_PPKLITE, PdfName.ADBE_PKCS7_DETACHED); dic.Date = new PdfDate(sap.SignDate); dic.Name = PdfPKCS7.GetSubjectFields(chain[0]).GetField("CN"); if (sap.Reason != null) dic.Reason = sap.Reason; if (sap.Location != null) dic.Location = sap.Location; sap.CryptoDictionary = dic; int csize = 2048; Hashtable exc = new Hashtable(); exc[PdfName.CONTENTS] = csize * 2 + 2; sap.PreClose(exc); Stream s = sap.RangeStream; MemoryStream ss = new MemoryStream(); int read = 0; byte[] buff = new byte[8192]; while ((read = s.Read(buff, 0, 8192)) > 0) { ss.Write(buff, 0, read); } GetExternalBytes(ss.ToArray(), ref digest, ref signature); PdfPKCS7 pk7 = new PdfPKCS7(null, chain, null, "SHA1", true); pk7.SetExternalDigest(digest, signature, "RSA"); byte[] pk = pk7.GetEncodedPKCS7(); byte[] outc = new byte[csize]; PdfDictionary dic2 = new PdfDictionary(); Array.Copy(pk, 0, outc, 0, pk.Length); dic2.Put(PdfName.CONTENTS, new PdfString(outc).SetHexWriting(true)); sap.Close(dic2); } ------------------------------------------------------------------------------ _______________________________________________ itextsharp-questions mailing list itextsharp-questions@... https://lists.sourceforge.net/lists/listinfo/itextsharp-questions |
|
|
Re: External signature not valid
by Paulo Soares-3
::
Rate this Message:
If you're using an external signature PdfPKCS7 can't be called and
everything must be done outside. The way to do it will depend on what the smartcard returns, it's impossible to debug without having access to the environment. Paulo ----- Original Message ----- From: "Mikro Trekker" <mtrekker@...> To: <itextsharp-questions@...> Sent: Monday, June 29, 2009 8:37 PM Subject: [itextsharp-questions] External signature not valid I am trying to create external signature using SmartCard. 1) I hash PDF's ByteStream data using SHA1 2) this hash is being encrypted using SmartCard internals (mechanism SHA1_RSA) 3) can't use MS API like described here: http://itextpdf.sourceforge.net/howtosign.html#signextitextsharp2. I end up with Reader error complayining "an error occured while attempting to validate this signature". What am I doing wrong ? public static void SignUsingMartCard(string filename, string outfile) { X509Certificate2 card = GetCertificate(); Org.BouncyCastle.X509.X509CertificateParser cp = new Org.BouncyCastle.X509.X509CertificateParser(); Org.BouncyCastle.X509.X509Certificate[] chain = new Org.BouncyCastle.X509.X509Certificate[] { cp.ReadCertificate(card.RawData) }; PdfReader reader = new PdfReader(filename); PdfStamper stp = PdfStamper.CreateSignature(reader, new FileStream(outfile, FileMode.Create), '\0'); PdfSignatureAppearance sap = stp.SignatureAppearance; sap.SetVisibleSignature(new Rectangle(100, 100, 300, 200), 1, null); sap.SignDate = DateTime.Now; sap.SetCrypto(null, chain, null, null); sap.Reason = "I like to sign using C#"; sap.Location = "Universe"; sap.Acro6Layers = true; sap.Render = PdfSignatureAppearance.SignatureRender.NameAndDescription; PdfSignature dic = new PdfSignature(PdfName.ADOBE_PPKLITE, PdfName.ADBE_PKCS7_DETACHED); dic.Date = new PdfDate(sap.SignDate); dic.Name = PdfPKCS7.GetSubjectFields(chain[0]).GetField("CN"); if (sap.Reason != null) dic.Reason = sap.Reason; if (sap.Location != null) dic.Location = sap.Location; sap.CryptoDictionary = dic; int csize = 2048; Hashtable exc = new Hashtable(); exc[PdfName.CONTENTS] = csize * 2 + 2; sap.PreClose(exc); Stream s = sap.RangeStream; MemoryStream ss = new MemoryStream(); int read = 0; byte[] buff = new byte[8192]; while ((read = s.Read(buff, 0, 8192)) > 0) { ss.Write(buff, 0, read); } GetExternalBytes(ss.ToArray(), ref digest, ref signature); PdfPKCS7 pk7 = new PdfPKCS7(null, chain, null, "SHA1", true); pk7.SetExternalDigest(digest, signature, "RSA"); byte[] pk = pk7.GetEncodedPKCS7(); byte[] outc = new byte[csize]; PdfDictionary dic2 = new PdfDictionary(); Array.Copy(pk, 0, outc, 0, pk.Length); dic2.Put(PdfName.CONTENTS, new PdfString(outc).SetHexWriting(true)); sap.Close(dic2); } ------------------------------------------------------------------------------ _______________________________________________ itextsharp-questions mailing list itextsharp-questions@... https://lists.sourceforge.net/lists/listinfo/itextsharp-questions |
|
|
|
| Free embeddable forum powered by Nabble | Forum Help |
