Hello,
I got a VB.NET script which makes a PDF document signed. It means - insert a signature and a timestamp. But the final document is not verified and it shows that the signature is not valid: "this document has been altered or corrupted"
Here is the code:
certificateData = podepsat(8)
Dim bytes as Byte()
If String.IsNullOrEmpty(podepsat(2)) Then
bytes = certificateData.Export(X509ContentType.Pfx)
Else
bytes = certificateData.Export(X509ContentType.Pfx, podepsat(2))
End If
processCert(bytes, podepsat(2))
Dim tsc As ITSAClient = New TSAClientBouncyCastle(podepsat(9), podepsat(10), podepsat(11))
Dim reader As New PdfReader(fileName)
fileName = "signed-" & fileName
Dim fout As New FileStream(fileName, FileMode.Create, FileAccess.Write)
Dim stp As PdfStamper = PdfStamper.CreateSignature(reader, fout, "\0", Nothing, False)
Dim sap As PdfSignatureAppearance = stp.SignatureAppearance
sap.SetCrypto(Nothing, chain, Nothing, PdfSignatureAppearance.SELF_SIGNED)
sap.Reason = podepsat(3)
sap.Contact = podepsat(4)
sap.Location = podepsat(5)
sap.SignDate = podepsat(6)
sap.SetVisibleSignature(New iTextSharp.text.Rectangle(100, 100, 300, 200), 1, "Signature")
Dim dic As New PdfSignature(PdfName.ADOBE_PPKLITE, New PdfName("adbe.pkcs7.detached"))
dic.Reason = sap.Reason
dic.Location = sap.Location
dic.Contact = sap.Contact
dic.Date = New PdfDate(sap.SignDate)
sap.CryptoDictionary = dic
Dim contentEstimated As Integer = 15000
Dim exc As New Dictionary(Of PdfName, Integer)
exc(PdfName.CONTENTS) = contentEstimated * 2 + 2
sap.PreClose(exc)
Dim sgn As New PdfPKCS7(akp, chain, Nothing, "SHA1", False)
Dim messageDigest As IDigest = DigestUtilities.GetDigest("SHA1")
Dim data As Stream = sap.GetRangeStream()
Dim buf As Byte() = New Byte(8191) {}
Dim n As Integer
While (n = data.Read(buf, 0, buf.Length)) > 0
messageDigest.BlockUpdate(buf, 0, n)
End While
Dim hash As Byte() = New Byte(messageDigest.GetDigestSize() - 1) {}
messageDigest.DoFinal(hash, 0)
Dim cal As DateTime = DateTime.Now
Dim ocsp As Byte() = Nothing
If chain.Length >= 2 Then
Dim url As [String] = PdfPKCS7.GetOCSPURL(chain(0))
If url IsNot Nothing AndAlso url.Length > 0 Then
ocsp = New OcspClientBouncyCastle().GetEncoded(chain(0), chain(1), url)
End If
End If
Dim sh As Byte() = sgn.GetAuthenticatedAttributeBytes(hash, cal, ocsp)
sgn.Update(sh, 0, sh.Length)
Dim encodedSig As Byte() = sgn.GetEncodedPKCS7(hash, cal, tsc, ocsp)
If contentEstimated + 2 < encodedSig.Length Then
Throw New Exception("Not enough space")
End If
Dim paddedSig As Byte() = New Byte(contentEstimated - 1) {}
System.Array.Copy(encodedSig, 0, paddedSig, 0, encodedSig.Length)
Dim dic2 As New PdfDictionary()
dic2.Put(PdfName.CONTENTS, New PdfString(paddedSig).SetHexWriting(True))
sap.Close(dic2)
Can you help me, please, where is the problem?
processCert fill the akp and chain which are defined up in the code.
certificateData is also declared up.
I can`t find the problem.. Help me solve it, please.
Thank you for your help!