public void Sign(String src, String dest,
ICollection<X509Certificate> chain, X509Certificate2 pk,
String digestAlgorithm, CryptoStandard subfilter,
String reason, String location,
ICollection<ICrlClient> crlList,
IOcspClient ocspClient,
ITSAClient tsaClient,
int estimatedSize) {
// Creating the reader and the stamper
PdfReader reader = null;
PdfStamper stamper = null;
FileStream os = null;
try {
reader = new PdfReader(src);
os = new FileStream(dest, FileMode.Create);
stamper = PdfStamper.CreateSignature(reader, os, '\0');
// Creating the appearance
PdfSignatureAppearance appearance = stamper.SignatureAppearance;
appearance.Reason = reason;
appearance.Location = location;
appearance.SetVisibleSignature(new Rectangle(36, 748, 144, 780), 1, "sig");
// Creating the signature
IExternalSignature pks = new X509Certificate2Signature(pk, digestAlgorithm);
MakeSignature.SignDetached(appearance, pks, chain, crlList, ocspClient, tsaClient, estimatedSize,
subfilter);
}
finally {
if (reader != null)
reader.Close();
if (stamper != null)
stamper.Close();
if (os != null)
os.Close();
}
}
public override void EncodeAndSign(X509Certificate2 certificate, string filePath)
{
PdfReader Reader = new PdfReader(filePath);
PdfStamper Stamper = PdfStamper.CreateSignature(Reader, new FileStream(filePath + ".signed", FileMode.Create),'0');
PdfSignatureAppearance SAP = Stamper.SignatureAppearance;
BcX509.X509Certificate BouncyCertificate = DotNetUtils.FromX509Certificate(certificate);
var chain = new List<BcX509.X509Certificate> { BouncyCertificate };
IExternalSignature ES = new X509Certificate2Signature(certificate, DigestAlgorithms.SHA256);
MakeSignature.SignDetached(SAP, ES, chain, null, null, null, 0, CryptoStandard.CMS);
Stamper.Close();
Reader.Close();
File.Delete(filePath);
File.Move(filePath + ".signed", filePath);
}
/// <summary>
///
/// </summary>
/// <param name="inputPath"></param>
/// <param name="outputPath"></param>
/// <param name="cert"></param>
/// <param name="caCerts"></param>
/// <param name="signatureSettings"></param>
public static void Sign(string inputPath, string outputPath, X509Certificate2 cert, ICollection<X509Certificate2> caCerts, SignatureSettings signatureSettings)
{
var cp = new Org.BouncyCastle.X509.X509CertificateParser();
var chain = new List<Org.BouncyCastle.X509.X509Certificate> { cp.ReadCertificate(cert.RawData) };
chain.AddRange(caCerts.Select(caCert => cp.ReadCertificate(caCert.RawData)));
IExternalSignature pk = new X509Certificate2Signature(cert, DigestAlgorithms.SHA1);
IList<ICrlClient> crlList = new List<ICrlClient>();
crlList.Add(new CrlClientOnline());
var signed = SignDocument(inputPath, chain, pk, CryptoStandard.CMS, signatureSettings.Reason,
signatureSettings.Location, crlList, null, signatureSettings.TsaClient, 0);
File.WriteAllBytes(outputPath, signed);
AddLtv(signed, outputPath, signatureSettings.OcspClient, crlList.First());
}
public byte[] Sign(Stream stream, DigestAlgorithm digestAlgo, IDssPrivateKeyEntry keyEntry)
{
byte[] signedBytes;
if (keyEntry is KSX509Certificate2Entry)
{
var cert = ((KSX509Certificate2Entry)keyEntry).Cert2;
X509Certificate2Signature signer = new X509Certificate2Signature(cert, digestAlgo.GetName());
signedBytes = signer.Sign(Streams.ReadAll(stream));
stream.Close();
return signedBytes;
}
throw new ArgumentException("Only allowed KSX509Certificate2Entry", "keyEntry");
}
public bool SignPdf(string SourcePdfFileName, string DestPdfFileName, DesignSign design)
{
var chain = __makeChain();
try {
IExternalSignature externalSignature = new iTextSharp.text.pdf.security.X509Certificate2Signature(cert, "SHA-1");
PdfReader pdfReader = new PdfReader(SourcePdfFileName);
FileStream signedPdf = new FileStream(DestPdfFileName, FileMode.Create);
PdfStamper pdfStamper = PdfStamper.CreateSignature(pdfReader, signedPdf, '\0');
PdfWriter writer = pdfStamper.Writer;
PdfSignatureAppearance signatureAppearance = pdfStamper.SignatureAppearance;
if (design != null)
{
signatureAppearance = makePdfSignature(signatureAppearance, design);
}
//MakeSignature.SignDetached(signatureAppearance, externalSignature, chain, null, null, null, 0, CryptoStandard.CADES);
// MessageBox.Show("Done");
for (int i = 0; i < pdfReader.NumberOfPages; ++i)
{
__drawFooter(pdfStamper, design, i + 1);
//PdfFormField form = formField(pdfStamper, i + 1,design);
//pdfStamper.AddAnnotation(form, i + 1);
}
MakeSignature.SignDetached(signatureAppearance, externalSignature, chain, null, null, null, 0, CryptoStandard.CMS);
signedPdf.Close();
}
catch (Exception e)
{
return(false);
}
return(true);
}
public static void SignPdfToken(String SRC, String DEST, String Reason, String Location, X509Certificate2 cert, String tokenPassword, String keyContainerName, String llx, String lly, String urx, String ury, int fontSize)
{
var pass = new SecureString();
foreach (char c in tokenPassword.ToCharArray())
{
pass.AppendChar(c);
}
Console.WriteLine("Password cargada");
CspParameters csp = new CspParameters(1,
CertUtils.ProviderName,
keyContainerName,
new System.Security.AccessControl.CryptoKeySecurity(),
pass);
Console.WriteLine("CSP cargada");
try
{
RSACryptoServiceProvider rsaCsp = new RSACryptoServiceProvider(csp);
// the pin code will be cached for next access to the smart card
}
catch (Exception ex)
{
Console.WriteLine("Crypto error: " + ex.Message + " " + ex.GetType().ToString());
throw ex;
}
Console.WriteLine("Crypto Provider cargado");
//Org.BouncyCastle.X509.X509CertificateParser cp = new Org.BouncyCastle.X509.X509CertificateParser();
//Org.BouncyCastle.X509.X509Certificate[] chain = new Org.BouncyCastle.X509.X509Certificate[] { cp.ReadCertificate(cert.RawData) };
IList<X509Certificate> chain = new List<X509Certificate>();
X509Chain x509chain = new X509Chain();
x509chain.Build(cert);
foreach (X509ChainElement x509ChainElement in x509chain.ChainElements)
{
chain.Add(DotNetUtilities.FromX509Certificate(x509ChainElement.Certificate));
}
IExternalSignature externalSignature = new X509Certificate2Signature(cert, DigestAlgorithms.SHA512);
PdfReader pdfReader = new PdfReader(SRC);
FileStream signedPdf = new FileStream(DEST, FileMode.Create); //the output pdf file
PdfStamper pdfStamper = PdfStamper.CreateSignature(pdfReader, signedPdf, '\0');
PdfSignatureAppearance signatureAppearance = pdfStamper.SignatureAppearance;
//here set signatureAppearance at your will
signatureAppearance.Reason = Reason;
signatureAppearance.Location = Location;
BaseFont bf = BaseFont.CreateFont();
signatureAppearance.Layer2Font = new Font(bf, fontSize);
signatureAppearance.CertificationLevel = PdfSignatureAppearance.CERTIFIED_NO_CHANGES_ALLOWED;
signatureAppearance.SetVisibleSignature(new Rectangle(float.Parse(llx), float.Parse(lly), float.Parse(urx), float.Parse(ury)), 1, "sig");
//signatureAppearance.SignatureRenderingMode = PdfSignatureAppearance.RenderingMode.DESCRIPTION;
MakeSignature.SignDetached(signatureAppearance, externalSignature, chain, null, null, null, 0, CryptoStandard.CMS);
//MakeSignature.SignDetached(signatureAppearance, externalSignature, chain, null, null, null, 0, CryptoStandard.CADES);
}
private static void CreateSignature(SigningCertificates signingCertificates, PdfSignatureAppearance signatureAppearance, ICollection<ICrlClient> clrClients, IOcspClient oscpClient)
{
IExternalSignature externalSignature = new X509Certificate2Signature(signingCertificates.X509Certificate2, "SHA-1");
MakeSignature.SignDetached(signatureAppearance, externalSignature, signingCertificates.FinalChain, clrClients, oscpClient, null, 0, CryptoStandard.CMS);
}
/// <summary>
/// Assina o arquivo PDF
/// </summary>
/// <param name="filePath">Caminho do arquivo</param>
/// <param name="certificate">Certificado</param>
/// <param name="reason">Motivo da assinatura</param>
internal static void sign(string filePath, X509Certificate2 certificate, string reason = null)
{
try
{
// make the certificate chain
IList <BCX.X509Certificate> chain = getCertChain(certificate);
// open the original file
TS.PdfReader reader = new TS.PdfReader(filePath);
string newFilePath = filePath.Substring(0, filePath.Length - 4) + "_signed.pdf";
// create a new file
FileStream fout = new FileStream(newFilePath, FileMode.OpenOrCreate, FileAccess.ReadWrite);
// create the "stamp" on the file
TS.PdfStamper stamper = TS.PdfStamper.CreateSignature(reader, fout, '\0', null, true);
TS.PdfSignatureAppearance appearance = stamper.SignatureAppearance;
appearance.Reason = reason;
appearance.Location = getLocation(certificate.Subject);
int i = 1;
int xdiff = 0;
while (true)
{
string fieldName = "Assinatura" + i.ToString();;
try
{
appearance.SetVisibleSignature(new iTextSharp.text.Rectangle(20 + xdiff, 10, 170 + xdiff, 60), 1, fieldName);
TSS.X509Certificate2Signature es = new TSS.X509Certificate2Signature(certificate, "SHA-1");
TSS.MakeSignature.SignDetached(appearance, es, chain, null, null, null, 0, TSS.CryptoStandard.CMS);
break;
}
catch (Exception ex)
{
if (ex.Message != "The field " + fieldName + " already exists.")
{
throw ex;
}
else
{
i++;
xdiff += 180;
}
}
}
// close the files
reader.Close();
fout.Close();
// delete the tmp file e move the new to the right name
System.IO.File.Delete(filePath);
System.IO.File.Move(newFilePath, filePath);
}
catch (Exception ex)
{
throw ex;
}
}
