Signing PDF with itextsharp and CSP

Sep 14 2009 9:45 AM
Hi, i am new in this forum... i am a java programmer trying to do something with c# .net, in this case i am trying to sign multiple pdf files using iTextSharp. This is the code:
 
  1. public void sign()  
  2. {  
  3.     Org.BouncyCastle.X509.X509CertificateParser cp = new Org.BouncyCastle.X509.X509CertificateParser();  
  4.     Org.BouncyCastle.X509.X509Certificate[] chain = new Org.BouncyCastle.X509.X509Certificate[] { cp.ReadCertificate(this.getCertificate().RawData) };  
  5.     bool bHasPrivateKey;  
  6.     bHasPrivateKey = this.getCertificate().HasPrivateKey;  
  7.   
  8.     if (!bHasPrivateKey)  
  9.     {  
  10.     MessageBox.Show("El certificado seleccionado no es válido para firmar digitalmente.");  
  11.     return;  
  12.     }  
  13.       
  14.     PdfReader reader = new PdfReader(this.getOriginalFileName());  
  15.     FileStream signedFileStream = new FileStream(this.getSignedFileName(), FileMode.Create);  
  16.     PdfStamper stp = PdfStamper.CreateSignature(reader, signedFileStream, '\0', null, true);  
  17.     sap = stp.SignatureAppearance;  
  18.     appearanceHandler.setAppearanceStyleTo(sap, appearanceStyle, new System.Drawing.Rectangle(100, 100, 200, 300));  
  19.     sap.SetCrypto(null, chain, null, null);  
  20.     sap.Location = PdfPKCS7.GetSubjectFields(chain[0]).GetField("L");  
  21.     sap.Contact = this.contactInfo;  
  22.     sap.Reason = this.getReason();  
  23.     sap.Acro6Layers = true;  
  24.     PdfSignature dic = new PdfSignature(PdfName.ADOBE_PPKMS, PdfName.ADBE_PKCS7_SHA1);  
  25.     dic.Date = new PdfDate(sap.SignDate);  
  26.     dic.Name = PdfPKCS7.GetSubjectFields(chain[0]).GetField("CN");  
  27.   
  28.     if (sap.Reason != null)  
  29.     dic.Reason = sap.Reason;  
  30.     if (appearanceHandler.showLocation)  
  31.     dic.Location = sap.Location;  
  32.     if (appearanceHandler.showContact)  
  33.     dic.Contact = sap.Contact;  
  34.     sap.CryptoDictionary = dic;  
  35.     int csize = 15000;  
  36.     Hashtable exc = new Hashtable();  
  37.     exc[PdfName.CONTENTS] = csize * 2 + 2;  
  38.     sap.PreClose(exc);  
  39.       
  40.     try  
  41.     {  
  42.         RSACryptoServiceProvider rsa = (RSACryptoServiceProvider) this.certificate.PrivateKey;  
  43.         SHA1Managed sha = new SHA1Managed();  
  44.         byte[] hashedData = sha.ComputeHash(sap.RangeStream);  
  45.         byte[] sig = rsa.SignHash(hashedData, CryptoConfig.MapNameToOID("SHA1"));  
  46.         bool verified = rsa.VerifyHash(hashedData, "SHA1", sig);  
  47.         MessageBox.Show("Verified: " + verified);  
  48.         byte[] outc = new byte[csize];  
  49.         PdfDictionary dic2 = new PdfDictionary();  
  50.         Array.Copy(sig, 0, outc, 0, sig.Length);  
  51.         dic2.Put(PdfName.CONTENTS, new PdfString(outc).SetHexWriting(true));  
  52.         sap.Close(dic2);  
  53.         signedFileStream.Close();  
  54.     }  
  55.     catch (CryptographicException ce)  
  56.     {  
  57.         MessageBox.Show(ce.Message);  
  58.     }  
  59. }  

I iterate the sign method one time for each pdf file.

I use a private CSP instead the Microsoft Base CSP, because i need to do a massive signature  of files, when i tried to do that with the Microsoft CSP, the application hangs and throws a Cryptographic Exception, the only way that i found to get it works, was to use the CSP provided by the token manufacturer.

When i used the Microsoft CSP with CMSSigner, everything, except the massive signature, went well... when i signed a single pdf file, the signature was verified correct by adobe reader. But now with this code, using the Safenet CSP,the massive signature work fine but all signatures are verified wrong... the message that acrobat reader throws is: "Error decoding BER:".
I do not know what can i do for solve this. Any Ideas on what could be happen?,

Thanks in advance,

Juan Manuel Diaz


Answers (7)