Ejemplo n.º 1
        public void Sign(string SigReason, string SigContact, string SigLocation, bool visible)
            PdfReader reader = new PdfReader(this.inputPDF);
            //Activate MultiSignatures
            PdfStamper st = PdfStamper.CreateSignature(reader, new FileStream(this.outputPDF, FileMode.Create, FileAccess.Write), '\0', null, true);

            //To disable Multi signatures uncomment this line : every new signature will invalidate older ones !
            //PdfStamper st = PdfStamper.CreateSignature(reader, new FileStream(this.outputPDF, FileMode.Create, FileAccess.Write), '\0');

            st.MoreInfo = this.metadata.getMetaData();

            st.XmpMetadata = this.metadata.getStreamedMetaData();
            PdfSignatureAppearance sap = st.SignatureAppearance;

            sap.SetCrypto(this.myCert.Akp, this.myCert.Chain, null, PdfSignatureAppearance.SELF_SIGNED);
            sap.Reason   = SigReason;
            sap.Contact  = SigContact;
            sap.Location = SigLocation;
            //parametros del itextsharp.text.rectangle: el primero es el punto x infreior, el segundo el punto y inferior,
            //el tercero el punto x superior y el cuarto el punto x superior con lo que tenemos definido la ubicación, el alto y el ancho.
            if (visible)
                sap.SetVisibleSignature(new iTextSharp.text.Rectangle(25, 25, 150, 75), 1, null);

Ejemplo n.º 2
        /// <summary>
        /// Sign (fill) named field in the document soft way (using existing stamper)
        /// </summary>
        /// <param name="stamper">PdfStamper</param>
        /// <param name="fieldName">Field to be signed</param>
        /// <param name="reason">Sign reason</param>
        /// <param name="location">Sign location</param>
        /// <param name="graphics">Sign graphic</param>
        /// <param name="certFile">PFX certificate</param>
        /// <param name="certPassword">password of certificate</param>
        /// <param name="renderingMode">SignatureRender renderingMode</param>
        /// <param name="certificationLevel">PdfSignatureAppearance Certification Level</param>
        /// <returns>Successfull or not</returns>
        public static bool SignField(ref PdfStamper stamper,
                                     string fieldName,
                                     string reason,
                                     string location,
                                     Bitmap graphics,
                                     string certFile,
                                     string certPassword,
                                     PdfSignatureAppearance.SignatureRender renderingMode = PdfSignatureAppearance.SignatureRender.GraphicAndDescription,
                                     int certificationLevel = PdfSignatureAppearance.CERTIFIED_NO_CHANGES_ALLOWED)
            bool result = false;

                if (stamper.Reader.AcroFields.Fields.ContainsKey(fieldName))
                    PdfSignatureAppearance psa = GetPSA(fieldName, stamper, graphics, reason, location, renderingMode, certificationLevel);

                    Pkcs12Store store = new Pkcs12Store(new FileStream(certFile, FileMode.Open), certPassword.ToCharArray());
                    string      alias = "";
                    ICollection <X509Certificate> chain = new List <X509Certificate>();

                    foreach (string al in store.Aliases)
                        if (store.IsKeyEntry(al) && store.GetKey(al).Key.IsPrivate)
                            alias = al;
                    AsymmetricKeyEntry ake = store.GetKey(alias);

                    foreach (X509CertificateEntry c in store.GetCertificateChain(alias))

                    RsaPrivateCrtKeyParameters parameters = ake.Key as RsaPrivateCrtKeyParameters;

                    psa.SetCrypto(parameters, chain.ToArray(), null, PdfSignatureAppearance.WINCER_SIGNED);

                    result = true;
                    result = false;
            catch (Exception e)
                result = false;

Ejemplo n.º 3
        public void SignDocument()
            //if( !IsLoaded ) { return; } //TODO: PdfDocumentWrapper.SignDocument(): consider throwing an exception on null.

            PdfReader reader   = new PdfReader(new byte[0]);
            Document  document = new Document(reader.GetPageSizeWithRotation(1));

            using (MemoryStream stream = new MemoryStream())
                PdfStamper             stp = PdfStamper.CreateSignature(reader, stream, PdfWriter.VERSION_1_7);
                PdfSignatureAppearance sap = stp.SignatureAppearance;
                sap.SignDate = DateTime.Now;
                sap.SetCrypto(null, null, null, null);
                sap.Reason      = "";
                sap.Location    = "";
                sap.Acro6Layers = true;
                sap.Render      = PdfSignatureAppearance.SignatureRender.NameAndDescription;

                PdfSignature sig = new PdfSignature(PdfName.ADOBE_PPKLITE, PdfName.ADBE_PKCS7_DETACHED);
                sig.Date = new PdfDate(sap.SignDate);
                //sig.Name = PdfPKCS7.GetSubjectFields(
                sig.Reason   = sap.Reason;
                sig.Location = sap.Location;

                sap.CryptoDictionary = sig;

                Dictionary <PdfName, int> dic = new Dictionary <PdfName, int>();
                dic[PdfName.CONTENTS] = 4000 * 2 + 2;

                //PdfCopy writer = new PdfCopy( document, stream );

                //for( int i = 0; i < reader.NumberOfPages; )
                //    writer.AddPage( writer.GetImportedPage( reader, ++i ) );

                //PRAcroForm form = reader.AcroForm;
                //if( form != null ) { writer.CopyAcroForm( reader ); }


                //_pdf = stream.ToArray();
Ejemplo n.º 4
        private static void SetSigCryptoFromX509(PdfSignatureAppearance sigAppearance, X509Certificate2 card, X509Certificate[] chain)
            sigAppearance.SetCrypto(null, chain, null, PdfSignatureAppearance.WINCER_SIGNED);
            var dic = new PdfSignature(PdfName.ADOBE_PPKMS, PdfName.ADBE_PKCS7_SHA1)
                Date     = new PdfDate(sigAppearance.SignDate),
                Name     = PdfPKCS7.GetSubjectFields(chain[0]).GetField("CN"),
                Reason   = sigAppearance.Reason,
                Location = sigAppearance.Location

            sigAppearance.CryptoDictionary = dic;
            const int csize = 4000;
            var       exc   = new Dictionary <PdfName, int> {
                { PdfName.CONTENTS, csize * 2 + 2 }


            HashAlgorithm sha = new SHA1CryptoServiceProvider();

            var s = sigAppearance.RangeStream;
            int read;
            var buff = new byte[8192];

            while ((read = s.Read(buff, 0, 8192)) > 0)
                sha.TransformBlock(buff, 0, read, buff, 0);
            sha.TransformFinalBlock(buff, 0, 0);
            var pk = SignMsg(sha.Hash, card, false);

            var outc = new byte[csize];

            var dic2 = new PdfDictionary();

            Array.Copy(pk, 0, outc, 0, pk.Length);

            dic2.Put(PdfName.CONTENTS, new PdfString(outc).SetHexWriting(true));

Ejemplo n.º 5
        public static void signPdfFile(string sourceDocument, string destinationPath, Stream privateKeyStream, string keyPassword, string reason, string location)
            Pkcs12Store pk12 = new Pkcs12Store(privateKeyStream, keyPassword.ToCharArray());


            //then Iterate throught certificate entries to find the private key entry
            string alias = null;

            foreach (string tAlias in pk12.Aliases)
                if (pk12.IsKeyEntry(tAlias))
                    alias = tAlias;
            var pk    = pk12.GetKey(alias).Key;
            var ce    = pk12.GetCertificateChain(alias);
            var chain = new X509Certificate[ce.Length];

            for (int k = 0; k < ce.Length; ++k)
                chain[k] = ce[k].Certificate;
            // reader and stamper
            PdfReader  reader = new PdfReader(sourceDocument);
            FileStream fout   = new FileStream(destinationPath, FileMode.Create, FileAccess.ReadWrite);

            PdfStamper             stamper    = PdfStamper.CreateSignature(reader, fout, '\0', null, true);
            PdfSignatureAppearance appearance = stamper.SignatureAppearance;

            appearance.SetCrypto(pk, chain, null, PdfSignatureAppearance.SELF_SIGNED);
            appearance.Reason   = reason;
            appearance.Location = location;

Ejemplo n.º 6
        /*public void Verify(string pdfFile, Stream fileStream)
         * {
         *  //KeyStore kall = PdfPKCS7.loadCacertsKeyStore();
         *  var parser = new X509CertificateParser(fileStream);
         *  var certifi = parser.ReadCertificate ();
         *  fileStream.Dispose();
         *  string pathToFiles = HttpContext.Current.Server.MapPath("~/UploadFile/output/ForCekTandaTangan.pdf");
         *  PdfReader reader = new PdfReader(pathToFiles);
         *  AcroFields af = reader.AcroFields;
         *  var names = af.GetSignatureNames();
         *  if (names.Count == 0)
         *  {
         *      System.Diagnostics.Debug.WriteLine("Tidak ada ttdnya");
         *  }
         *  else
         *  {
         *      System.Diagnostics.Debug.WriteLine("IKI lo TTD ne yooow");
         *  }
         *  foreach (string name in names)
         *  {
         *      if (!af.SignatureCoversWholeDocument(name))
         *      {
         *          System.Diagnostics.Debug.WriteLine("The signature: {0} does not covers the whole document.", name);
         *      }
         *      System.Diagnostics.Debug.WriteLine("Signature Name: " + name);
         *      System.Diagnostics.Debug.WriteLine("Signature covers whole document: " + af.SignatureCoversWholeDocument(name));
         *      System.Diagnostics.Debug.WriteLine("Document revision: " + af.GetRevision(name));
         *      PdfPKCS7 pk = af.VerifySignature(name);
         *      var cal = pk.SignDate;
         *      var pkc = pk.Certificates;
         *      // TimeStampToken ts = pk.TimeStampToken;
         *      if (!pk.Verify())
         *      {
         *          System.Diagnostics.Debug.WriteLine("The signature could not be verified");
         *      } else
         *      {
         *          System.Diagnostics.Debug.WriteLine("Name signature: " + pk.SignName);
         *          System.Diagnostics.Debug.WriteLine("Reason signature: " + pk.Reason);
         *          System.Diagnostics.Debug.WriteLine("Location signature: " + pk.Location);
         *          System.Diagnostics.Debug.WriteLine("Date signature: " + pk.SignDate);
         *          System.Diagnostics.Debug.WriteLine("Version signature: " + pk.SigningInfoVersion);
         *          System.Diagnostics.Debug.WriteLine("Sertificate signature: " + pk.SigningCertificate);
         *      }
         *      //IList<VerificationException>[] fails = PdfPKCS7.VerifyCertificates(pkc, new X509Certificate[] { certifi }, null, cal);
         *      //Object[] fails = PdfPKCS7.VerifyCertificates(pkc, new X509Certificate[] { }, null, cal);
         *      //if (fails != null)
         *      //{
         *      //    System.Diagnostics.Debug.WriteLine("The file is not signed using the specified key-pair.");
         *      //}
         *  }
         * }*/
        //To disable Multi signatures uncomment this line : every new signature will invalidate older ones ! line 251
        //PdfStamper st = PdfStamper.CreateSignature(reader, new FileStream(this.outputPDF, FileMode.Create, FileAccess.Write), '\0');

        public void Sign(string SigReason, string SigContact,
                         string SigLocation, string pic, bool visible, int posX, int posY)
            //Activate MultiSignatures
            PdfReader  reader = new PdfReader(this.inputPDF);
            PdfStamper st     = PdfStamper.CreateSignature(reader,
                                                           new FileStream(this.outputPDF, FileMode.Create, FileAccess.Write),
                                                           '\0', null, true);

            //iTextSharp.text.Image sigImg = iTextSharp.text.Image.GetInstance(pic);
            Image sigImg = Image.GetInstance(pic);

            // MAX_WIDTH, MAX_HEIGHT
            sigImg.ScaleToFit(150, 50);
            // Set signature position on page
            sigImg.SetAbsolutePosition(posX, 840 - posY);
            // Add signatures to desired page
            PdfContentByte over = st.GetOverContent(1);


            st.MoreInfo    = this.metadata.getMetaData();
            st.XmpMetadata = this.metadata.getStreamedMetaData();
            PdfSignatureAppearance sap = st.SignatureAppearance;

            sap.SetCrypto(this.myCert.Akp, this.myCert.Chain,
                          null, PdfSignatureAppearance.WINCER_SIGNED);
            sap.Reason   = SigReason;
            sap.Contact  = SigContact;
            sap.Location = SigLocation;
            if (visible)
                    new Rectangle(posX, 840 - posY, posX + 150, (840 - posY) + 50), 1, null);
Ejemplo n.º 7
        public void Sign(string SigReason, string SigContact, string SigLocation, bool visible)
            PdfReader reader = new PdfReader(this.inputPDF);
            //Activate MultiSignatures
            PdfStamper st = PdfStamper.CreateSignature(reader, new FileStream(this.outputPDF, FileMode.Create, FileAccess.Write), '\0', null, true);

            //To disable Multi signatures uncomment this line : every new signature will invalidate older ones !
            //PdfStamper st = PdfStamper.CreateSignature(reader, new FileStream(this.outputPDF, FileMode.Create, FileAccess.Write), '\0');

            st.MoreInfo    = this.metadata.getMetaData();
            st.XmpMetadata = this.metadata.getStreamedMetaData();
            PdfSignatureAppearance sap = st.SignatureAppearance;

            sap.SetCrypto(this.myCert.Akp, this.myCert.Chain, null, PdfSignatureAppearance.WINCER_SIGNED);
            sap.Reason   = SigReason;
            sap.Contact  = SigContact;
            sap.Location = SigLocation;
            if (visible)
                sap.SetVisibleSignature(new iTextSharp.text.Rectangle(100, 100, 250, 150), 1, null);

Ejemplo n.º 8
        private static void DoSignPdfFile(PdfStamper stamper, ConversionProfile profile, JobPasswords jobPasswords)
            Signature signing = profile.PdfSettings.Signature;

            if (!signing.Enabled) //Leave without signing

            Logger.Debug("Start signing file.");

            signing.CertificateFile = Path.GetFullPath(signing.CertificateFile);

            if (string.IsNullOrEmpty(jobPasswords.PdfSignaturePassword))
                Logger.Error("Launched signing without certification password.");
                throw new ProcessingException("Launched signing without certification password.", 12204);
            if (IsValidCertificatePassword(signing.CertificateFile, jobPasswords.PdfSignaturePassword) == false)
                Logger.Error("Canceled signing. The password for certificate '" + signing.CertificateFile + "' is wrong.");
                throw new ProcessingException("Canceled signing. The password for certificate '" + signing.CertificateFile + "' is wrong.", 12200);
            if (CertificateHasPrivateKey(signing.CertificateFile, jobPasswords.PdfSignaturePassword) == false)
                Logger.Error("Canceled signing. The certificate '" + signing.CertificateFile + "' has no private key.");
                throw new ProcessingException(
                          "Canceled signing. The certificate '" + signing.CertificateFile + "' has no private key.", 12201);

            var    fsCert = new FileStream(signing.CertificateFile, FileMode.Open);
            var    ks     = new Pkcs12Store(fsCert, jobPasswords.PdfSignaturePassword.ToCharArray());
            string alias  = null;

            foreach (string al in ks.Aliases)
                if (ks.IsKeyEntry(al) && ks.GetKey(al).Key.IsPrivate)
                    alias = al;
            ICipherParameters pk = ks.GetKey(alias).Key;

            X509CertificateEntry[] x = ks.GetCertificateChain(alias);
            var chain = new X509Certificate[x.Length];

            for (int k = 0; k < x.Length; ++k)
                chain[k] = x[k].Certificate;

            ITSAClient tsc = null;

            if (!string.IsNullOrEmpty(signing.TimeServerUrl.Trim()))
                if (!signing.TimeServerIsSecured)
                    tsc = new TSAClientBouncyCastle(signing.TimeServerUrl);
                    tsc = new TSAClientBouncyCastle(signing.TimeServerUrl, signing.TimeServerLoginName, signing.TimeServerPassword);

            PdfSignatureAppearance psa = stamper.SignatureAppearance;

            if (tsc == null)
                psa.SetCrypto(pk, chain, null, PdfSignatureAppearance.WINCER_SIGNED);
                psa.SetCrypto(null, chain, null, PdfSignatureAppearance.SELF_SIGNED);

            if (!profile.PdfSettings.Signature.AllowMultiSigning)
                //Lock PDF, except for annotations and form filling (irrelevant for PDFCreator)
                psa.CertificationLevel = PdfSignatureAppearance.CERTIFIED_FORM_FILLING_AND_ANNOTATIONS;

            psa.Reason   = signing.SignReason;
            psa.Contact  = signing.SignContact;
            psa.Location = signing.SignLocation;

            if (signing.DisplaySignatureInDocument)
                int signPage = SignPageNr(stamper, signing);

                psa.SetVisibleSignature(new Rectangle(signing.LeftX, signing.LeftY, signing.RightX, signing.RightY),
                                        signPage, null);

            var dic = new PdfSignature(PdfName.ADOBE_PPKLITE, new PdfName("adbe.pkcs7.detached"));

            dic.Reason           = psa.Reason;
            dic.Location         = psa.Location;
            dic.Contact          = psa.Contact;
            dic.Date             = new PdfDate(psa.SignDate);
            psa.CryptoDictionary = dic;

            const int contentEstimated = 15000;
            // Preallocate excluded byte-range for the signature content (hex encoded)
            var exc = new Dictionary <PdfName, int>();

            exc[PdfName.CONTENTS] = contentEstimated * 2 + 2;
            const string hashAlgorithm = "SHA1"; //Always use HashAlgorithm "SHA1"
            var          sgn           = new PdfPKCS7(pk, chain, null, hashAlgorithm, false);
            IDigest      messageDigest = DigestUtilities.GetDigest(hashAlgorithm);
            Stream       data          = psa.GetRangeStream();
            var          buf           = new byte[8192];
            int          n;

            while ((n = data.Read(buf, 0, buf.Length)) > 0)
                messageDigest.BlockUpdate(buf, 0, n);
            var hash = new byte[messageDigest.GetDigestSize()];

            messageDigest.DoFinal(hash, 0);
            byte[] ocsp = null;
            if (chain.Length >= 2)
                String url = PdfPKCS7.GetOCSPURL(chain[0]);
                if (!string.IsNullOrEmpty(url))
                    ocsp = new OcspClientBouncyCastle().GetEncoded(chain[0], chain[1], url);
            DateTime cal = psa.SignDate;

            byte[] sh = sgn.GetAuthenticatedAttributeBytes(hash, cal, ocsp);
            sgn.Update(sh, 0, sh.Length);

            var paddedSig = new byte[contentEstimated];

            if (tsc != null)
                byte[] encodedSigTsa = null;
                    encodedSigTsa = sgn.GetEncodedPKCS7(hash, cal, tsc, ocsp);
                    Array.Copy(encodedSigTsa, 0, paddedSig, 0, encodedSigTsa.Length);
                catch (Exception ex)
                    throw new ProcessingException(
                              ex.GetType() + " while connecting to timeserver (can't connect to timeserver): " + ex.Message, 12205);
                if (contentEstimated + 2 < encodedSigTsa.Length)
                    throw new ProcessingException(
                              "Not enough space for signature", 12202);
                byte[] encodedSig = sgn.GetEncodedPKCS7(hash, cal);
                Array.Copy(encodedSig, 0, paddedSig, 0, encodedSig.Length);
                if (contentEstimated + 2 < encodedSig.Length)
                    throw new ProcessingException("Not enough space for signature", 12203);

            var dic2 = new PdfDictionary();

            dic2.Put(PdfName.CONTENTS, new PdfString(paddedSig).SetHexWriting(true));
Ejemplo n.º 9
        public void SignDetached()
            if (lb.Items.Count > 0)
                    X509Certificate2 card = GetCertificate();
                    Org.BouncyCastle.X509.X509CertificateParser cp    = new Org.BouncyCastle.X509.X509CertificateParser();
                    Org.BouncyCastle.X509.X509Certificate[]     chain = new Org.BouncyCastle.X509.X509Certificate[] { cp.ReadCertificate(card.RawData) };
                    pb.Minimum = 0;
                    pb.Maximum = lb.Items.Count;
                    pb.Visible = true;

                    foreach (object oFile in lb.Items)
                        string    filePDF = oFile.ToString();
                        PdfReader reader = new PdfReader(filePDF);
                        int       Pagina = 1;
                        int       posX = 0, posY = 0, Altezza = 0, Larghezza = 0;
                        //ricreo il percorso con il nome del nuovo file
                        string                 file      = filePDF.Substring(1 + filePDF.LastIndexOf(@"\"));
                        string                 NuovoFile = filePDF.Substring(0, filePDF.LastIndexOf(@"\") + 1) + file.Substring(0, file.LastIndexOf(".")) + "_firmato.pdf";
                        PdfStamper             stp       = PdfStamper.CreateSignature(reader, new FileStream(NuovoFile, FileMode.Create), '\0', null, multiSigChkBx.Checked);
                        PdfSignatureAppearance sap       = stp.SignatureAppearance;

                        string nPagine = reader.NumberOfPages.ToString();
                        sap.Reason   = cbRagione.Text + nPagine;
                        sap.Contact  = tbContatto.Text;
                        sap.Location = tbLuogo.Text;
                        if (cbFirmaVisibile.Checked == true) //firma visibile
                            if (rbNuovaPagina.Checked)       //firma su nuova pagina
                                Pagina = reader.NumberOfPages + 1;
                                stp.InsertPage(Pagina, reader.GetPageSize(1));
                                iTextSharp.text.Rectangle rect = reader.GetPageSize(Pagina);
                                int w = Convert.ToInt32(rect.Width);
                                int h = Convert.ToInt32(rect.Height);
                                posX      = 20;
                                posY      = h - 120;
                                Larghezza = posX + 100;
                                Altezza   = posY + 100;
                            else if (rbVecchiaPagina.Checked)   //firma su pagina esistente
                                int IndiceScelto = lbPosizioneFirma.SelectedIndex;
                                int paginaScelta = (IndiceScelto <= 3) ? 1 : reader.NumberOfPages;
                                iTextSharp.text.Rectangle rect = reader.GetPageSize(paginaScelta);
                                int w = Convert.ToInt32(rect.Width);
                                int h = Convert.ToInt32(rect.Height);
                                Pagina = paginaScelta;

                                /* istruzioni:
                                 *  0 Prima Pagina in Alto a Sinistra
                                 *  1 Prima Pagina in Alto a Destra
                                 *  2 Prima Pagina in Basso a Sinistra
                                 *  3 Prima Pagina in Basso a Destra
                                 *  4 Ultima Pagina in Alto a Sinistra
                                 *  5 Ultima Pagina in Alto a Destra
                                 *  6 Ultima Pagina in Basso a Sinistra
                                 *  7 Ultima Pagina in Basso a Destra
                                switch (IndiceScelto)
                                case 0:
                                case 4:
                                    posX      = 20;
                                    posY      = h - 110;
                                    Larghezza = posX + 100;
                                    Altezza   = posY + 100;

                                case 1:
                                case 5:
                                    posX      = w - 110;
                                    posY      = h - 110;
                                    Larghezza = posX + 100;
                                    Altezza   = posY + 100;

                                case 2:
                                case 6:
                                    posX      = 20;
                                    posY      = 20;
                                    Larghezza = posX + 350;
                                    Altezza   = posY + 70;

                                case 3:
                                case 7:
                                    posX      = w - 110;
                                    posY      = 20;
                                    Larghezza = posX + 100;
                                    Altezza   = posY + 100;
                            sap.SetVisibleSignature(new iTextSharp.text.Rectangle(posX, posY, Larghezza, Altezza), Pagina, null);
                        sap.SignDate = DateTime.Now;
                        sap.SetCrypto(null, chain, null, null);

                        sap.Acro6Layers = true;
                        sap.Render      = PdfSignatureAppearance.SignatureRender.Description; //.NameAndDescription;
                        PdfSignature dic = new PdfSignature(PdfName.ADOBE_PPKLITE, PdfName.ADBE_PKCS7_DETACHED);
                        dic.Date        = new PdfDate(sap.SignDate);
                        dic.Name        = PdfPKCS7.GetSubjectFields(chain[0]).GetField("CN");
                        sap.Layer2Text  = "Firmato Digitalmente da: " + PdfPKCS7.GetSubjectFields(chain[0]).GetField("CN");
                        sap.Layer2Text += "\r\nData: " + sap.SignDate;
                        sap.Layer2Text += "\r\nRagione: " + sap.Reason;
                        if (sap.Reason != null)
                            dic.Reason = sap.Reason;
                        if (sap.Location != null)
                            dic.Location = sap.Location;
                        if (sap.Contact != null)
                            dic.Contact = sap.Contact;
                        sap.CryptoDictionary = dic;
                        int contentEstimated          = 56000;
                        Dictionary <PdfName, int> exc = new Dictionary <PdfName, int>();
                        exc[PdfName.CONTENTS] = contentEstimated * 2 + 2;

                        Stream       s    = sap.GetRangeStream();
                        MemoryStream ss   = new MemoryStream();
                        int          read = 0;
                        byte[]       buff = new byte[8192];
                        while ((read = s.Read(buff, 0, 8192)) > 0)
                            ss.Write(buff, 0, read);
                        byte[] pk;
                        if (tsaCbx.Checked)                          //ss.ToArray()
                            pk = SignMsg(ss.ToArray(), card, true, tsaCbx.Checked, TSAUrlTextBox.Text, tsaLogin.Text, tsaPwd.Text);
                            pk = SignMsg(ss.ToArray(), card, true, false, "", "", "");
                        byte[] outc = new byte[contentEstimated];

                        PdfDictionary dic2 = new PdfDictionary();

                        Array.Copy(pk, 0, outc, 0, pk.Length);

                        dic2.Put(PdfName.CONTENTS, new PdfString(outc).SetHexWriting(true));
                        //avanzo di 1 la progress bar
                    MessageBox.Show(pb.Maximum.ToString() + " file firmati correttamente", "Operazione Completata");
                    pb.Visible = false;
                catch (Exception ex) {
                    MessageBox.Show(ex.ToString(), "Messaggio dal Sistema Windows");
                    pb.Visible = false;
Ejemplo n.º 10
        /// <summary>
        /// Configura la informacion del certificado digital
        /// </summary>
        /// <param name="origen"></param>
        /// <param name="destino"></param>
        /// <param name="rutaCertificado"></param>
        /// <param name="pass"></param>
        public bool infoCertificado(string origen, string destino, string rutaCertificado, string pass)
            bool resultado = false;

                //SAPbouiCOM.Framework.Application.SBO_Application.MessageBox("origen " + origen);
                //SAPbouiCOM.Framework.Application.SBO_Application.MessageBox("destino " + destino);
                //SAPbouiCOM.Framework.Application.SBO_Application.MessageBox("rutaCertificado " + rutaCertificado);
                //SAPbouiCOM.Framework.Application.SBO_Application.MessageBox("clave " + pass);

                //Se obtiene el certficado
                x509.X509Certificate2 certificado = new x509.X509Certificate2(rutaCertificado, pass);
                X509CertificateParser objCP       = new X509CertificateParser();

                Org.BouncyCastle.X509.X509Certificate[] objChain = new
                                                                   Org.BouncyCastle.X509.X509Certificate[] { objCP.ReadCertificate(certificado.RawData) };

                //Objeto de tipo documento pdf
                PdfReader objReader = new PdfReader(origen);
                //Crea el objeto para la firma digital
                PdfStamper objStamper = PdfStamper.CreateSignature(objReader,
                                                                   new FileStream(destino, FileMode.Create), '\0');
                PdfSignatureAppearance objSA = objStamper.SignatureAppearance;

                //Configuracion de informacion para la firma digital
                objSA.SignDate = DateTime.Now;
                objSA.SetCrypto(null, objChain, null, null);
                objSA.Reason      = "Comprobante Generado";
                objSA.Location    = "Uruguay";
                objSA.Acro6Layers = true;
                objSA.Render      = PdfSignatureAppearance.SignatureRender.NameAndDescription;

                PdfSignature objSignature = new PdfSignature(PdfName.ADOBE_PPKMS,
                objSignature.Date = new PdfDate(objSA.SignDate);
                objSignature.Name = PdfPKCS7.GetSubjectFields(objChain[0]).GetField("CN");

                if (objSA.Reason != null)
                    objSignature.Reason = objSA.Reason;

                if (objSA.Location != null)
                    objSignature.Location = objSA.Location;

                objSA.CryptoDictionary = objSignature;
                int intCSize = 4000;

                Hashtable objTable = new Hashtable();
                objTable[PdfName.CONTENTS] = intCSize * 2 + 2;
                Stream objStream = objSA.RangeStream;

                HashAlgorithm objSHA1 = new SHA1CryptoServiceProvider();
                int           intRead = 0;

                byte[] bytBuffer = new byte[8192];
                while ((intRead = objStream.Read(bytBuffer, 0, 8192)) > 0)
                    objSHA1.TransformBlock(bytBuffer, 0, intRead, bytBuffer, 0);
                objSHA1.TransformFinalBlock(bytBuffer, 0, 0);

                byte[] bytPK  = firmarDocumento(objSHA1.Hash, certificado);
                byte[] bytOut = new byte[intCSize];

                PdfDictionary objDict = new PdfDictionary();
                Array.Copy(bytPK, 0, bytOut, 0, bytPK.Length);

                objDict.Put(PdfName.CONTENTS, new PdfString(bytOut).SetHexWriting(true));
                resultado = true;
            catch (Exception ex)
                SAPbouiCOM.Framework.Application.SBO_Application.MessageBox("ERROR: " + ex.ToString());

Ejemplo n.º 11
        public void Sign(PDFSignatureAP sigAP, bool encrypt, PDFEncryption enc)
            byte[] ownerPassword = null;
            if (!string.IsNullOrEmpty(enc.OwnerPwd))
                ownerPassword = DocWriter.GetISOBytes(enc.OwnerPwd);

            PdfReader reader = new PdfReader(this.inputPDF, ownerPassword);

            FileStream fs = new FileStream(this.outputPDF, FileMode.Create, FileAccess.Write);

            PdfStamper st;

            if (this.myCert == null)             //No signature just write meta-data and quit
                st = new PdfStamper(reader, fs);
                st = PdfStamper.CreateSignature(reader, fs, '\0', null, sigAP.Multi);

            if (encrypt && enc != null)
            //st.SetEncryption(PdfWriter.STRENGTH128BITS, "user", "owner", PdfWriter.ALLOW_COPY);

            st.MoreInfo    = this.metadata.getMetaData();
            st.XmpMetadata = this.metadata.getStreamedMetaData();

            if (this.myCert == null)             //No signature just write meta-data and quit

            PdfSignatureAppearance sap = st.SignatureAppearance;

            //sap.SetCrypto(this.myCert.Akp, this.myCert.Chain, null, PdfSignatureAppearance.WINCER_SIGNED);

            sap.SetCrypto(null, this.myCert.Chain, null, PdfSignatureAppearance.SELF_SIGNED);

            sap.Reason   = sigAP.SigReason;
            sap.Contact  = sigAP.SigContact;
            sap.Location = sigAP.SigLocation;
            if (sigAP.Visible)
                iTextSharp.text.Rectangle rect = st.Reader.GetPageSize(sigAP.Page);
                sap.Image      = sigAP.RawData == null ? null : iTextSharp.text.Image.GetInstance(sigAP.RawData);
                sap.Layer2Text = sigAP.CustomText;

                sap.SetVisibleSignature(new iTextSharp.text.Rectangle(sigAP.SigX, sigAP.SigY, sigAP.SigX + sigAP.SigW, sigAP.SigY + sigAP.SigH), sigAP.Page, null);

            // Remove yellow question mark (green check mark is still used though)

            // The first signature is a certification
            //if (!sigAP.Multi)
            //    //sap.CertificationLevel = PdfSignatureAppearance.CERTIFIED_NO_CHANGES_ALLOWED;
            //    sap.CertificationLevel = PdfSignatureAppearance.CERTIFIED_FORM_FILLING;

            PdfSignature dic = new PdfSignature(PdfName.ADOBE_PPKLITE, new PdfName("adbe.pkcs7.detached"));

            dic.Reason           = sap.Reason;
            dic.Location         = sap.Location;
            dic.Contact          = sap.Contact;
            dic.Date             = new PdfDate(sap.SignDate);
            sap.CryptoDictionary = dic;

            int contentEstimated = 15000;
            // Preallocate excluded byte-range for the signature content (hex encoded)
            Dictionary <PdfName, int> exc = new Dictionary <PdfName, int>();

            exc[PdfName.CONTENTS] = contentEstimated * 2 + 2;

            PdfPKCS7 sgn           = new PdfPKCS7(this.myCert.Akp, this.myCert.Chain, null, "SHA-256", false);
            IDigest  messageDigest = DigestUtilities.GetDigest("SHA-256");
            // change for itextsharp-all-5.2.1
            Stream data = sap.GetRangeStream();

            byte[] buf = new byte[8192];
            int    n;

            while ((n = data.Read(buf, 0, buf.Length)) > 0)
                messageDigest.BlockUpdate(buf, 0, n);
            byte[] hash = new byte[messageDigest.GetDigestSize()];
            messageDigest.DoFinal(hash, 0);
            DateTime cal = DateTime.Now;

            byte[] ocsp = null;
            if (this.myCert.Chain.Length >= 2)
                String url = PdfPKCS7.GetOCSPURL(this.myCert.Chain[0]);
                if (url != null && url.Length > 0)
                    //ocsp =  new  OcspClientBouncyCastle(this.myCert.Chain[0], this.myCert.Chain[1], url).GetEncoded();
                    // change for itextsharp-all-5.2.1
                    ocsp = new OcspClientBouncyCastle().GetEncoded(this.myCert.Chain[0], this.myCert.Chain[1], url);
            byte[] sh = sgn.GetAuthenticatedAttributeBytes(hash, cal, ocsp);
            sgn.Update(sh, 0, sh.Length);

            byte[] paddedSig = new byte[contentEstimated];

            if (this.myCert.Tsc != null)
                byte[] encodedSigTsa = sgn.GetEncodedPKCS7(hash, cal, this.myCert.Tsc, ocsp);
                System.Array.Copy(encodedSigTsa, 0, paddedSig, 0, encodedSigTsa.Length);
                if (contentEstimated + 2 < encodedSigTsa.Length)
                    throw new Exception("Not enough space for signature");
                byte[] encodedSig = sgn.GetEncodedPKCS7(hash, cal);
                System.Array.Copy(encodedSig, 0, paddedSig, 0, encodedSig.Length);
                if (contentEstimated + 2 < encodedSig.Length)
                    throw new Exception("Not enough space for signature");

            PdfDictionary dic2 = new PdfDictionary();

            dic2.Put(PdfName.CONTENTS, new PdfString(paddedSig).SetHexWriting(true));

            //// Lock all fields after signing (backport from iText 5.4.4) - wrong - doesn't work
            //PdfDictionary lockDic = new PdfDictionary(new PdfName("SigFieldLock"));
            //lockDic.Put(PdfName.ACTION, new PdfName("All"));
            //lockDic.Put(PdfName.P, new PdfNumber(1));
            //dic2.Put(PdfName.LOCK, lockDic);


Ejemplo n.º 12
        private MemoryStream Assinar2(MemoryStream ArquivoOrigem, X509Certificate2 cert, ref byte[] pkcs7)
            this.card = cert;
            X509CertificateParser x509CertificateParser = new X509CertificateParser();

            Org.BouncyCastle.X509.X509Certificate[] array = new Org.BouncyCastle.X509.X509Certificate[]
            PdfReader              reader              = new PdfReader(ArquivoOrigem);
            MemoryStream           memoryStream        = new MemoryStream();
            PdfStamper             pdfStamper          = PdfStamper.CreateSignature(reader, memoryStream, '\0', null, true);
            PdfSignatureAppearance signatureAppearance = pdfStamper.SignatureAppearance;

            signatureAppearance.SetCrypto(null, array, null, PdfSignatureAppearance.SELF_SIGNED);
            signatureAppearance.Reason           = this.proposito;
            signatureAppearance.Contact          = this.contato;
            signatureAppearance.Location         = this.localizacao;
            signatureAppearance.CryptoDictionary = new PdfSignature(PdfName.ADOBE_PPKLITE, new PdfName("adbe.pkcs7.detached"))
                Reason   = signatureAppearance.Reason,
                Location = signatureAppearance.Location,
                Contact  = signatureAppearance.Contact,
                Date     = new PdfDate(signatureAppearance.SignDate)
            int num = 15000;
            Dictionary <PdfName, int> dictionary = new Dictionary <PdfName, int>();

            dictionary[PdfName.CONTENTS] = num * 2 + 2;
            //PdfPKCS7 pdfPKCS = new PdfPKCS7(null, array, null, "SHA1", false);
            PdfPKCS7 pdfPKCS     = new PdfPKCS7(null, array, null, "MD5", false);
            IDigest  digest      = DigestUtilities.GetDigest("MD5");
            Stream   rangeStream = signatureAppearance.GetRangeStream();

            byte[] array2 = new byte[8192];
            int    length;

            while ((length = rangeStream.Read(array2, 0, array2.Length)) > 0)
                digest.BlockUpdate(array2, 0, length);
            byte[] array3 = new byte[digest.GetDigestSize()];
            digest.DoFinal(array3, 0);
            DateTime now = DateTime.Now;

            byte[] ocsp = null;
            if (array.Length >= 2)
                string oCSPURL = PdfPKCS7.GetOCSPURL(array[0]);
                if (oCSPURL != null && oCSPURL.Length > 0)
                    ocsp = new OcspClientBouncyCastle().GetEncoded(array[0], array[1], oCSPURL);
            byte[] authenticatedAttributeBytes = pdfPKCS.GetAuthenticatedAttributeBytes(array3, now, ocsp);
            byte[] digest2 = Assinar.SignSHA1withRSA(this.card, authenticatedAttributeBytes);
            pdfPKCS.SetExternalDigest(digest2, array3, "RSA");
            byte[] array4      = new byte[num];
            byte[] encodedPKCS = pdfPKCS.GetEncodedPKCS7(array3, now, null, ocsp);
            pkcs7 = encodedPKCS;
            Array.Copy(encodedPKCS, 0, array4, 0, encodedPKCS.Length);
            if (num + 2 < encodedPKCS.Length)
                throw new ApplicationException("Não há espaço suficiente para assinatura.");
            PdfDictionary pdfDictionary = new PdfDictionary();

            pdfDictionary.Put(PdfName.CONTENTS, new PdfString(array4).SetHexWriting(true));
Ejemplo n.º 13
        /// <summary>
        /// Firma un documento
        /// </summary>
        /// <param name="Source">Documento origen</param>
        /// <param name="Target">Documento destino</param>
        /// <param name="Certificate">Certificado a utilizar</param>
        /// <param name="Reason">Razón de la firma</param>
        /// <param name="Location">Ubicación</param>
        /// <param name="AddVisibleSign">Establece si hay que agregar la firma visible al documento</param>
        public static void SignHashed(string Source, string Target, SysX509.X509Certificate2 Certificate, string Reason, string Location, bool AddVisibleSign)
            X509CertificateParser objCP = new X509CertificateParser();

            X509Certificate[] objChain = new X509Certificate[] { objCP.ReadCertificate(Certificate.RawData) };

            PdfReader              objReader  = new PdfReader(Source);
            PdfStamper             objStamper = PdfStamper.CreateSignature(objReader, new FileStream(Target, FileMode.Create), '\0');
            PdfSignatureAppearance objSA      = objStamper.SignatureAppearance;

            if (AddVisibleSign)
                objSA.SetVisibleSignature(new Rectangle(50, 50, 150, 100), 2, null);

            objSA.SignDate = DateTime.Now;
            objSA.SetCrypto(null, objChain, null, null);
            objSA.Reason      = Reason;
            objSA.Location    = Location;
            objSA.Acro6Layers = true;
            objSA.Render      = PdfSignatureAppearance.SignatureRender.NameAndDescription;
            PdfSignature objSignature = new PdfSignature(PdfName.ADOBE_PPKMS, PdfName.ADBE_PKCS7_SHA1);

            objSignature.Date = new PdfDate(objSA.SignDate);
            objSignature.Name = PdfPKCS7.GetSubjectFields(objChain[0]).GetField("CN");
            if (objSA.Reason != null)
                objSignature.Reason = objSA.Reason;
            if (objSA.Location != null)
                objSignature.Location = objSA.Location;
            objSA.CryptoDictionary = objSignature;
            int       intCSize = 4000;
            Hashtable objTable = new Hashtable();

            objTable[PdfName.CONTENTS] = intCSize * 2 + 2;

            HashAlgorithm objSHA1 = new SHA1CryptoServiceProvider();

            Stream objStream = objSA.RangeStream;
            int    intRead   = 0;

            byte[] bytBuffer = new byte[8192];
            while ((intRead = objStream.Read(bytBuffer, 0, 8192)) > 0)
                objSHA1.TransformBlock(bytBuffer, 0, intRead, bytBuffer, 0);
            objSHA1.TransformFinalBlock(bytBuffer, 0, 0);

            byte[] bytPK  = SignMsg(objSHA1.Hash, Certificate, false);
            byte[] bytOut = new byte[intCSize];

            PdfDictionary objDict = new PdfDictionary();

            Array.Copy(bytPK, 0, bytOut, 0, bytPK.Length);

            objDict.Put(PdfName.CONTENTS, new PdfString(bytOut).SetHexWriting(true));
Ejemplo n.º 14
        private ActionResult SignPdfFile(PdfStamper stamper, IJob job)
            Signing s = job.Profile.PdfSettings.Signing;

            //Leave without signing //WEG!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
            if (!s.Enable)
                if (stamper != null)
                    return(new ActionResult());

                Logger.Error("Could not create Stamper for Encryption, without Signing");
                return(new ActionResult(ActionId, 104));

            //Continue for Signing
            s.CertificationFile = Path.GetFullPath(s.CertificationFile);

            if (IsValidCertificatePassword(s.CertificationFile, job.Passwords.PdfSignaturePassword) == false)
                Logger.Error("Canceled signing. The password for certificate '" + s.CertificationFile + "' is wrong.");
                return(new ActionResult(ActionId, 105));
            if (CertificateHasPrivateKey(s.CertificationFile, job.Passwords.PdfSignaturePassword) == false)
                Logger.Error("Canceled signing. The certificate '" + s.CertificationFile + "' has no private key.");
                return(new ActionResult(ActionId, 106));

            var    fsCert = new FileStream(s.CertificationFile, FileMode.Open);
            var    ks     = new Pkcs12Store(fsCert, job.Passwords.PdfSignaturePassword.ToCharArray());
            string alias  = null;

            foreach (string al in ks.Aliases)
                if (ks.IsKeyEntry(al) && ks.GetKey(al).Key.IsPrivate)
                    alias = al;
            ICipherParameters pk = ks.GetKey(alias).Key;

            X509CertificateEntry[] x = ks.GetCertificateChain(alias);
            var chain = new X509Certificate[x.Length];

            for (int k = 0; k < x.Length; ++k)
                chain[k] = x[k].Certificate;

            ITSAClient tsc = null;

            if (s.TimeServerUrl.Trim() != "") //Timeserver with LogIn?
                tsc = new TSAClientBouncyCastle(s.TimeServerUrl /*, TimeServerLogonName, TimeServerLogonPassword*/);

            PdfSignatureAppearance sap = stamper.SignatureAppearance;

            if (tsc == null)
                sap.SetCrypto(pk, chain, null, PdfSignatureAppearance.WINCER_SIGNED);
                sap.SetCrypto(null, chain, null, PdfSignatureAppearance.SELF_SIGNED);

            sap.Reason   = s.SignReason;
            sap.Contact  = s.SignContact;
            sap.Location = s.SignLocation;

            if (s.DisplaySignatureInPdf)
                int signPage = SignPageNr(job);
                sap.SetVisibleSignature(new Rectangle(s.LeftX, s.LeftY, s.RightX, s.RightY),
                                        signPage, null);

            var dic = new PdfSignature(PdfName.ADOBE_PPKLITE, new PdfName("adbe.pkcs7.detached"));

            dic.Reason           = sap.Reason;
            dic.Location         = sap.Location;
            dic.Contact          = sap.Contact;
            dic.Date             = new PdfDate(sap.SignDate);
            sap.CryptoDictionary = dic;

            const int contentEstimated = 15000;
            // Preallocate excluded byte-range for the signature content (hex encoded)
            var exc = new Dictionary <PdfName, int>();

            exc[PdfName.CONTENTS] = contentEstimated * 2 + 2;
            const string hashAlgorithm = "SHA1"; //Always use HashAlgorithm "SHA1"
            var          sgn           = new PdfPKCS7(pk, chain, null, hashAlgorithm, false);
            IDigest      messageDigest = DigestUtilities.GetDigest(hashAlgorithm);
            Stream       data          = sap.GetRangeStream();
            var          buf           = new byte[8192];
            int          n;

            while ((n = data.Read(buf, 0, buf.Length)) > 0)
                messageDigest.BlockUpdate(buf, 0, n);
            var hash = new byte[messageDigest.GetDigestSize()];

            messageDigest.DoFinal(hash, 0);
            byte[] ocsp = null;
            if (chain.Length >= 2)
                String url = PdfPKCS7.GetOCSPURL(chain[0]);
                if (!string.IsNullOrEmpty(url))
                    ocsp = new OcspClientBouncyCastle().GetEncoded(chain[0], chain[1], url);
            DateTime cal = sap.SignDate;

            byte[] sh = sgn.GetAuthenticatedAttributeBytes(hash, cal, ocsp);
            sgn.Update(sh, 0, sh.Length);

            var paddedSig = new byte[contentEstimated];

            if (tsc != null)
                byte[] encodedSigTsa = sgn.GetEncodedPKCS7(hash, cal, tsc, ocsp);
                Array.Copy(encodedSigTsa, 0, paddedSig, 0, encodedSigTsa.Length);
                if (contentEstimated + 2 < encodedSigTsa.Length)
                    Logger.Error("Not enough space for signature");
                    return(new ActionResult(ActionId, 107));
                byte[] encodedSig = sgn.GetEncodedPKCS7(hash, cal);
                Array.Copy(encodedSig, 0, paddedSig, 0, encodedSig.Length);
                if (contentEstimated + 2 < encodedSig.Length)
                    Logger.Error("Not enough space for signature");
                    return(new ActionResult(ActionId, 107));

            var dic2 = new PdfDictionary();

            dic2.Put(PdfName.CONTENTS, new PdfString(paddedSig).SetHexWriting(true));

            return(new ActionResult());
Ejemplo n.º 15
        private void SignUsingEstEIDCard2(string filename, string outfile)
            statusHandler(Resources.VERIFYING_DOCUMENT, false);

            AcroFields af           = this.reader.AcroFields;
            ArrayList  names        = af.GetSignatureNames();
            bool       nextRevision = ((names != null) && (names.Count > 0));

            // already signed ?
            if (nextRevision)
                // pick always first signature
                string   name   = (string)names[0];
                PdfPKCS7 pkc7   = af.VerifySignature(name);
                bool     verify = pkc7.Verify();
                if (!verify)
                    string who = PdfPKCS7.GetSubjectFields(pkc7.SigningCertificate).GetField("CN");
                    throw new DocVerifyException(Resources.DOC_VERIFY_FAILED + who);

            statusHandler(Resources.CONNECTING_SMARTCARD, false);

            // open EstEID
            EstEIDReader estEidReader = new EstEIDReader();
            string       pkcs11_lib   = conf.PKCS11DriverPath;
            bool         b            = estEidReader.Open(pkcs11_lib);

            if (b == false)
                throw new Exception(Resources.PKCS11_OPEN);

            statusHandler(Resources.READ_CERTS, false);
            PKCS11Signer signer = LocateSigner(estEidReader);

            Org.BouncyCastle.X509.X509Certificate[] chain = X509Utils.LoadCertificate(signer.Cert.RawData);

            statusHandler(Resources.VERIFYING_OCSP, false);
            OCSPClientEstEID ocspClient = OCSPClient(chain[0]);

            if (ocspClient == null)
                throw new Exception(this.lastError);

            byte[] ocsp = ocspClient.GetEncoded();
            if (ocsp == null)
                throw new RevocationException(ocspClient.lastError);

            X509Certificate2 card = signer.Cert;
            Oid oid = card.SignatureAlgorithm;

            if (oid.Value != PkcsObjectIdentifiers.Sha1WithRsaEncryption.Id)
                throw new Exception(Resources.INVALID_CERT);

            PdfReader  reader   = new PdfReader(filename);
            Document   document = new Document(reader.GetPageSizeWithRotation(1));
            PdfStamper stp      = PdfStamper.CreateSignature(reader, new FileStream(outfile, FileMode.Create), '\0', null, nextRevision);

            if (metadata != null)
                stp.XmpMetadata = metadata.getStreamedMetaData();
            PdfSignatureAppearance sap = stp.SignatureAppearance;

            if (appearance.Visible)
                if (appearance.SigLocation.UseSector)
                    appearance.SigLocation.Bounds = document.PageSize;
                sap.SetVisibleSignature(appearance.SigLocation, (int)appearance.Page, null);
            sap.SignDate = DateTime.Now;
            sap.SetCrypto(null, chain, null, null);
            sap.Reason      = (appearance.Reason.Length > 0) ? appearance.Reason : null;
            sap.Location    = (appearance.Location.Length > 0) ? appearance.Location : null;
            sap.Contact     = (appearance.Contact.Length > 0) ? appearance.Contact : null;
            sap.Acro6Layers = true;
            sap.Render      = appearance.SignatureRender;
            sap.Layer2Text  = appearance.SignatureText(sap.SignDate, chain[0]);
            PdfSignature dic = new PdfSignature(PdfName.ADOBE_PPKLITE, PdfName.ADBE_PKCS7_SHA1);

            dic.Date = new PdfDate(sap.SignDate);
            dic.Name = PdfPKCS7.GetSubjectFields(chain[0]).GetField("CN");
            if (sap.Reason != null)
                dic.Reason = sap.Reason;
            if (sap.Location != null)
                dic.Location = sap.Location;
            if (sap.Contact != null)
                dic.Contact = sap.Contact;
            sap.CryptoDictionary = dic;
            sap.SetExternalDigest(new byte[SIGNATURE_LENGTH], new byte[Digest.SHA1_LENGTH], "RSA");

            // expect 6K to be enough if TSA response, else 2K ?
            int       csize = (stamp != null) ? 1024 * 6 : 1024 * 2;
            Hashtable exc   = new Hashtable();

            exc[PdfName.CONTENTS] = csize * 2 + 2;

            // compute hash based on PDF bytes
            byte[] digest = ComputeHash(estEidReader, sap);

            statusHandler(Resources.ADD_SIGNATURE, false);
            // sign hash
            byte[] rsadata = EstEIDCardSign(estEidReader, signer, digest);
            // if null, user requested Cancel
            if (rsadata == null)
                throw new Exception(Resources.CARD_INTERNAL_ERROR);

            // create PKCS#7 envelope
            PdfPKCS7 pk7 = new PdfPKCS7(null, chain, null, "SHA1", true);

            pk7.SetExternalDigest(rsadata, digest, "RSA");

            byte[] pk = pk7.GetEncodedPKCS7();

            // user wants to add TSA response ?
            if (stamp != null && pk != null)
                statusHandler(Resources.TSA_REQUEST, false);
                pk = TimestampAuthorityResponse(estEidReader, pk);

            // PKCS#7 bytes too large ?
            if (pk.Length >= csize)
                throw new Exception(Resources.MEMORY_ERROR);

            byte[] outc = new byte[csize];

            PdfDictionary dic2 = new PdfDictionary();

            Array.Copy(pk, 0, outc, 0, pk.Length);

            dic2.Put(PdfName.CONTENTS, new PdfString(outc).SetHexWriting(true));
Ejemplo n.º 16
 private static void SetSigCryptoFromCipherParam(PdfSignatureAppearance sigAppearance, ICipherParameters key, X509Certificate[] chain)
     sigAppearance.SetCrypto(key, chain, null, PdfSignatureAppearance.WINCER_SIGNED);
Ejemplo n.º 17
        public void Button3Click(object sender, System.EventArgs e)
            if (inputBox.Text != null)
                string filePDF = inputBox.Text;
                    X509Certificate2 card = GetCertificate();
                    Org.BouncyCastle.X509.X509CertificateParser cp    = new Org.BouncyCastle.X509.X509CertificateParser();
                    Org.BouncyCastle.X509.X509Certificate[]     chain = new Org.BouncyCastle.X509.X509Certificate[] { cp.ReadCertificate(card.RawData) };

                    //ricreo il percorso con il nome del novo file

                    string    file      = filePDF.Substring(1 + filePDF.LastIndexOf(@"\")).ToLowerInvariant();
                    string    NuovoFile = filePDF.Substring(0, filePDF.LastIndexOf(@"\") + 1) + file.Substring(0, file.LastIndexOf(".")) + "_firmato.pdf".ToLowerInvariant();
                    PdfReader reader    = new PdfReader(filePDF);

                    PdfStamper             stp = PdfStamper.CreateSignature(reader, new FileStream(NuovoFile, FileMode.Create), '\0', null, multiSigChkBx.Checked);
                    PdfSignatureAppearance sap = stp.SignatureAppearance;

                    if (tsaCbx.Checked)
                        ITSAClient tsc = new TSAClientBouncyCastle(TSAUrlTextBox.Text, tsaLogin.Text, tsaPwd.Text);

                    if (SigVisible.Checked)
                        sap.Reason   = cbRagioneSingolo.Text;
                        sap.Contact  = Contacttext.Text;
                        sap.Location = Locationtext.Text;

                        if (sigImgBox.Image != null)
                            MemoryStream ms = new MemoryStream();
                            sigImgBox.Image.Save(ms, System.Drawing.Imaging.ImageFormat.Bmp);
                            sap.Image = ms.ToArray() == null ? null : iTextSharp.text.Image.GetInstance(ms.ToArray());
                        sap.SetVisibleSignature(new iTextSharp.text.Rectangle((float)sigPosX.Value,
                                                                              (float)sigPosX.Value + (float)sigWidth.Value,
                                                                              (float)sigPosY.Value + (float)sigHeight.Value),

                    sap.SignDate = DateTime.Now;
                    sap.SetCrypto(null, chain, null, null);

                    sap.Acro6Layers = true;
                    sap.Render      = PdfSignatureAppearance.SignatureRender.Description;                //.NameAndDescription;
                    PdfSignature dic = new PdfSignature(PdfName.ADOBE_PPKLITE, PdfName.ADBE_PKCS7_DETACHED);
                    dic.Date = new PdfDate(sap.SignDate);
                    dic.Name = PdfPKCS7.GetSubjectFields(chain[0]).GetField("CN");

                    if (sap.Reason != null)
                        dic.Reason = sap.Reason;
                    if (sap.Location != null)
                        dic.Location = sap.Location;
                    if (sap.Contact != null)
                        dic.Contact = sap.Contact;
                    sap.CryptoDictionary = dic;
                    int contentEstimated          = 15000;
                    Dictionary <PdfName, int> exc = new Dictionary <PdfName, int>();
                    exc[PdfName.CONTENTS] = contentEstimated * 2 + 2;
                    IDigest      messageDigest = DigestUtilities.GetDigest("SHA256");                //add
                    Stream       s             = sap.GetRangeStream();
                    MemoryStream ss            = new MemoryStream();
                    int          read          = 0;
                    byte[]       buff          = new byte[8192];
                    while ((read = s.Read(buff, 0, 8192)) > 0)
                        ss.Write(buff, 0, read);
                        messageDigest.BlockUpdate(buff, 0, read);                         //add
                    byte[] hash = new byte[messageDigest.GetDigestSize()];
                    messageDigest.DoFinal(hash, 0);
                    DateTime cal  = DateTime.Now;
                    byte[]   ocsp = null;
                    if (chain.Length >= 2)
                        String url = PdfPKCS7.GetOCSPURL(chain[0]);
                        if (url != null && url.Length > 0)
                            ocsp = new OcspClientBouncyCastle().GetEncoded(chain[0], chain[1], url);


                     * TimeStampRequestGenerator reqGen = new TimeStampRequestGenerator();
                     * // Dummy request
                     * TimeStampRequest request = reqGen.Generate(TspAlgorithms.Sha1, hash, BigInteger.ValueOf(100));
                     * byte[] reqData = request.GetEncoded();
                     * HttpWebRequest httpReq = (HttpWebRequest) WebRequest.Create("http://localhost:8080/signserver/process?workerId=1");
                     * httpReq.Method = "POST";
                     * httpReq.ContentType = "application/timestamp-query";
                     * httpReq.ContentLength = reqData.Length;
                     * // Write the request content
                     * Stream reqStream = httpReq.GetRequestStream();
                     * reqStream.Write(reqData, 0, reqData.Length);
                     * reqStream.Close();
                     * HttpWebResponse httpResp = (HttpWebResponse) httpReq.GetResponse();
                     * // Read the response
                     * Stream respStream = new BufferedStream(httpResp.GetResponseStream());
                     * TimeStampResponse response = new TimeStampResponse(respStream);
                     * respStream.Close();
                     * //MessageBox.Show(response.TimeStampToken.TimeStampInfo.GenTime.ToString());

                    //===================================QUI FIRMO
                    byte[] pk;
                    if (tsaCbx.Checked)
                        pk = SignMsg(ss.ToArray(), card, true, tsaCbx.Checked, TSAUrlTextBox.Text, tsaLogin.Text, tsaPwd.Text);
                        pk = SignMsg(ss.ToArray(), card, true, tsaCbx.Checked, "", "", "");
                    byte[] outc = new byte[contentEstimated];

                    PdfDictionary dic2 = new PdfDictionary();

                    Array.Copy(pk, 0, outc, 0, pk.Length);

                    dic2.Put(PdfName.CONTENTS, new PdfString(outc).SetHexWriting(true));
                    MessageBox.Show("File firmato correttamente", "Operazione Completata");
                catch (Exception ex)
Ejemplo n.º 18
        public override byte[] Sign(byte[] pdf, bool detached)
            if (_certificate == null)
                _certificate = GetCertificate();

                if (_certificate == null)
                    throw new Exceptions.CertificateNotFoundException(this.CertificateSelector);

                _chain = GetChain();

            PdfReader reader = new PdfReader(pdf);

            using (MemoryStream result = new MemoryStream())
                PdfStamper             stp = PdfStamper.CreateSignature(reader, result, '\0');
                PdfSignatureAppearance sap = stp.SignatureAppearance;

                sap.SetCrypto(null, _chain, null, null);

                    new CertificateInfo
                    CN           = PdfPKCS7.GetSubjectFields(_chain[0]).GetField("CN"),
                    SerialNumber = PdfPKCS7.GetSubjectFields(_chain[0]).GetField("SN")
                    , sap);


                PdfSignature dic = null;

                if (detached)
                    dic = new PdfSignature(PdfName.ADOBE_PPKLITE, PdfName.ADBE_PKCS7_DETACHED);
                    dic = new PdfSignature(PdfName.ADOBE_PPKMS, PdfName.ADBE_PKCS7_SHA1);

                dic.Date = new PdfDate(sap.SignDate);
                dic.Name = PdfPKCS7.GetSubjectFields(_chain[0]).GetField("CN");

                this.PrepareSignature(dic, sap);

                sap.CryptoDictionary = dic;

                int       csize = detached ? 10000 : 4000;
                Hashtable exc   = new Hashtable();
                exc[PdfName.CONTENTS] = csize * 2 + 2;

                byte[] msg = null;
                if (detached)
                    msg = GetMsgDetached(sap);
                    msg = GetMsgHashed(sap);

                byte[] pk = SignMsg(msg, _certificate, detached);

                byte[] outc = new byte[csize];

                PdfDictionary dic2 = new PdfDictionary();

                Array.Copy(pk, 0, outc, 0, pk.Length);

                dic2.Put(PdfName.CONTENTS, new PdfString(outc).SetHexWriting(true));

Ejemplo n.º 19
        public byte[] SignDetached(byte[] data, int certIndex, string storeLocation, string storeName, string location, string reason, int position)
            MemoryStream outMs = new MemoryStream();
            // X509Certificate2 card = GetCertificate(certIndex, storeLocation, storeName);
            // FAILLACE qui tocca fornire il certificato?
            X509Certificate2 card = null;

            Org.BouncyCastle.X509.X509CertificateParser cp    = new Org.BouncyCastle.X509.X509CertificateParser();
            Org.BouncyCastle.X509.X509Certificate[]     chain = new Org.BouncyCastle.X509.X509Certificate[] { cp.ReadCertificate(card.RawData) };

            PdfReader  reader  = new PdfReader(data);
            PdfStamper stp     = null;
            bool       isPades = IsPdfPades(reader);
            bool       isPdfA  = IsPDFA(reader);

            if (isPades)  //se pades vado in append.
                stp = PdfStamper.CreateSignature(reader, outMs, '\0', null, true);
                stp = PdfStamper.CreateSignature(reader, outMs, '\0');

            if (isPdfA)
                stp.Writer.PDFXConformance = PdfWriter.PDFA1A;

            PdfSignatureAppearance sap = stp.SignatureAppearance;
            Rectangle pageSize         = reader.GetPageSize(1);
            Rectangle signatureRect    = setPosition(position, pageSize);

            sap.SetVisibleSignature(signatureRect, 1, null);
            sap.SignDate = DateTime.Now;
            sap.SetCrypto(null, chain, null, null);
            sap.Reason      = reason;
            sap.Location    = location;
            sap.Acro6Layers = true;
            sap.Render      = PdfSignatureAppearance.SignatureRender.NameAndDescription;

            //così appare solo il testo che voglio io.
            sap.Layer2Text = "Test";
            sap.Render     = PdfSignatureAppearance.SignatureRender.Description;

            if (isPdfA)
                //BaseFont bf = BaseFont.CreateFont(@"c:\windows\fonts\arial.ttf", BaseFont.WINANSI, true);
                //forse va sistemato questo path.
                Stream fo = BaseFont.GetResourceStream("DPA.DigitalSignature.Itextsharp.iTextSharp.text.pdf.fonts.Helvetica.afm");

                byte[] fb = new BinaryReader(fo).ReadBytes((int)fo.Length);
                //BaseFont bf1 = BaseFont.CreateFont(BaseFont.HELVETICA, BaseFont.WINANSI, true);
                BaseFont bf = BaseFont.CreateFont("helvetica.afm", BaseFont.WINANSI, true, false, fb, fb);

                sap.Layer2Font = new Font(bf);

            PdfSignature dic = new PdfSignature(PdfName.ADOBE_PPKLITE, PdfName.ADBE_PKCS7_DETACHED);

            dic.Date = new PdfDate(sap.SignDate);
            dic.Name = PdfPKCS7.GetSubjectFields(chain[0]).GetField("CN");
            if (sap.Reason != null)
                dic.Reason = sap.Reason;
            if (sap.Location != null)
                dic.Location = sap.Location;
            sap.CryptoDictionary = dic;
            int csize = 10000;
            Dictionary <PdfName, int> exc = new Dictionary <PdfName, int>();

            exc[PdfName.CONTENTS] = csize * 2 + 2;
            Hashtable dict_hasht = new Hashtable(exc);


            Stream       s    = sap.RangeStream;
            MemoryStream ss   = new MemoryStream();
            int          read = 0;

            byte[] buff = new byte[8192];
            while ((read = s.Read(buff, 0, 8192)) > 0)
                ss.Write(buff, 0, read);

            byte[] pk = FirmaFileBouncy(ss.ToArray(), card);
            //pk = SignMsg(ss.ToArray(), card, true);

            byte[] outc = new byte[csize];

            PdfDictionary dic2 = new PdfDictionary();

            Array.Copy(pk, 0, outc, 0, pk.Length);

            dic2.Put(PdfName.CONTENTS, new PdfString(outc).SetHexWriting(true));
            sap.Close(dic2, true);
            outMs.Position = 0;
            BinaryReader br = new BinaryReader(outMs);

            byte[] retval = br.ReadBytes((int)outMs.Length);
Ejemplo n.º 20
        public static bool PDFSign(string inputfile, string outputfile, STabCard sTabCard)
                Certificate cert = new Certificate();
                int         i    = 3;
                for (i = 3; i > 0; i--)
                    if (SystemSingleton.CurrentSession.CertPassword == "")
                        SetPassword window = new SetPassword();
                        cert = new Certificate(SystemSingleton.Configuration.CertificatePath, SystemSingleton.CurrentSession.CertPassword);
                            (string)SystemSingleton.Configuration.mainWindow.FindResource("m_CertPassError") + " " + (i - 1),
                            "Certificate/Password Error"
                        SystemSingleton.CurrentSession.CertPassword = "";
                if (i == 0)
                        "File Error"
                MetaData MD = new MetaData();
                MD.Author   = SystemSingleton.CurrentSession.FullName;
                MD.Title    = sTabCard.Card.Task.Number;
                MD.Subject  = sTabCard.Card.DocType.Caption;
                MD.Keywords = sTabCard.Card.Task.Commentary;
                MD.Creator  = sTabCard.Card.From.FullName;
                MD.Producer = SystemSingleton.Configuration.CompanyName;

                PdfReader  reader = new PdfReader(inputfile);
                PdfStamper st     = PdfStamper.CreateSignature(reader, new FileStream(outputfile, FileMode.Create, FileAccess.Write), '\0', null, true);

                st.MoreInfo    = MD.getMetaData();
                st.XmpMetadata = MD.getStreamedMetaData();
                PdfSignatureAppearance sap = st.SignatureAppearance;

                sap.SetCrypto(cert.Akp, cert.Chain, null, PdfSignatureAppearance.WINCER_SIGNED);
                sap.Reason   = "Completition";
                sap.Contact  = MD.Producer;
                sap.Location = SystemSingleton.Configuration.CompanyLocation;
                if (SystemSingleton.Configuration.SignVisible)
                    sap.SetVisibleSignature(new iTextSharp.text.Rectangle(100, 100, 250, 150), 1, null);
                    "File Error"
Ejemplo n.º 21
        public bool FirmarPDF(string pdfOriginal, string pdfFirmado, SysX509.X509Certificate2 certificado, string imagenFirma, bool firmaVisible, float puntoEsquinaInferiorIzquierdaX, float puntoEsquinaInferiorIzquierdaY, float puntoEsquinaSuperiorDerechaX, float puntoEsquinaSuperiorDerechaY, eTipoPagina paginaFirma, int pagina)
            int numPagina = 0;

                X509CertificateParser objCP = new X509CertificateParser();
                Org.BouncyCastle.X509.X509Certificate[] objChain = new Org.BouncyCastle.X509.X509Certificate[] { objCP.ReadCertificate(certificado.RawData) };

                PdfReader              objReader  = new PdfReader(pdfOriginal);
                PdfStamper             objStamper = PdfStamper.CreateSignature(objReader, new FileStream(pdfFirmado, FileMode.Create), '\0');
                PdfSignatureAppearance objSA      = objStamper.SignatureAppearance;

                if (paginaFirma == eTipoPagina.Ultima)
                    numPagina = objReader.NumberOfPages;
                    if (pagina <= objReader.NumberOfPages)
                        numPagina = pagina;
                    else if (pagina > objReader.NumberOfPages)
                        numPagina = objReader.NumberOfPages;
                    else if (pagina < 1)
                        numPagina = 1;
                if (firmaVisible)
                    Rectangle rect = new Rectangle(puntoEsquinaInferiorIzquierdaX, puntoEsquinaInferiorIzquierdaY, puntoEsquinaSuperiorDerechaX, puntoEsquinaSuperiorDerechaY);
                    objSA.SetVisibleSignature(rect, numPagina, null);

                objSA.CertificationLevel = PdfSignatureAppearance.CERTIFIED_NO_CHANGES_ALLOWED;

                objSA.SignDate = DateTime.Now;
                objSA.SetCrypto(null, objChain, null, null);
                objSA.Acro6Layers = true;
                objSA.Render      = PdfSignatureAppearance.SignatureRender.NameAndDescription;
                //objSA.SignatureGraphic = iTextSharp.text.Image.GetInstance(imagenFirma); //
                PdfSignature objSignature = new PdfSignature(PdfName.ADOBE_PPKMS, PdfName.ADBE_PKCS7_SHA1);
                objSignature.Date = new PdfDate(objSA.SignDate);
                objSignature.Name = PdfPKCS7.GetSubjectFields(objChain[0]).GetField("CN");
                if (objSA.Reason != null)
                    objSignature.Reason = objSA.Reason;
                if (objSA.Location != null)
                    objSignature.Location = objSA.Location;
                if (objSA.Contact != null)
                    objSignature.Contact = objSA.Contact;
                objSA.CryptoDictionary = objSignature;
                int intCSize = 4000;
                Dictionary <PdfName, int> objTable = new Dictionary <PdfName, int>();
                objTable[PdfName.CONTENTS] = intCSize * 2 + 2;

                HashAlgorithm objSHA1 = new SHA1CryptoServiceProvider();

                Stream objStream = objSA.RangeStream;
                int    intRead   = 0;
                byte[] bytBuffer = new byte[8192];
                while ((intRead = objStream.Read(bytBuffer, 0, 8192)) > 0)
                    objSHA1.TransformBlock(bytBuffer, 0, intRead, bytBuffer, 0);
                objSHA1.TransformFinalBlock(bytBuffer, 0, 0);

                byte[] bytPK  = GenerarFirmar(objSHA1.Hash, certificado, false);
                byte[] bytOut = new byte[intCSize];

                PdfDictionary objDict = new PdfDictionary();

                Array.Copy(bytPK, 0, bytOut, 0, bytPK.Length);

                objDict.Put(PdfName.CONTENTS, new PdfString(bytOut).SetHexWriting(true));

 private void signDetached(PdfSignatureAppearance sap)
     sap.CertificationLevel = PdfSignatureAppearance.CERTIFIED_NO_CHANGES_ALLOWED;
     sap.SetCrypto(_asymmetricKeyParameter, _chain, null, PdfSignatureAppearance.SelfSigned);
Ejemplo n.º 23
        /// <summary>
        /// Firma un documento
        /// </summary>
        /// <param name="Source">Documento origen</param>
        /// <param name="Target">Documento destino</param>
        /// <param name="Certificate">Certificado a utilizar</param>
        /// <param name="Reason">Razón de la firma</param>
        /// <param name="Location">Ubicación</param>
        /// <param name="AddVisibleSign">Establece si hay que agregar la firma visible al documento</param>
        public void SignHashed(string Source, string Target, SysX509.X509Certificate2 Certificate, string Reason, string Location, bool AddVisibleSign, DatosPersonales datos)
            X509CertificateParser objCP = new X509CertificateParser();

            Org.BouncyCastle.X509.X509Certificate[] objChain = new Org.BouncyCastle.X509.X509Certificate[] { objCP.ReadCertificate(Certificate.RawData) };

            PdfReader              objReader  = new PdfReader(Source);
            PdfStamper             objStamper = PdfStamper.CreateSignature(objReader, new FileStream(Target, FileMode.Create), '\0', null, true);
            PdfSignatureAppearance objSA      = objStamper.SignatureAppearance;

            if (AddVisibleSign)
                objSA.SetVisibleSignature(new Rectangle(100f, objReader.XrefSize, 500, 100), 1, null);

            objSA.SignDate = DateTime.Now;
            objSA.SetCrypto(null, objChain, null, null);
            objSA.Reason      = Reason;
            objSA.Location    = Location;
            objSA.Acro6Layers = true;
            objSA.Render      = PdfSignatureAppearance.SignatureRender.NameAndDescription;
            PdfSignature objSignature = new PdfSignature(PdfName.ADOBE_PPKMS, PdfName.ADBE_PKCS7_SHA1);

            objSignature.Date = new PdfDate(objSA.SignDate);
            objSignature.Name = PdfPKCS7.GetSubjectFields(objChain[0]).GetField("CN");
            if (objSA.Reason != null)
                objSignature.Reason = objSA.Reason;
            if (objSA.Location != null)
                objSignature.Location = objSA.Location;
            objSA.CryptoDictionary = objSignature;
            int intCSize = 4000;

            //  Hashtable objTable = new Hashtable();
            //  objTable[PdfName.CONTENTS] = intCSize * 2 + 2;
            Dictionary <PdfName, int> objTable = new Dictionary <PdfName, int>();
            PdfName pdfname = new PdfName("firma");

            // Add some elements to the dictionary. There are no
            // duplicate keys, but some of the values are duplicates.
            objTable.Add(pdfname, intCSize * 2 + 2);

            HashAlgorithm objSHA1 = new SHA1CryptoServiceProvider();

            Stream objStream = objSA.RangeStream;
            int    intRead   = 0;

            byte[] bytBuffer = new byte[8192];
            while ((intRead = objStream.Read(bytBuffer, 0, 8192)) > 0)
                objSHA1.TransformBlock(bytBuffer, 0, intRead, bytBuffer, 0);
            objSHA1.TransformFinalBlock(bytBuffer, 0, 0);

            byte[] bytPK  = SignMsg(objSHA1.Hash, Certificate, false);
            byte[] bytOut = new byte[intCSize];

            PdfDictionary objDict = new PdfDictionary();

            Array.Copy(bytPK, 0, bytOut, 0, bytPK.Length);

            objDict.Put(pdfname, new PdfString(bytOut).SetHexWriting(true));
            catch (Exception ex)
Ejemplo n.º 24
        public static void Sign(Signature signature, PDFMetadata metadata, string input, string output)
            if (signature == null)
                throw new NullReferenceException();

            if (signature.Store == null)
                throw new NullReferenceException();

            /* Get Store Private Key and Certificate Chain */

            var name = GetPrivateKeyName(signature.Store);

            if (string.IsNullOrEmpty(name))
                throw new InvalidOperationException("No private key available");

            var privateKey = signature.Store.GetKey(name).Key;

            X509Certificate[] certificateChain = GetCertificateChain(signature.Store, name);

            if (certificateChain == null)
                throw new InvalidOperationException("No private key available");

            /* Prepare file input/output */

            var reader     = new PdfReader(input, null);
            var outputFile = new FileStream(output, FileMode.Create, FileAccess.Write);
            var stamper    = PdfStamper.CreateSignature(reader, outputFile, '\0', null, true);

            stamper.MoreInfo    = metadata.InfoHashtable;
            stamper.XmpMetadata = metadata.XmpMetadata;

            /* Create Siganture Appearance */

            PdfSignatureAppearance signatureAppearance = CreateSignatureAppearance(stamper, signature);

            signatureAppearance.SetCrypto(privateKey, certificateChain, null, PdfSignatureAppearance.WINCER_SIGNED);
            signatureAppearance.CertificationLevel = PdfSignatureAppearance.CERTIFIED_FORM_FILLING_AND_ANNOTATIONS;

            PdfSignature pdfSignature = new PdfSignature(PdfName.ADOBE_PPKLITE, new PdfName("adbe.pkcs7.detached"));

            pdfSignature.Reason   = signatureAppearance.Reason;
            pdfSignature.Location = signatureAppearance.Location;
            pdfSignature.Contact  = signatureAppearance.Contact;
            pdfSignature.Date     = new PdfDate(signatureAppearance.SignDate);
            signatureAppearance.CryptoDictionary = pdfSignature;

            // Preallocate excluded byte-range for the signature content (hex encoded)

            var excludedByteRange = new Dictionary <PdfName, int> ();

            excludedByteRange[PdfName.CONTENTS] = ContentEstimated * 2 + 2;
            signatureAppearance.PreClose(new Hashtable(excludedByteRange));

            // Sign the document

            PKCS7SignDocument(privateKey, certificateChain, signatureAppearance, "SHA-256");
Ejemplo n.º 25
        public void Sign(PDFSignatureAP sigAP, bool encrypt, PDFEncryption Enc)
            PdfReader reader = new PdfReader(this.inputPDF);

            FileStream fs = new FileStream(this.outputPDF, FileMode.Create, FileAccess.Write);

            PdfStamper st;

            if (this.myCert == null)             //No signature just write meta-data and quit
                st = new PdfStamper(reader, fs);
                st = PdfStamper.CreateSignature(reader, fs, '\0', null, sigAP.Multi);

            if (encrypt && Enc != null)
            //st.SetEncryption(PdfWriter.STRENGTH128BITS, "user", "owner", PdfWriter.ALLOW_COPY);

            st.MoreInfo    = this.metadata.getMetaData();
            st.XmpMetadata = this.metadata.getStreamedMetaData();

            if (this.myCert == null)             //No signature just write meta-data and quit

            PdfSignatureAppearance sap = st.SignatureAppearance;

            //sap.SetCrypto(this.myCert.Akp, this.myCert.Chain, null, PdfSignatureAppearance.WINCER_SIGNED);

            sap.SetCrypto(null, this.myCert.Chain, null, PdfSignatureAppearance.SELF_SIGNED);

            sap.Reason   = sigAP.SigReason;
            sap.Contact  = sigAP.SigContact;
            sap.Location = sigAP.SigLocation;
            if (sigAP.Visible)
                iTextSharp.text.Rectangle rect = st.Reader.GetPageSize(sigAP.Page);
                sap.Image      = sigAP.RawData == null ? null : iTextSharp.text.Image.GetInstance(sigAP.RawData);
                sap.Layer2Text = sigAP.CustomText;

                sap.SetVisibleSignature(new iTextSharp.text.Rectangle(sigAP.SigX, sigAP.SigY, sigAP.SigX + sigAP.SigW, sigAP.SigY + sigAP.SigH), sigAP.Page, null);

            PdfSignature dic = new PdfSignature(PdfName.ADOBE_PPKLITE, new PdfName("adbe.pkcs7.detached"));

            dic.Reason           = sap.Reason;
            dic.Location         = sap.Location;
            dic.Contact          = sap.Contact;
            dic.Date             = new PdfDate(sap.SignDate);
            sap.CryptoDictionary = dic;

            int contentEstimated = 15000;
            // Preallocate excluded byte-range for the signature content (hex encoded)
            Dictionary <PdfName, int> exc = new Dictionary <PdfName, int>();

            exc[PdfName.CONTENTS] = contentEstimated * 2 + 2;

            PdfPKCS7 sgn           = new PdfPKCS7(this.myCert.Akp, this.myCert.Chain, null, "SHA1", false);
            IDigest  messageDigest = DigestUtilities.GetDigest("SHA1");
            Stream   data          = sap.GetRangeStream();

            byte[] buf = new byte[8192];
            int    n;

            while ((n = data.Read(buf, 0, buf.Length)) > 0)
                messageDigest.BlockUpdate(buf, 0, n);
            byte[] hash = new byte[messageDigest.GetDigestSize()];
            messageDigest.DoFinal(hash, 0);
            DateTime cal = DateTime.Now;

            byte[] ocsp = null;
            if (this.myCert.Chain.Length >= 2)
                String url = PdfPKCS7.GetOCSPURL(this.myCert.Chain[0]);
                if (url != null && url.Length > 0)
                    ocsp = new OcspClientBouncyCastle().GetEncoded(this.myCert.Chain[0], this.myCert.Chain[1], url);
            byte[] sh = sgn.GetAuthenticatedAttributeBytes(hash, cal, ocsp);
            sgn.Update(sh, 0, sh.Length);

            byte[] paddedSig = new byte[contentEstimated];

            if (this.myCert.Tsc != null)
                byte[] encodedSigTsa = sgn.GetEncodedPKCS7(hash, cal, this.myCert.Tsc, ocsp);
                System.Array.Copy(encodedSigTsa, 0, paddedSig, 0, encodedSigTsa.Length);
                if (contentEstimated + 2 < encodedSigTsa.Length)
                    throw new Exception("Not enough space for signature");
                byte[] encodedSig = sgn.GetEncodedPKCS7(hash, cal);
                System.Array.Copy(encodedSig, 0, paddedSig, 0, encodedSig.Length);
                if (contentEstimated + 2 < encodedSig.Length)
                    throw new Exception("Not enough space for signature");

            PdfDictionary dic2 = new PdfDictionary();

            dic2.Put(PdfName.CONTENTS, new PdfString(paddedSig).SetHexWriting(true));

Ejemplo n.º 26
        public bool Sign(string iSignReason, string iSignContact, string iSignLocation, bool visible, string iImageString)
            string vCertificatesPath = "CN=" + CertificatesName;

            #region Geting Certs

            X509Store       store = new X509Store(_storedName, _storedLocation);
            StorePermission sp    = new StorePermission(PermissionState.Unrestricted);
            sp.Flags = StorePermissionFlags.OpenStore;
            X509Certificate2 cert = null;
            int i = 0;
            while ((i < store.Certificates.Count) && (cert == null))
                if (store.Certificates[i].Subject.ToUpper().Contains(vCertificatesPath))
                    cert = store.Certificates[i];
            if (cert == null)
                throw new CryptographicException("Certificate is NULL. Certificate can not be found");
            Org.BouncyCastle.X509.X509CertificateParser cp = new Org.BouncyCastle.X509.X509CertificateParser();
            var cerRawData   = cert.RawData;
            var certificates = cp.ReadCertificate(cerRawData);
            Org.BouncyCastle.X509.X509Certificate[] chain = new Org.BouncyCastle.X509.X509Certificate[] { certificates };

            var chainFirst = GetChainBouncyCastle(cert);

            #endregion Geting Certs

            PdfReader reader = null;
            if (string.IsNullOrEmpty(inputPdfFileString))
                reader = new PdfReader(inputPdfStream);
                reader = new PdfReader(this.inputPdfFileString);
            if (outputPdfStream == null && string.IsNullOrEmpty(outputPdfFileString) == false)
                outputPdfStream = new FileStream(this.outputPdfFileString, FileMode.OpenOrCreate, FileAccess.Write);
            if (reader != null && outputPdfStream != null)
                #region Standard Signing

                PdfStamper vStamper = PdfStamper.CreateSignature(reader, outputPdfStream, '\0', null, false);
                vStamper.MoreInfo    = this.settingMetadata.GetMetaDataHashtable();
                vStamper.XmpMetadata = this.settingMetadata.GetStreamedMetaData();

                PdfSignatureAppearance vSignatureAppearance = vStamper.SignatureAppearance;
                vSignatureAppearance.SetCrypto(null, chain, null, PdfSignatureAppearance.SELF_SIGNED);
                vSignatureAppearance.SignDate    = SignDate;
                vSignatureAppearance.Reason      = iSignReason;
                vSignatureAppearance.Contact     = iSignContact;
                vSignatureAppearance.Location    = iSignLocation;
                vSignatureAppearance.Acro6Layers = true;
                vSignatureAppearance.Render      = PdfSignatureAppearance.SignatureRender.Description;
                if (visible)
                        new iTextSharp.text.Rectangle(ImageLocation.Width, ImageLocation.Height, ImageLocation.Width + ImageSize.Width, ImageLocation.Height + ImageSize.Height),
                        1, null);
                    if (File.Exists(iImageString))
                        iTextSharp.text.Image vImage = iTextSharp.text.Image.GetInstance(iImageString);
                        vSignatureAppearance.Image = vImage;
                vSignatureAppearance.SetExternalDigest(new byte[128], new byte[20], "RSA");

                #endregion Standard Signing

                #region Self Signed Mode

                PdfSignature dic = new PdfSignature(PdfName.ADOBE_PPKMS, PdfName.ADBE_PKCS7_SHA1);
                dic.Date = new PdfDate(vSignatureAppearance.SignDate);
                var vName = PdfPKCS7.GetSubjectFields(chain[0]).GetField("CN");
                dic.Name = vName;
                if (vSignatureAppearance.Reason != null)
                    dic.Reason = vSignatureAppearance.Reason;
                if (vSignatureAppearance.Location != null)
                    dic.Location = vSignatureAppearance.Location;
                vSignatureAppearance.CryptoDictionary = dic;

                int csize = 4000;
                Dictionary <PdfName, int> exc = new Dictionary <PdfName, int>();
                exc[PdfName.CONTENTS] = csize * 2 + 2;
                vSignatureAppearance.PreClose(new Hashtable(exc));

                HashAlgorithm sha = new SHA1CryptoServiceProvider();

                Stream s    = vSignatureAppearance.RangeStream;
                int    read = 0;
                byte[] buff = new byte[8192];
                while ((read = s.Read(buff, 0, 8192)) > 0)
                    sha.TransformBlock(buff, 0, read, buff, 0);
                sha.TransformFinalBlock(buff, 0, 0);
                byte[]        pk   = SignMsg(sha.Hash, cert, false);
                byte[]        outc = new byte[csize];
                PdfDictionary dic2 = new PdfDictionary();
                Array.Copy(pk, 0, outc, 0, pk.Length);
                dic2.Put(PdfName.CONTENTS, new PdfString(outc).SetHexWriting(true));

                #endregion Self Signed Mode

                if (vSignatureAppearance.IsPreClosed() == false)