Return-Path: X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by cust-asf2.ponee.io (Postfix) with ESMTP id 9FB52200BA6 for ; Tue, 18 Oct 2016 14:21:27 +0200 (CEST) Received: by cust-asf.ponee.io (Postfix) id 9CA50160ADC; Tue, 18 Oct 2016 12:21:27 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id 67FD5160ACC for ; Tue, 18 Oct 2016 14:21:26 +0200 (CEST) Received: (qmail 51582 invoked by uid 500); 18 Oct 2016 12:21:20 -0000 Mailing-List: contact users-help@pdfbox.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: users@pdfbox.apache.org Delivered-To: mailing list users@pdfbox.apache.org Received: (qmail 51569 invoked by uid 99); 18 Oct 2016 12:21:19 -0000 Received: from pnap-us-west-generic-nat.apache.org (HELO spamd3-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 18 Oct 2016 12:21:19 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd3-us-west.apache.org (ASF Mail Server at spamd3-us-west.apache.org) with ESMTP id 49C33180672 for ; Tue, 18 Oct 2016 12:21:19 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd3-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: 2.398 X-Spam-Level: ** X-Spam-Status: No, score=2.398 tagged_above=-999 required=6.31 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=2, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_SORBS_SPAM=0.5, SPF_PASS=-0.001] autolearn=disabled Authentication-Results: spamd3-us-west.apache.org (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mx1-lw-eu.apache.org ([10.40.0.8]) by localhost (spamd3-us-west.apache.org [10.40.0.10]) (amavisd-new, port 10024) with ESMTP id QMv0MSUTHk3k for ; Tue, 18 Oct 2016 12:21:15 +0000 (UTC) Received: from mail-io0-f179.google.com (mail-io0-f179.google.com [209.85.223.179]) by mx1-lw-eu.apache.org (ASF Mail Server at mx1-lw-eu.apache.org) with ESMTPS id 8D8AF5FB16 for ; Tue, 18 Oct 2016 12:21:14 +0000 (UTC) Received: by mail-io0-f179.google.com with SMTP id q192so219891960iod.0 for ; Tue, 18 Oct 2016 05:21:14 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to; bh=JcOGOXu6BRm8FcwaINEE7t7BEUXtcOAA8jwJB3hkwf0=; b=qyXiwr6MSInaCYsXoNYLCXSoOCmQehP48TtdWmSk63KPmmBeu0VqZMNkys/poMiXH3 SNWoMkk2X2uyVMnzfxd0PJMeySJl/NOoefAaa8QLkzWNXMUQ5Egw+zd0JbLJsndYBP0y WcOdeESUtxWAo+bjlVehZdxSZ1bypXSwW3SQ4S1bQc1xglLplxi+0QsTRxBLJUckHZwA brc6Yg6fOYNjVGGj3cMnqjPMg1Ektmst1A7kokZyqcf63odE+jrut1Z4kjg4aW/BGueO lrk5UwaWd3C8lsK2zVoEHFkaH96JduglHV6DMYvc+/XHnObQwbkpCoH/425NtPSSeaYG K+Hg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to; bh=JcOGOXu6BRm8FcwaINEE7t7BEUXtcOAA8jwJB3hkwf0=; b=AEOWoMD9tcaDNz76uIPETkiZ0gy6cZ8u/B6nojGlk4vv7i4WuRORImvkQtX6pj7Lrr hrQq8ZVMqB8AgZcdX5/aPqfrS6Ru4kODvhRPdSmEy1tmh8jjNVtQIHWfqQ62VQGWcuUZ kaRAbudo3xvJcltWsuB3xlqh0949pdsaskY9ynmXKrD0EHHI4CT8j1AAjClBLG1ViDsu XrE19RC8BjKFQ3m75sceMY7FjVM6O2SE8f6Zk7t4ZJziF/yfkAHAHl+tQPiIzo+q9god a2ePi8/En/Aa+SyErfFcMPLW/GbK5uH9yj7BlLEdEdbrORwNtGEqor3/hJ6zWuhS9a7y ZLgw== X-Gm-Message-State: AA6/9RleKc0fkhmSuVkg2VF3hCtgbnXYdqtgW7KtdIfCEoIu8F2dwPjFiGu8nvI9ga3HKrzW5k/DxMuEmJ4aZQ== X-Received: by 10.107.201.17 with SMTP id z17mr734247iof.156.1476793273358; Tue, 18 Oct 2016 05:21:13 -0700 (PDT) MIME-Version: 1.0 Received: by 10.64.66.227 with HTTP; Tue, 18 Oct 2016 05:21:12 -0700 (PDT) In-Reply-To: <08ade23c-d67d-ae4e-1c91-02519beb3cfe@esec.com.br> References: <90e7b2bc-f31a-5b43-2a07-499a57693744@t-online.de> <08ade23c-d67d-ae4e-1c91-02519beb3cfe@esec.com.br> From: Damien Butaye Date: Tue, 18 Oct 2016 14:21:12 +0200 Message-ID: Subject: Re: How to certify a PDF To: users@pdfbox.apache.org Content-Type: multipart/related; boundary=94eb2c0c118477542c053f22ba21 archived-at: Tue, 18 Oct 2016 12:21:27 -0000 --94eb2c0c118477542c053f22ba21 Content-Type: multipart/alternative; boundary=94eb2c0c118477542a053f22ba20 --94eb2c0c118477542a053f22ba20 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Hello Diego, Thank you for your help. I just tried your code but it seems that it doesn't work. The result has nor signature nor certify element. I'll try again. If you have any idea, don't hesitate ;) Damien. 2016-10-18 13:04 GMT+02:00 Diego Azevedo : > From what I'm reading on ISO 32000, the certification Signature is a > normal signature, but with a DocMDP transform method. So the ou should do > something like this: > > PDSignature signature =3D new PDSignature; > [..] //do your thing > COSDictinary dictionary =3D signature.getCOSObject(); > > //Create a reference dictionary > COSDictionary reference =3D new COSDictionary(); > reference.setItem("Type", COSName.getPDFName("SigRef")); > reference.setItem("TransformMethod", COSName.getPDFName("DocMDP")); > reference.setItem("DigestMethod", COSName.getPDFName("SHA1")); //Only MD5 > or SHA1... Go with the least worse > > //Now we add DocMDP specific stuff > COSDictionary transformParameters =3D new COSDictionary(); > transformParameters.setItem("Type", COSName.getPDFName(" > TransformParams")); > transformParameters.setInteger("P", <1, 2 or 3>); // 1- no changes > permited; 2- fill forms and signing; 3- Same as 2 plus annotation creatio= n, > deletion an modification. > transformParameters.setItem("V", COSName.getPDFName("1.2")); // This is > right, it's a name, not a number. > > // Add everything in order > reference.setItem("TransformParams", transformParameters ); // Add DocMDP > stuff to the SigRef Dictionary; > COSArray references =3D new COSArray(); > references.add(reference); // Add SigRef Dictionary to a Array > dictionary.setItem("Reference", reference); // Add Array to Signature > dictionary > > I didn't try it myself, just wrote based on PdfBox API and ISO > specification. May have errors. > On 18/10/2016 06:12, Damien Butaye wrote: > > Hello Tilman, > > Here follows two links explaining the difference : > > > 1. http://www.investintech.com/resources/articles/certifyingsigningpdf= / > 2. > http://stackoverflow.com/questions/16710439/how-to-add-blank-page-in-d= igitally-signed-pdf-using-java/16711745#16711745 > > Damien. > > 2016-10-18 8:49 GMT+02:00 Tilman Hausherr : > > > Dear all, > > > I'm looking for a solution to certify a PDF. Currently I'm able to > sign a > PDF using PDFBox but I can't certify it. Is-it possible to do it with > PDFBox? > > > Thank you for your help! > > > > What's the difference? (See my other answer from today) > > Tilman > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscribe@pdfbox.apache.org > For additional commands, e-mail: users-help@pdfbox.apache.org > > > -- > > > > > > > *_______________________________________________ Diego Azevedo > Desenvolvedor E-SEC Seguran=C3=A7a Digital www.esec.com.br > 61 3323-4410* > > > Os dados transmitidos, incluindo quaisquer anexos, s=C3=A3o destinados ap= enas > para a pessoa ou entidade ao qual est=C3=A1 endere=C3=A7ada e pode conter= material > confidencial e/ou privilegiado. =C3=89 proibida qualquer revis=C3=A3o, re= transmiss=C3=A3o, > dissemina=C3=A7=C3=A3o ou outro uso desta informa=C3=A7=C3=A3o, ou a toma= da de qualquer a=C3=A7=C3=A3o > com base na confian=C3=A7a, por pessoas ou empresas que n=C3=A3o o destin= at=C3=A1rio, e > qualquer responsabilidade da=C3=AD decorrente =C3=A9 negada. Se voc=C3=AA= recebeu por > engano, favor contatar o remetente e apague o material de qualquer > computador > > The information transmitted, including any attachments, is intended only > for the person or entity to which it is addressed and may contain > confidential and/or privileged material. Any review, retransmission, > dissemination or other use of, or taking of any action in reliance upon, > this information by persons or entities other than the intended recipient > is prohibited, and all liability arising therefrom is disclaimed. If you > received this in error, please contact the sender and delete the material > from any computer > > --94eb2c0c118477542a053f22ba20 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
Hello Diego,

=C2=A0Thank you for your h= elp. I just tried your code but it seems that it doesn't work. The resu= lt has nor signature nor certify element. I'll try again.=C2=A0
If you have any idea, don't hesitate ;)

Dam= ien.

2= 016-10-18 13:04 GMT+02:00 Diego Azevedo <dazevedo@esec.com.br>:
=20 =20 =20

From what I'm reading on ISO 32000, the certification Signature is a normal signature, but with a DocMDP transform method. So the ou should do something like this:

PDSignature signature =3D new PDSignature;
[..] //do your thing
COSDictinary dictionary =3D signature.getCOSObject();

//Create a reference dictionary
COSDictionary reference =3D new COSDictionary();
reference.setItem("Type", COSName.getPDFName("SigRef= "));
reference.setItem("TransformMethod", COSName.getPDFName("DocMDP"));
reference.setItem("DigestMethod", COSName.getPDFName= ("SHA1")); //Only MD5 or SHA1... Go with the least worse

//Now we add DocMDP specific stuff
COSDictionary transformParameters =3D new COSDictionary();
transformParameters.setItem("Type", COSName.getPDFName("TransformParams"));
transformParameters.setInteger("P", <1, 2 or 3>= ;); // 1- no changes permited; 2- fill forms and signing; 3- Same as 2 plus annotation creation, deletion an modification.
transformParameters.setItem("V", COSName.getPDFName(= "1.2")); // This is right, it's a name, not a number.

// Add everything in order
reference.setItem("TransformParams", transformParame= ters ); // Add DocMDP stuff to the SigRef Dictionary;
COSArray references =3D new COSArray();
references.add(reference); // Add SigRef Dictionary to a Array
dictionary.setItem("Reference", reference); // Add A= rray to Signature dictionary

I didn't try it myself, just wrote based on PdfBox API and ISO specification. May have errors.

On 18/10/2016 06:12= , Damien Butaye wrote:
Hello Tilman,

 Here follows two links explaining the difference :


   1. http://www.investintech.com/resources/articles/certifying=
signingpdf/
   2.
   http://stackoverflow=
.com/questions/16710439/how-to-add-blank-page-in-digitally-s=
igned-pdf-using-java/16711745#16711745

Damien.

2016-10-18 8:49 GMT+02:00 Tilman Hausherr <THausherr@t-online.de>:


Dear all,

   I'm looking for a solution to certify a PDF. Currently I'm able =
to
sign a
PDF using PDFBox but I can't certify it. Is-it possible to do it with
PDFBox?


Thank you for your help!


What's the difference? (See my other answer from today)

Tilman



-----------------------------------------------------------------=
----
To unsubscribe, e-mail: users-unsubscribe@pdfbox.apache.org
For additional commands, e-mail: users-help@pdfbox.apache.org




    

    

    
-- 

     =20
      _______________________________________________

          

          3D""Diego Azevedo

          Desenvolvedor

          E-SEC Seguran=C3=A7a Digital

          www.esec.com=
.br

          61 3323-4410 

      

      

      Os dados transmitidos, incluindo quaisquer
            anexos, s=C3=A3o destinados apenas para a pessoa ou entidade ao
            qual est=C3=A1 endere=C3=A7ada e pode conter material confidenc=
ial
            e/ou privilegiado. =C3=89 proibida qualquer revis=C3=A3o,
            retransmiss=C3=A3o, dissemina=C3=A7=C3=A3o ou outro uso desta i=
nforma=C3=A7=C3=A3o,
            ou a tomada de qualquer a=C3=A7=C3=A3o com base na confian=C3=
=A7a, por
            pessoas ou empresas que n=C3=A3o o destinat=C3=A1rio, e qualque=
r
            responsabilidade da=C3=AD decorrente =C3=A9 negada. Se voc=C3=
=AA recebeu
            por engano, favor contatar o remetente e apague o material
            de qualquer computador

            

            The information transmitted, including any attachments, is
            intended only for the person or entity to which it is
            addressed and may contain confidential and/or privileged
            material. Any review, retransmission, dissemination or other
            use of, or taking of any action in reliance upon, this
            information by persons or entities other than the intended
            recipient is prohibited, and all liability arising therefrom
            is disclaimed. If you received this in error, please contact
            the sender and delete the material from any computer

      

    

  






--94eb2c0c118477542a053f22ba20--

--94eb2c0c118477542c053f22ba21--