Thus, the issue is processed with an eye on the actual outputs of the example project. But this is not the issue of the OP's example project. I've applied the solution provided by MKL to the sample project on github.Īs a second note, It is also possible to use PdfSigner but in this case, the bookmarks of the original document must be removed.Īs already mentioned in a comment, the example document "InvalidDocumentSignedTwice.pdf" has the signature not applied in an incremental update, so here it is obvious that former signatures will break. It also contains the document which cannot be signed twice (test.pdf) I also did update iText to version 7.2 but with the same result. I've created a working sample project which uses a local certificate for signing. PdfSigner.SignDeferred(docToSign, SignatureAttributeName, outStream, extSigContainer) Using (MemoryStream outStream = new MemoryStream()) Using (PdfDocument docToSign = new PdfDocument(pdfReader)) Using (var pdfReader = new PdfReader(preparedPdfStream)) Using (MemoryStream preparedPdfStream = new MemoryStream(tmpPdf)) ReadySignatureSigner extSigContainer = new ReadySignatureSigner(signature) Step #3 > Apply the signature to the document Signature = CreatePKCS7SignatureViaX509Certificate(hash) Signature = CreatePKCS7SignatureViaPKCS11(hash, pin) This is the part which accesses the HSM via PCKS11 Step #2 > Create the signature based on the document hash Signer.SignExternalContainer(external, EstimateSize) Signer.SetFieldName(SignatureAttributeName) ĭigestCalcBlankSigner external = new DigestCalcBlankSigner(PdfName.Adobe_PPKLite, PdfName.Adbe_pkcs7_detached) SignatureAttributeName = $"SignatureAttributeName_" Throw new Exception("Unable to set provided signature image", ex) PdfSignatureAppearance appearance = signer.GetSignatureAppearance() īase.SetPdfSignatureAppearance(appearance, visualRepresentation) Signer.SetCertificationLevel(PdfSigner.NOT_CERTIFIED) Has to be NOT_CERTIFIED since otherwiese a pdf cannot be signed multiple times Var signer = new PdfSigner(reader, baos, sp) Using (MemoryStream baos = new MemoryStream()) StampingProperties sp = new StampingProperties() Using (var reader = new PdfReader(input)) Using (MemoryStream input = new MemoryStream(pdfToSign)) Unsigned Pdf document on which the first signature becomes invalid:Ĭode used for signing //Step #1 > prepare pdf for signing (Allocate space for the signature and calculate hash) Question: What can i do in order to keep both signatures valid in the Acrobat Reader? I've found a similar issue on stackoverflow ( multiple signatures invalidate first signature in iTextSharp pdf signing), but it was using iText 5 and i'm not sure it is the same problem. The signatures of the same document are shown as valid in foxit reader. If the pdf was created by combining multiple pdf documents with adobe DC, the first signature is valid but becomes invalid as soon as the seconds signature is applied.ĭocument in Adobe reader after the first signature is applied:ĭocument in Adobe reader after the second signature is applied: created via word, i can apply multiple signatures and all signatures are shown as valid in the adobe acrobat reader. SignDeferred is required since the signature is created PKCS11 hardware token (usb key). I'm using iText 7.1.15 and SignDeferred to apply signatures to pdf documents.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |