Return-Path: X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by cust-asf2.ponee.io (Postfix) with ESMTP id 34324200BA5 for ; Wed, 19 Oct 2016 21:15:15 +0200 (CEST) Received: by cust-asf.ponee.io (Postfix) id 32C7D160AEA; Wed, 19 Oct 2016 19:15:15 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id 5EBC5160ADC for ; Wed, 19 Oct 2016 21:15:13 +0200 (CEST) Received: (qmail 98926 invoked by uid 500); 19 Oct 2016 19:15:12 -0000 Mailing-List: contact users-help@pdfbox.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: users@pdfbox.apache.org Delivered-To: mailing list users@pdfbox.apache.org Received: (qmail 98914 invoked by uid 99); 19 Oct 2016 19:15:12 -0000 Received: from pnap-us-west-generic-nat.apache.org (HELO spamd4-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 19 Oct 2016 19:15:12 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd4-us-west.apache.org (ASF Mail Server at spamd4-us-west.apache.org) with ESMTP id 7C795C0D64 for ; Wed, 19 Oct 2016 19:15:11 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd4-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: 3.098 X-Spam-Level: *** X-Spam-Status: No, score=3.098 tagged_above=-999 required=6.31 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=2, KAM_LINEPADDING=1.2, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001] autolearn=disabled Authentication-Results: spamd4-us-west.apache.org (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mx1-lw-us.apache.org ([10.40.0.8]) by localhost (spamd4-us-west.apache.org [10.40.0.11]) (amavisd-new, port 10024) with ESMTP id qJiD4GkZh0I2 for ; Wed, 19 Oct 2016 19:15:04 +0000 (UTC) Received: from mail-yb0-f175.google.com (mail-yb0-f175.google.com [209.85.213.175]) by mx1-lw-us.apache.org (ASF Mail Server at mx1-lw-us.apache.org) with ESMTPS id 89D2A5F2C3 for ; Wed, 19 Oct 2016 19:15:04 +0000 (UTC) Received: by mail-yb0-f175.google.com with SMTP id 184so13136092yby.2 for ; Wed, 19 Oct 2016 12:15:04 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to; bh=UWi6A+NpTueJAw6B1LddVbVoZXHf7LR9qNG8Nak1llQ=; b=GJmNwaVwJ/WOWdIcmhtpL1AnrgzvmywGsnCm6uJQQFGVuGtl+3nRyWGGQTOCep2mOK jJyG1bpAkqL7f+Yz3ZznSxN0zpt8AXwIH6jwrixeOK+t/dCYcqRbSoyD48AIdUr2JEhS 69Sc+ZXKVGerzs3LwBGsRKMClGEc1SqwupooeOx/gNTdxvpaIR6eigunJHBj8cvVSX6n VVU21nJL3UOBiMDHIfAOslHVxBmOK1hZ+VknYIcuyB5ZZ2w4V9HA6WITAHJycIkPR4Be iKqD+mmFlYrl7Q7AjsnuRu2YMeKv9C7a2N7QR+i3NBad+5w0wK3qAmqBywiIz5Mk6rWn RhQQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to; bh=UWi6A+NpTueJAw6B1LddVbVoZXHf7LR9qNG8Nak1llQ=; b=CfxDN+cNAlfZOGXNiMpbMwCn4lLj+L08Vcqy8XIvfCxQtgBsLtmi80gAq5HRjQiNzK 7K03xQhsM0ROP6IHSscxOgNfIdgKrr6qmvasYUfWw7if9THywgl+gYJx9foEJwlPRfRP 2Qh8ZC6sgfygDpFsvONc8dqW/TDQG4NrACMVhScM0cct1GulsZ493t1gxm9P9MhY0TKi HQjYJkR6s3ZFLtr2mhp3V1v9VBfVWWcTXjB/y2SWO1N7qD43DsuliqmrlSBlPWW+vMNU XYJVZI2F0Df63jjmEW/ZVdASL0pXccQHcLjaxKm5JXi3xDtInY9nkID7M31vmZ0E2yBY jq5Q== X-Gm-Message-State: AA6/9RkwoeevuzKbahEP9KNWo4TewF8JLZZb1q50vukQcRtMh/rn7YpExepWitFDHeH0QuYSvhEghVBvkQi5rg== X-Received: by 10.157.35.67 with SMTP id k3mr3971933otd.99.1476904192758; Wed, 19 Oct 2016 12:09:52 -0700 (PDT) MIME-Version: 1.0 Received: by 10.202.78.83 with HTTP; Wed, 19 Oct 2016 12:09:32 -0700 (PDT) In-Reply-To: References: <90e7b2bc-f31a-5b43-2a07-499a57693744@t-online.de> <08ade23c-d67d-ae4e-1c91-02519beb3cfe@esec.com.br> <31b97005-f92f-63da-7184-28a4f046e7ad@esec.com.br> <89533e43-f881-88ea-9513-1cebf7b19da4@esec.com.br> From: Jonathan Barbero Date: Wed, 19 Oct 2016 16:09:32 -0300 Message-ID: Subject: Re: How to certify a PDF To: users@pdfbox.apache.org Content-Type: multipart/related; boundary=001a113718acc70d31053f3c8d79 archived-at: Wed, 19 Oct 2016 19:15:15 -0000 --001a113718acc70d31053f3c8d79 Content-Type: multipart/alternative; boundary=001a113718acc70d2d053f3c8d78 --001a113718acc70d2d053f3c8d78 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Hi, I have tried to certify a PDF with the provided code, but failed. This is the code I'm trying final PrivateKey privateKey =3D ... final Certificate certificate =3D ... PDDocument doc =3D PDDocument.load(input); // PDSignature PDSignature signature =3D new PDSignature(); signature.setFilter(PDSignature.FILTER_ADOBE_PPKLITE); signature.setSubFilter(PDSignature.SUBFILTER_ADBE_PKCS7_DETACHED); signature.setReason("The reason"); signature.setName("The name"); signature.setSignDate(Calendar.getInstance()); // DocMDP thing COSDictionary dictionary =3D signature.getCOSObject(); //Create Permissions Dictionary COSDictionary permissions =3D new COSDictionary(); permissions.setItem("DocMDP", signature); //Add Permissions to Catalog COSDictionary catalog =3D doc.getDocumentCatalog().getCOSObject(); catalog.setItem("Perms", permissions); // Create a reference dictionary COSDictionary reference =3D new COSDictionary(); reference.setItem("Type", COSName.getPDFName("SigRef")); reference.setItem("TransformMethod", COSName.getPDFName("DocMDP")); reference.setItem("DigestMethod", COSName.getPDFName("SHA1")); // Now we add DocMDP specific stuff COSDictionary transformParameters =3D new COSDictionary(); transformParameters.setItem("Type", COSName.getPDFName("TransformParams")); transformParameters.setInt("P", 2); // transformParameters.setItem("V", COSName.getPDFName("1.2")); // Add everything in order reference.setItem("TransformParams", transformParameters); COSArray references =3D new COSArray(); references.add(reference); // Add SigRef Dictionary to a Array dictionary.setItem("Reference", references); // Add Array to Signature // dictionary // From CreateSignature.java example // register signature dictionary and sign interface doc.addSignature(signature, new SignatureInterface() { @Override public byte[] sign(InputStream content) throws IOException { try { List certList =3D new ArrayList(); certList.add(certificate); Store certs =3D new JcaCertStore(certList); CMSSignedDataGenerator gen =3D new CMSSignedDataGenerator(); org.bouncycastle.asn1.x509.Certificate cert =3D org.bouncycastle.asn1.x509.Certificate .getInstance(ASN1Primitive.fromByteArray(certificate.getEncoded())); ContentSigner sha1Signer =3D new JcaContentSignerBuilder("SHA256WithRSA").build(privateKey); gen.addSignerInfoGenerator( new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().build()) .build(sha1Signer, new X509CertificateHolder(cert))); gen.addCertificates(certs); CMSProcessableInputStream msg =3D new CMSProcessableInputStream(content); CMSSignedData signedData =3D gen.generate(msg, false); /* * if (tsaClient !=3D null) { signedData =3D * signTimeStamps(signedData); } */ return signedData.getEncoded(); } catch (GeneralSecurityException e) { throw new IOException(e); } catch (CMSException e) { throw new IOException(e); // } catch (TSPException e) { // throw new IOException(e); } catch (OperatorCreationException e) { throw new IOException(e); } } }); // doc.save(output); doc.close(); When I open the PDF in Acrobat [image: Inline image 1] I compared a PDF certified with a paid library and the one generated with my code. There is a difference in *contents, *and the *byte ranges* are wrong. Left paid library, right the code example [image: Inline image 2] The SignatureInterface implementation is the one from CreateSignature.java example. Thanks in advance, Jonathan. On Wed, Oct 19, 2016 at 11:03 AM, Damien Butaye wrote: > Diego, > > One more times, thanks a lot. I just add the following part of your code > and it works! : > > > > > > > > > * //Create Permissions Dictionary COSDictionary permissions = =3D > new COSDictionary(); permissions.setItem("DocMDP", signature); > //Add Permissions to Catalog COSDictionary catalog =3D > document.getDocumentCatalog().getCOSObject(); > catalog.setItem("Perms", permissions);* > > Many Thanks! > Damien. > > 2016-10-19 15:43 GMT+02:00 Diego Azevedo : > > > Ok, I searched for "DocMDP" on ISO 32000 and found this: > > > > * On a 'Signature Field Dictionary', one *could *have a 'Seed Value > > Dictionary' with a 'MDP entry' > > o This entry *shall *have a dictionary with only one entry: 'P' > > and a integer value <0-3>: > > + 0 - Author Signature > > + 1-3 - Same meaning from the P entry on the DocMDP Transform > > Parameters Dictionary > > * A certification Signature *may *be referenced from the DocMDP entry > > in the Permissions Dictionary > > o The signature Dictionary *shall *contain a signature reference > > dictionary with the DocMDP transform method > > o It *should *have a Legal Attestation Dictionary > > o It *shall *be the first signed field in the document > > > > There where a few specific things about these entries and dictionaries, > > but these are the changes that should be made from the beginning: > > > > * Create the Signature Reference Dictionary and add it to the > > signature - OK > > * Create a Permissions Dictionary and add it to Catalog: > > > > //Create Permissions Dictionary > > COSDictionary permissions =3D new COSDictionary(); > > permissions.setItem("DocMDP", signature); > > > > //Add Permissions to Catalog > > COSDictionary catalog =3D > > document.getDocumentCatalog().getCOSObject(); > > catalog.setItem("Perms", permissions); > > > > * Create a Legal Attestation Dictionary and add it to catalog: > > > > //Create Legal Attestation Dictionary (I'd totally leave this > > out on my implementation - Way too much trouble for something > > optional) > > COSDictionary legalAttestation=3D new COSDictionary(); > > > > legalAttestation.setInt("JavaScriptActions", 10);// Means there > > are 10 Javascript actions > > legalAttestation.setInt("LaunchActions", 10);// Means there are > > 10 Launch actions > > [...] > > > > //Add Permissions to Catalog > > COSDictionary catalog =3D > > document.getDocumentCatalog().getCOSObject(); > > catalog.setItem("Legal", legalAttestation); > > > > * Create a Seed Value Dictionary and add it to the Signature Field > > Dictionary > > o The Signature Field Dictionary is manipulated by pdfbox itself > > on document.addSignature. So, if necessary, it would be > > something like this that would be changed in the source code: > > > > //Get the references > > COSArray references =3D (COSArray) > > signature.getCOSObject().getItem("Reference"); > > COSDictionary reference =3D null; > > if( references !=3D null){ > > > > // loop all references, looking for a DocMDP TransformMethod > > for(int i =3D 0; i< references.size(); i++){ > > > > reference =3D (COSDictionary) references.getObject(i); > > if(reference.getNameAsString(" > TransformMethod").equals("Doc > > MDP")){ > > > > // if it is a DocMDP, it shall heve TransformParams > > as a integer > > COSDictionary transform =3D (COSDictionary) > > reference.getItem("TransformParams"); > > int pEntry =3D transform.getInt("P"); > > > > //Add to the SeedValue Dictionary > > PDSeedValue seedValue =3D ?; //How to get the > > SeedValue? Should we create a new one? - Only > > someone from the project could tell you that (along > > with where this code should be placed) > > PDSeedValueMDP mdp =3D new PDSeedValueMDP(); > > mdp.setP(pEntry); > > seedValue.setMPD(mdp); > > > > } > > > > } > > > > } > > > > I only saw your reply now. The document you sent me only did the first > > change (permissions Dictionary). Try it and tell me if it worked > > > > []'s > > > > Diego Azevedo > > > > > > On 19/10/2016 09:25, Diego Azevedo wrote: > > > >> Damien, > >> > >> Can you upload a correctly certified PDF somewhere and share the link? > >> W=C3=AEth the original one, if possible? > >> > >> I'll try to mimic the behavior. > >> > >> []'s > >> > >> Diego Azevedo > >> > >> On 19/10/2016 07:10, Damien Butaye wrote: > >> > >>> In some Java code of different PDF Signatue framework, I saw the use = of > >>> the > >>> "Perms" dictionnary to certify PDF. Do you have any idea if the "Perm= s" > >>> can > >>> help to see the blue ribbon? > >>> > >>> 2016-10-19 10:48 GMT+02:00 Damien Butaye : > >>> > >>> Yes but in my case my certificate has the authorization to certify > >>>> document (the cross is green beside the "Certify Document" in your > >>>> previous > >>>> printscreen). > >>>> I wonder me if another information must be present in the PDF to sho= w > >>>> the > >>>> blue ribbon?! > >>>> > >>>> 2016-10-18 17:40 GMT+02:00 Diego Azevedo : > >>>> > >>>> No, but in my case it would never happen, because my certificate is > >>>>> trusted for signing, but not certifying: > >>>>> > >>>>> Image: http://imgur.com/XYZCB8H > >>>>> > >>>>> []'s > >>>>> > >>>>> Diego Azevedo > >>>>> > >>>>> On 18/10/2016 13:30, Damien Butaye wrote: > >>>>> > >>>>> One last question, have you got the "blue ribbon" on the top the pd= f > >>>>>> when you open it with Acrobat? In my case not, although it is well > >>>>>> certified as shown in the Acrobat Signature Panel. > >>>>>> > >>>>>> > >>>>>> > >>>>>> 2016-10-18 15:58 GMT+02:00 Damien Butaye >>>>>> >: > >>>>>> > >>>>>> Nice! Thank you very much! > >>>>>> > >>>>>> (Btw, it could be nice to integrate in a future release a > method > >>>>>> certify() in the PDSignature object). > >>>>>> > >>>>>> obrigado! > >>>>>> > >>>>>> 2016-10-18 15:42 GMT+02:00 Diego Azevedo >>>>>> >: > >>>>>> > >>>>>> Hello Damien, > >>>>>> > >>>>>> I made a typo: > >>>>>> > >>>>>> dictionary.setItem("Reference", reference_*s*_); // > Add > >>>>>> Array to Signature dictionary > >>>>>> > >>>>>> There is no point in creating the array, add the "SigRef" > >>>>>> dictionary to it... and not use the array on the "Sig" > >>>>>> dictionary. So... just add the 'S' to the variable and > >>>>>> re-run > >>>>>> it. Just tested here, and it worked fine =3D) > >>>>>> > >>>>>> []'s > >>>>>> > >>>>>> > >>>>>> -- *_______________________________________________ > >>>>>> > >>>>>> Diego Azevedo > >>>>>> Developer > >>>>>> E-SEC Seguran=C3=A7a Digital > >>>>>> www.esec.com.br > >>>>>> +55 61 3323-4410 * > >>>>>> > >>>>>> > >>>>>> On 18/10/2016 10:21, Damien Butaye wrote: > >>>>>> > >>>>>> Hello Diego, > >>>>>>> > >>>>>>> Thank you for your help. I just tried your code but it > >>>>>>> seems > >>>>>>> that it doesn't work. The result has nor signature nor > >>>>>>> certify element. I'll try again. > >>>>>>> If you have any idea, don't hesitate ;) > >>>>>>> > >>>>>>> Damien. > >>>>>>> > >>>>>>> 2016-10-18 13:04 GMT+02:00 Diego Azevedo > >>>>>>> >: > >>>>>>> > >>>>>>> > >>>>>>> From what I'm reading on ISO 32000, the certificatio= n > >>>>>>> Signature is a normal signature, but with a DocMDP > >>>>>>> transform method. So the ou should do something like > >>>>>>> this: > >>>>>>> > >>>>>>> PDSignature signature =3D new PDSignature; > >>>>>>> [..] //do your thing > >>>>>>> COSDictinary dictionary =3D > signature.getCOSObject(); > >>>>>>> > >>>>>>> //Create a reference dictionary > >>>>>>> COSDictionary reference =3D new COSDictionary(); > >>>>>>> reference.setItem("Type", > >>>>>>> COSName.getPDFName("SigRef")); > >>>>>>> reference.setItem("TransformMethod", > >>>>>>> COSName.getPDFName("DocMDP")); > >>>>>>> reference.setItem("DigestMethod", > >>>>>>> COSName.getPDFName("SHA1")); //Only MD5 or SHA1.= .. > >>>>>>> Go > >>>>>>> with the least worse > >>>>>>> > >>>>>>> //Now we add DocMDP specific stuff > >>>>>>> COSDictionary transformParameters =3D new > >>>>>>> COSDictionary(); > >>>>>>> transformParameters.setItem("Type", > >>>>>>> COSName.getPDFName("TransformParams")); > >>>>>>> transformParameters.setInteger("P", <1, 2 or 3>)= ; > >>>>>>> // > >>>>>>> 1- no changes permited; 2- fill forms and signin= g; > >>>>>>> 3- > >>>>>>> Same as 2 plus annotation creation, deletion an > >>>>>>> modification. > >>>>>>> transformParameters.setItem("V", > >>>>>>> COSName.getPDFName("1.2")); // This is right, > it's a > >>>>>>> name, not a number. > >>>>>>> > >>>>>>> // Add everything in order > >>>>>>> reference.setItem("TransformParams", > >>>>>>> transformParameters ); // Add DocMDP stuff to th= e > >>>>>>> SigRef Dictionary; > >>>>>>> COSArray references =3D new COSArray(); > >>>>>>> references.add(reference); // Add SigRef > Dictionary > >>>>>>> to a Array > >>>>>>> dictionary.setItem("Reference", reference); // > Add > >>>>>>> Array to Signature dictionary > >>>>>>> > >>>>>>> I didn't try it myself, just wrote based on PdfBox A= PI > >>>>>>> and ISO specification. May have errors. > >>>>>>> > >>>>>>> On 18/10/2016 06:12, Damien Butaye wrote: > >>>>>>> > >>>>>>> Hello Tilman, > >>>>>>>> > >>>>>>>> Here follows two links explaining the difference = : > >>>>>>>> > >>>>>>>> > >>>>>>>> 1.http://www.investintech.com/ > >>>>>>>> resources/articles/certifyingsigningpdf/ > >>>>>>>> >>>>>>>> esources/articles/certifyingsigningpdf/> > >>>>>>>> 2. > >>>>>>>> http://stackoverflow.com/quest > >>>>>>>> ions/16710439/how-to-add-blank-page-in-digitally-signed-pdf- > >>>>>>>> using-java/16711745#16711745 > >>>>>>>> >>>>>>>> tions/16710439/how-to-add-blank-page-in-digitally-signed-pdf > >>>>>>>> -using-java/16711745#16711745>Damien. > >>>>>>>> 2016-10-18 8:49 GMT+02:00 Tilman Hausherr > >>>>>>>> THausherr@t-online.de> > >>>>>>>> : > >>>>>>>> > >>>>>>>> Dear all, > >>>>>>>>> > >>>>>>>>> I'm looking for a solution to certify a PDF. > >>>>>>>>>> Currently I'm able to > >>>>>>>>>> sign a > >>>>>>>>>> PDF using PDFBox but I can't certify it. Is-it > >>>>>>>>>> possible > >>>>>>>>>> to do it with > >>>>>>>>>> PDFBox? > >>>>>>>>>> > >>>>>>>>>> > >>>>>>>>>> Thank you for your help! > >>>>>>>>>> > >>>>>>>>>> What's the difference? (See my other answer from > >>>>>>>>>> today) > >>>>>>>>>> > >>>>>>>>> Tilman > >>>>>>>>> > >>>>>>>>> > >>>>>>>>> > >>>>>>>>> ------------------------------ > >>>>>>>>> --------------------------------------- > >>>>>>>>> To unsubscribe, e-mail:users-unsubscribe@pdfbo > >>>>>>>>> x.apache.org > >>>>>>>>> > >>>>>>>>> For additional commands, > >>>>>>>>> e-mail:users-help@pdfbox.apach > >>>>>>>>> e.org > >>>>>>>>> > >>>>>>>>> > >>>>>>>>> > >>>>>>>>> > >>>>>>>>> > >> > --001a113718acc70d2d053f3c8d78 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
Hi,

=C2=A0I have tried to certify a PDF with the pr= ovided code, but failed. This is the code I'm trying



final PrivateKey privateKey =3D ...
<= div> final Certificate certificate =3D ...



PDDocument doc =3D PDDocument.load(input);
// PDSignature
PDSignature signature =3D new PDSignature()= ;

signature.setFilter(PDSignature.FILTER_ADOBE_PPKLIT= E);
signature.setSubFilter(PDSignature.SUBFILTER_ADBE_PKCS7_DETACHED= );
signature.setReason("The reason");
signature.set= Name("The name");
signature.setSignDate(Calendar.getInstan= ce());

// DocMDP thing

COSDict= ionary dictionary =3D signature.getCOSObject();

//Cr= eate Permissions Dictionary =C2=A0 =C2=A0 =C2=A0=C2=A0
COSDictionary= permissions =3D new COSDictionary(); =C2=A0
permissions.setItem("D= ocMDP", signature);
//Add Permissions to Catalog =C2=A0 =C2=A0= =C2=A0=C2=A0
COSDictionary catalog =3D doc.getDocumentCatalog().getCOSO= bject();
catalog.setItem("Perms", permissions);
<= /span>// Create a reference dictionary
COSDictionary reference =3D n= ew COSDictionary();
reference.setItem("Type", COSName.getP= DFName("SigRef"));
reference.setItem("TransformMethod= ", COSName.getPDFName("DocMDP"));
reference.setItem(&= quot;DigestMethod", COSName.getPDFName("SHA1"));
<= span class=3D"gmail-Apple-tab-span" style=3D"white-space:pre">
// Now we add DocMDP specific stuff
COSDictionary transformParam= eters =3D new COSDictionary();
transformParameters.setItem("Typ= e", COSName.getPDFName("TransformParams"));
transform= Parameters.setInt("P", 2); //=C2=A0

transfo= rmParameters.setItem("V", COSName.getPDFName("1.2"));= =C2=A0


// Add everything in order
reference.setItem("TransformParams", transformParameters);=C2= =A0


COSArray references =3D new COSArr= ay();
references.add(reference); // Add SigRef Dictionary to a Array=

dictionary.setItem("Reference", references= ); // Add Array to Signature
// dictionary


=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 =C2=A0 =C2=A0 // From =C2=A0CreateSignature.java =C2=A0example
<= /span>// register signature dictionary and sign interface
doc.addSig= nature(signature, new SignatureInterface() {
@Override
publ= ic byte[] sign(InputStream content) throws IOException {
try {
= List<Certificate> certList =3D new ArrayList<Certificate>= ;();
certList.add(certificate);
Store certs =3D new Jca= CertStore(certList);
CMSSignedDataGenerator gen =3D new CMSSign= edDataGenerator();
org.bouncycastle.asn1.x509.Certificate cert = =3D org.bouncycastle.asn1.x509.Certificate
.getInstance(ASN1Pri= mitive.fromByteArray(certificate.getEncoded()));
ContentSigner sh= a1Signer =3D new JcaContentSignerBuilder("SHA256WithRSA").build(p= rivateKey);
gen.addSignerInfoGenerator(
new JcaSigner= InfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().build())
= .build(sha1Signer, new X509CertificateHolder(cert)));
<= span class=3D"gmail-Apple-tab-span" style=3D"white-space:pre"> g= en.addCertificates(certs);
CMSProcessableInputStream msg =3D new = CMSProcessableInputStream(content);
CMSSignedData signedData =3D = gen.generate(msg, false);
/*
* if (tsaClient !=3D null= ) { signedData =3D
* signTimeStamps(signedData); }
*/=
= return signedData.getEncoded();
} catch (GeneralSecurit= yException e) {
throw new IOException(e);
} catch (CMS= Exception e) {
throw new IOException(e);
// } catch (TS= PException e) {
// throw new IOException(e);
} catch (Op= eratorCreationException e) {
throw new IOException(e);
= }=
= }
});

//
doc.save(output);

doc.close();


When I open the PDF in Acrobat=C2=A0


=
3D"Inline

I compared a PDF certified= with a paid library and the one generated with my code. There is a differe= nce in =C2=A0contents,=C2=A0and the byte ranges are wrong.=C2= =A0

Left paid library, right the code example
3D"Inline


The Signat= ureInterface implementation is the one from =C2=A0CreateSignature.java =C2= =A0example.


Thanks in advance,
<= br>Jonathan.

On Wed, Oct 19, 2016 at 11:03 AM, Damien Butaye &l= t;damien.butay= e@gmail.com> wrote:
Diego,<= br>
=C2=A0One more times, thanks a lot. I just add the following part of your c= ode
and it works! :








*=C2=A0 =C2=A0 =C2=A0 =C2=A0//Create Permissions Dictionary=C2=A0 =C2=A0 = =C2=A0 =C2=A0COSDictionary permissions =3D
new COSDictionary();=C2=A0 =C2=A0 =C2=A0 =C2=A0permissions= .setItem("DocMDP", signature);
=C2=A0//Add Permissions to Catalog=C2=A0 =C2=A0 =C2=A0 =C2=A0COSDictionary = catalog =3D
=C2=A0document.getDocumentCatalog().getCOSObject();
=C2=A0catalog.setItem("Perms", permissions);*

Many Thanks!
Damien.

2016-10-19 15:43 GMT+02:00 Diego Azevedo <dazevedo@esec.com.br>:

> Ok, I searched for "DocMDP" on ISO 32000 and found this:
>
>=C2=A0 * On a 'Signature Field Dictionary', one *could *have a = 'Seed Value
>=C2=A0 =C2=A0 Dictionary' with a 'MDP entry'
>=C2=A0 =C2=A0 =C2=A0 o This entry *shall *have a dictionary with only o= ne entry: 'P'
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 and a integer value <0-3>:
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 + 0 - Author Signature
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 + 1-3 - Same meaning from the P entr= y on the DocMDP Transform
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 Parameters Dictionary
>=C2=A0 * A certification Signature *may *be referenced from the DocMDP = entry
>=C2=A0 =C2=A0 in the Permissions Dictionary
>=C2=A0 =C2=A0 =C2=A0 o The signature Dictionary *shall *contain a signa= ture reference
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 dictionary with the DocMDP transform method=
>=C2=A0 =C2=A0 =C2=A0 o It *should *have a Legal Attestation Dictionary<= br> >=C2=A0 =C2=A0 =C2=A0 o It *shall *be the first signed field in the docu= ment
>
> There where a few specific things about these entries and dictionaries= ,
> but these are the changes that should be made from the beginning:
>
>=C2=A0 * Create the Signature Reference Dictionary and add it to the >=C2=A0 =C2=A0 signature - OK
>=C2=A0 * Create a Permissions Dictionary and add it to Catalog:
>
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 //Create Permissions Dictionary
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 COSDictionary permissions =3D new COSDictio= nary();
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 permissions.setItem("DocMDP", sig= nature);
>
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 //Add Permissions to Catalog
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 COSDictionary catalog =3D
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 document.getDocumentCatalog().getCOSOb= ject();
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 catalog.setItem("Perms", permissi= ons);
>
>=C2=A0 * Create a Legal Attestation Dictionary and add it to catalog: >
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 //Create Legal Attestation Dictionary (I= 9;d totally leave this
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 out on my implementation - Way too much tro= uble for something
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 optional)
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 COSDictionary legalAttestation=3D new COSDi= ctionary();
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 <All entries are optional, and are like = this:>
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 legalAttestation.setInt("JavaScri= ptActions", 10);// Means there
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 are 10 Javascript actions
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 legalAttestation.setInt("LaunchAc= tions", 10);// Means there are
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 10 Launch actions
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 [...]
>
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 //Add Permissions to Catalog
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 COSDictionary catalog =3D
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 document.getDocumentCatalog().getCOSOb= ject();
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 catalog.setItem("Legal", legalAtt= estation);
>
>=C2=A0 * Create a Seed Value Dictionary and add it to the Signature Fie= ld
>=C2=A0 =C2=A0 Dictionary
>=C2=A0 =C2=A0 =C2=A0 o The Signature Field Dictionary is manipulated by= pdfbox itself
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 on document.addSignature. So, if necessary,= it would be
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 something like this that would be changed i= n the source code:
>
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 //Get the references
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 COSArray references =3D (COSArray)
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 signature.getCOSObject().getItem("= ;Reference");
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 COSDictionary reference =3D null;
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 if( references !=3D null){
>
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 // loop all references, looki= ng for a DocMDP TransformMethod
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 for(int i =3D 0; i< refere= nces.size(); i++){
>
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 reference =3D (= COSDictionary) references.getObject(i);
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 if(reference.ge= tNameAsString("TransformMethod").equals("Doc
> MDP")){
>
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 /= / if it is a DocMDP, it shall heve TransformParams
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 a= s a integer
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 C= OSDictionary transform =3D (COSDictionary)
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 r= eference.getItem("TransformParams");
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 i= nt pEntry =3D transform.getInt("P");
>
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 /= /Add to the SeedValue Dictionary
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 P= DSeedValue seedValue =3D ?; //How to get the
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 S= eedValue? Should we create a new one? - Only
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 s= omeone from the project could tell you that (along
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 w= ith where this code should be placed)
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 P= DSeedValueMDP mdp =3D new PDSeedValueMDP();
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 m= dp.setP(pEntry);
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 s= eedValue.setMPD(mdp);
>
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 }
>
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 }
>
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 }
>
> I only saw your reply now. The document you sent me only did the first=
> change (permissions Dictionary). Try it and tell me if it worked
>
> []'s
>
> Diego Azevedo
>
>
> On 19/10/2016 09:25, Diego Azevedo wrote:
>
>> Damien,
>>
>> Can you upload a correctly certified PDF somewhere and share the l= ink?
>> W=C3=AEth the original one, if possible?
>>
>> I'll try to mimic the behavior.
>>
>> []'s
>>
>> Diego Azevedo
>>
>> On 19/10/2016 07:10, Damien Butaye wrote:
>>
>>> In some Java code of different PDF Signatue framework, I saw t= he use of
>>> the
>>> "Perms" dictionnary to certify PDF. Do you have any = idea if the "Perms"
>>> can
>>> help to see the blue ribbon?
>>>
>>> 2016-10-19 10:48 GMT+02:00 Damien Butaye <damien.butaye@gmail.com>:
>>>
>>> Yes but in my case my certificate has the authorization to cer= tify
>>>> document (the cross is green beside the "Certify Docu= ment" in your
>>>> previous
>>>> printscreen).
>>>> I wonder me if another information must be present in the = PDF to show
>>>> the
>>>> blue ribbon?!
>>>>
>>>> 2016-10-18 17:40 GMT+02:00 Diego Azevedo <dazevedo@esec.com.br>:
>>>>
>>>> No, but in my case it would never happen, because my certi= ficate is
>>>>> trusted for signing, but not certifying:
>>>>>
>>>>> Image: http://imgur.com/XYZCB8H
>>>>>
>>>>> []'s
>>>>>
>>>>> Diego Azevedo
>>>>>
>>>>> On 18/10/2016 13:30, Damien Butaye wrote:
>>>>>
>>>>> One last question, have you got the "blue ribbon&= quot; on the top the pdf
>>>>>> when you open it with Acrobat? In my case not, alt= hough it is well
>>>>>> certified as shown in the Acrobat Signature Panel.=
>>>>>>
>>>>>>
>>>>>>
>>>>>> 2016-10-18 15:58 GMT+02:00 Damien Butaye <damien.butaye@gmail.com
>>>>>> <mailto:damien.butaye@gmail.com>>:
>>>>>>
>>>>>>=C2=A0 =C2=A0 =C2=A0 Nice! Thank you very much!
>>>>>>
>>>>>>=C2=A0 =C2=A0 =C2=A0 (Btw, it could be nice to inte= grate=C2=A0 in a future release a method
>>>>>>=C2=A0 =C2=A0 =C2=A0 certify() in the PDSignature o= bject).
>>>>>>
>>>>>>=C2=A0 =C2=A0 =C2=A0 obrigado!
>>>>>>
>>>>>>=C2=A0 =C2=A0 =C2=A0 2016-10-18 15:42 GMT+02:00 Die= go Azevedo <dazevedo@esec.com.br=
>>>>>>=C2=A0 =C2=A0 =C2=A0 <mailto:dazevedo@esec.com.br>>:
>>>>>>
>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 Hello Damien, >>>>>>
>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 I made a typo: >>>>>>
>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 di= ctionary.setItem("Reference", reference_*s*_); // Add
>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 Ar= ray to Signature dictionary
>>>>>>
>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 There is no poin= t in creating the array, add the "SigRef"
>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 dictionary to it= ... and not use the array on the "Sig"
>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 dictionary.=C2= =A0 So... just add the 'S' to the variable and
>>>>>> re-run
>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 it. Just tested = here, and it worked fine =3D)
>>>>>>
>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 []'s
>>>>>>
>>>>>>
>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 -- *____________= ___________________________________
>>>>>>
>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 Diego Azevedo >>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 Developer
>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 E-SEC Seguran=C3= =A7a Digital
>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 www.esec.com.br= <http://www.esec.com.br>
>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 +55 61 3323-4410= <tel:%2B55%2061%203323-4410>*
>>>>>>
>>>>>>
>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 On 18/10/2016 10= :21, Damien Butaye wrote:
>>>>>>
>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 Hello Diego,
>>>>>>>
>>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0Thank = you for your help. I just tried your code but it
>>>>>>> seems
>>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 that it does= n't work. The result has nor signature nor
>>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 certify elem= ent. I'll try again.
>>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 If you have = any idea, don't hesitate ;)
>>>>>>>
>>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 Damien.
>>>>>>>
>>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 2016-10-18 1= 3:04 GMT+02:00 Diego Azevedo
>>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 <dazevedo@esec.com.br <mailto:dazevedo@esec.com.br>>: >>>>>>>
>>>>>>>
>>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 From what I'm reading on ISO 32000, the certification
>>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 Signature is a normal signature, but with a DocMDP
>>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 transform method. So the ou should do something like
>>>>>>> this:
>>>>>>>
>>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 =C2=A0 PDSignature signature =3D new PDSignature;
>>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 =C2=A0 [..] //do your thing
>>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 =C2=A0 COSDictinary dictionary =3D signature.getCOSObject();
>>>>>>>
>>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 =C2=A0 //Create a reference dictionary
>>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 =C2=A0 COSDictionary reference =3D new COSDictionary();
>>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 =C2=A0 reference.setItem("Type",
>>>>>>> COSName.getPDFName("SigRef"));
>>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 =C2=A0 reference.setItem("TransformMethod",
>>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 =C2=A0 COSName.getPDFName("DocMDP"));
>>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 =C2=A0 reference.setItem("DigestMethod",
>>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 =C2=A0 COSName.getPDFName("SHA1")); //Only MD5 or SHA1= ...
>>>>>>> Go
>>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 =C2=A0 with the least worse
>>>>>>>
>>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 =C2=A0 //Now we add DocMDP specific stuff
>>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 =C2=A0 COSDictionary transformParameters =3D new
>>>>>>> COSDictionary();
>>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 =C2=A0 transformParameters.setItem("Type",
>>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 =C2=A0 COSName.getPDFName("TransformParams")); >>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 =C2=A0 transformParameters.setInteger("P", <1,= 2 or 3>);
>>>>>>> //
>>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 =C2=A0 1- no changes permited; 2- fill forms and signing;
>>>>>>> 3-
>>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 =C2=A0 Same as 2 plus annotation creation, deletion an
>>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 =C2=A0 modification.
>>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 =C2=A0 transformParameters.setItem("V",
>>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 =C2=A0 COSName.getPDFName("1.2")); // This is right, i= t's a
>>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 =C2=A0 name, not a number.
>>>>>>>
>>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 =C2=A0 // Add everything in order
>>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 =C2=A0 reference.setItem("TransformParams",
>>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 =C2=A0 transformParameters ); // Add DocMDP stuff to the
>>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 =C2=A0 SigRef Dictionary;
>>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 =C2=A0 COSArray references =3D new COSArray();
>>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 =C2=A0 references.add(reference); // Add SigRef Dictionary
>>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 =C2=A0 to a Array
>>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 =C2=A0 dictionary.setItem("Reference", reference)= ; // Add
>>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 =C2=A0 Array to Signature dictionary
>>>>>>>
>>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 I didn't try it myself, just wrote based on PdfBox API
>>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 and ISO specification. May have errors.
>>>>>>>
>>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 On 18/10/2016 06:12, Damien Butaye wrote:
>>>>>>>
>>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 Hello Tilman,
>>>>>>>>
>>>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 = =C2=A0 =C2=A0 Here follows two links explaining the difference :
>>>>>>>>
>>>>>>>>
>>>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 = =C2=A0 =C2=A0 =C2=A0 1.http://www.investintech.com/
>>>>>>>> resources/articles/certifyingsigningp= df/
>>>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 = =C2=A0 <http://www.investintech.com/r
>>>>>>>> esources/articles/certifyingsigningpd= f/>
>>>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 = =C2=A0 =C2=A0 =C2=A0 2.
>>>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 = =C2=A0 =C2=A0 =C2=A0 http://stackoverflow.com/quest
>>>>>>>> ions/16710439/how-to-add-blank-page-i= n-digitally-signed-pdf-
>>>>>>>> using-java/16711745#16711745
>>>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 = =C2=A0 <http://stackoverflow.com/ques
>>>>>>>> tions/16710439/how-to-add-blank-page-= in-digitally-signed-pdf
>>>>>>>> -using-java/16711745#16711745>Dami= en.
>>>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 = =C2=A0 2016-10-18 8:49 GMT+02:00 Tilman Hausherr
>>>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 = =C2=A0 <THausherr@t-online.de> <mailto:THausherr@t-onli= ne.de>
>>>>>>>> :
>>>>>>>>
>>>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 = =C2=A0 Dear all,
>>>>>>>>>
>>>>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 =C2=A0 =C2=A0 I'm looking for a solution to certify a PDF. >>>>>>>>>> Currently I'm able to
>>>>>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 = =C2=A0 =C2=A0 sign a
>>>>>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 = =C2=A0 =C2=A0 PDF using PDFBox but I can't certify it. Is-it
>>>>>>>>>> possible
>>>>>>>>>> to do it with
>>>>>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 = =C2=A0 =C2=A0 PDFBox?
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 = =C2=A0 =C2=A0 Thank you for your help!
>>>>>>>>>>
>>>>>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 = =C2=A0 =C2=A0 What's the difference? (See my other answer from
>>>>>>>>>> today)
>>>>>>>>>>
>>>>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 Tilman
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 ------------------------------
>>>>>>>>> ---------------------------------= ------
>>>>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 To unsubscribe, e-mail:users-unsubscribe@pdfbo
>>>>>>>>> x.apache.org
>>>>>>>>> <mailto:users-unsubscribe@pdfbox.apache.org>= ;
>>>>>>>>>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 For additional commands,
>>>>>>>>> e-mail:users-help@pdfbox.apach
>>>>>>>>> e.org
>>>>>>>>> <mailto:users-help@pdfbox.apache.org>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>

--001a113718acc70d2d053f3c8d78-- --001a113718acc70d31053f3c8d79--