public static bool SignPDF(X509Certificate2 signature, string sourceDocument, string destinationPath) { if (signature == null) { return(false); } PdfReader reader = new PdfReader(sourceDocument); using (FileStream fout = new FileStream(destinationPath, FileMode.Create, FileAccess.ReadWrite)) { using (PdfStamper stamper = PdfStamper.CreateSignature(reader, fout, '\0')) { // digital signature var pk = Org.BouncyCastle.Security.DotNetUtilities.GetKeyPair(signature.PrivateKey).Private; IExternalSignature es = new PrivateKeySignature(pk, "SHA-256"); Org.BouncyCastle.X509.X509CertificateParser cp = new Org.BouncyCastle.X509.X509CertificateParser(); Org.BouncyCastle.X509.X509Certificate[] chain = new[] { cp.ReadCertificate(signature.RawData) }; try { MakeSignature.SignDetached(stamper.SignatureAppearance, es, chain, null, null, null, 0, CryptoStandard.CMS); } catch (CryptographicException ex) { return(false); } stamper.Close(); } } return(true); }
//Sample from: http://www.rahulsingla.com/blog/2012/09/digitally-sign-and-verify-pdf-documents-in-c-using-itextsharp-5-3-x-library // http://stackoverflow.com/questions/14997118/how-do-i-sign-a-pdf-document-using-a-certificate-from-the-windows-cert-store /// <summary> /// Signs a PDF document using iTextSharp library /// </summary> /// <param name="certSubjectName">Cerificate subject (prefix) in local certStore.</param> /// <param name="sourceDocument">The path of the source pdf document which is to be signed</param> /// <param name="destinationPath">The path at which the signed pdf document should be generated</param> /// <param name="reason">String describing the reason for signing, would be embedded as part of the signature</param> /// <param name="location">Location where the document was signed, would be embedded as part of the signature</param> /// <param name="allowInvalidCertificate">Allows also usage of invalid certificate from store.</param> public static byte[] SignPdf(string certSubjectName, byte[] sourceDocument, string reason, string location, bool allowInvalidCertificate) { try { // reader and stamper using (PdfReader reader = new PdfReader(sourceDocument)) { using (MemoryStream fout = new MemoryStream()) { PdfStamper stamper = PdfStamper.CreateSignature(reader, fout, '\0'); // appearance PdfSignatureAppearance appearance = stamper.SignatureAppearance; appearance.Reason = reason; appearance.Location = location; // digital signature ICollection <Org.BouncyCastle.X509.X509Certificate> certChain; IExternalSignature es = ResolveExternalSignatureFromCertStore(certSubjectName, allowInvalidCertificate, out certChain); MakeSignature.SignDetached(appearance, es, certChain, null, null, null, 0, CryptoStandard.CMS); stamper.Close(); return(fout.ToArray()); } } } catch (Exception ex) { System.Diagnostics.Trace.TraceError("Exception during pdf sign: {0}", ex.Message); throw; } }
private void sign(X509Certificate2 cert, String imput, String output) { string SourcePdfFileName = imput; string DestPdfFileName = output; string requerente = ""; Org.BouncyCastle.X509.X509CertificateParser cp = new Org.BouncyCastle.X509.X509CertificateParser(); Org.BouncyCastle.X509.X509Certificate[] chain = new Org.BouncyCastle.X509.X509Certificate[] { cp.ReadCertificate(cert.RawData) }; IExternalSignature externalSignature = new X509Certificate2Signature(cert, "SHA-1"); PdfReader pdfReader = new PdfReader(SourcePdfFileName); FileStream signedPdf = new FileStream(DestPdfFileName, FileMode.Create); //the output pdf file PdfStamper pdfStamper = PdfStamper.CreateSignature(pdfReader, signedPdf, '\0'); PdfSignatureAppearance signatureAppearance = pdfStamper.SignatureAppearance; requerente = cert.Subject.Replace("CN=", "").Replace("OU=", "").Replace("DC=", "").Replace("O=", "").Replace("C=", ""); signatureAppearance.SetVisibleSignature(new iTextSharp.text.Rectangle(250, 30, 550, 80), 1, "Signature"); signatureAppearance.Layer2Text = "Assinado de forma digital por " + requerente + Environment.NewLine + "Dados:" + DateTime.Now; string pathImage = Path.Combine(Path.GetDirectoryName(Assembly.GetExecutingAssembly().Location), "assinatura.png"); var image = iTextSharp.text.Image.GetInstance(pathImage); signatureAppearance.SignatureGraphic = image; //signatureAppearance.SignatureRenderingMode = PdfSignatureAppearance.RenderingMode.DESCRIPTION; signatureAppearance.SignatureRenderingMode = PdfSignatureAppearance.RenderingMode.GRAPHIC_AND_DESCRIPTION; //signatureAppearance.SignatureRenderingMode = PdfSignatureAppearance.RenderingMode.DESCRIPTION; MakeSignature.SignDetached(signatureAppearance, externalSignature, chain, null, null, null, 0, CryptoStandard.CMS); }
public static byte[] SignPDFBytes(X509Certificate2 signatureCert, byte[] pdf) { byte[] result; MemoryStream ms = new MemoryStream(); PdfReader reader = new PdfReader(pdf); using (PdfStamper signer = PdfStamper.CreateSignature(reader, ms, '\0')) { // digital signature var pk = Org.BouncyCastle.Security.DotNetUtilities.GetKeyPair(signatureCert.PrivateKey).Private; IExternalSignature es = new PrivateKeySignature(pk, "SHA-256"); Org.BouncyCastle.X509.X509CertificateParser cp = new Org.BouncyCastle.X509.X509CertificateParser(); Org.BouncyCastle.X509.X509Certificate[] chain = new[] { cp.ReadCertificate(signatureCert.RawData) }; try { MakeSignature.SignDetached(signer.SignatureAppearance, es, chain, null, null, null, 0, CryptoStandard.CMS); result = ms.ToArray(); } catch (CryptographicException ex) { throw; } signer.Close(); } return(result); }
private void addTsa(PdfSignatureAppearance signAppearance) { var es = new PrivateKeySignature(_asymmetricKeyParameter, "SHA-256"); var tsc = new TSAClientBouncyCastle(SignatureData.TsaClient.Url, SignatureData.TsaClient.UserName, SignatureData.TsaClient.Password); MakeSignature.SignDetached(signAppearance, es, _chain, null, null, tsc, 0, CryptoStandard.CMS); }
public byte[] Sign(byte[] pdf, SignInformation signInfo) { PdfReader document = new PdfReader(pdf); MemoryStream stream = new MemoryStream(); PdfStamper pdfStamper = PdfStamper.CreateSignature(document, stream, '\0'); PdfSignatureAppearance signatureAppearance = pdfStamper.SignatureAppearance; signatureAppearance.Reason = signInfo.reason; //Reason signatureAppearance.Location = signInfo.location; //Location signatureAppearance.CertificationLevel = signInfo.certifyLevel; signatureAppearance.SignatureRenderingMode = PdfSignatureAppearance.RenderingMode.DESCRIPTION; //Rendering mode IExternalSignature signature = new RSAProviderPrivateKey(signInfo.cert, signInfo.hashAlgorithm); try { //Do signing MakeSignature.SignDetached(signatureAppearance, signature, signInfo.chain, null, null, null, 0, signInfo.sigType); } catch (Exception e) { throw new Exception("Cannot sign the PDF file.", e); } return(stream.ToArray()); }
private void signDetached(PdfSignatureAppearance signAppearance) { signAppearance.CertificationLevel = PdfSignatureAppearance.CERTIFIED_NO_CHANGES_ALLOWED; var es = new PrivateKeySignature(_asymmetricKeyParameter, "SHA-256"); MakeSignature.SignDetached(signAppearance, es, _chain, null, null, null, 0, CryptoStandard.CMS); }
public void sign(X509Certificate2 cert, String filename, String imageName, String output) { Org.BouncyCastle.X509.X509CertificateParser cp = new Org.BouncyCastle.X509.X509CertificateParser(); Org.BouncyCastle.X509.X509Certificate[] chain = new Org.BouncyCastle.X509.X509Certificate[] { cp.ReadCertificate(cert.RawData) }; IExternalSignature externalSignature = new X509Certificate2Signature(cert, "SHA-1"); PdfReader pdfReader = new PdfReader(filename); FileStream signedPdf = new FileStream(output, FileMode.Create); PdfStamper pdfStamper = PdfStamper.CreateSignature(pdfReader, signedPdf, '\0'); PdfSignatureAppearance signatureAppearance = pdfStamper.SignatureAppearance; Image img = Image.GetInstance(imageName); img.Alignment = iTextSharp.text.Image.UNDERLYING; signatureAppearance.SignatureGraphic = img; signatureAppearance.Acro6Layers = true; int x = Convert.ToInt32(xTextBox.Text); int y = Convert.ToInt32(yTextBox.Text); int w = Convert.ToInt32(widthTextBox.Text); int h = Convert.ToInt32(heightTextBox.Text); signatureAppearance.SetVisibleSignature(new iTextSharp.text.Rectangle(x, y, w, h), pdfReader.NumberOfPages, "Signature"); signatureAppearance.SignatureRenderingMode = PdfSignatureAppearance.RenderingMode.GRAPHIC_AND_DESCRIPTION; MakeSignature.SignDetached(signatureAppearance, externalSignature, chain, null, null, null, 0, CryptoStandard.CMS); }
public void Sign(String keystore, String src, String name, String dest) { Pkcs12Store store = new Pkcs12Store(new FileStream(keystore, FileMode.Open), PASSWORD); String alias = ""; ICollection <X509Certificate> chain = new List <X509Certificate>(); // searching for private key foreach (string al in store.Aliases) { if (store.IsKeyEntry(al) && store.GetKey(al).Key.IsPrivate) { alias = al; break; } } AsymmetricKeyEntry pk = store.GetKey(alias); foreach (X509CertificateEntry c in store.GetCertificateChain(alias)) { chain.Add(c.Certificate); } RsaPrivateCrtKeyParameters parameters = pk.Key as RsaPrivateCrtKeyParameters; PdfReader reader = new PdfReader(src); FileStream os = new FileStream(dest, FileMode.Create); PdfStamper stamper = PdfStamper.CreateSignature(reader, os, '\0', null, true); // Creating the appearance PdfSignatureAppearance appearance = stamper.SignatureAppearance; appearance.SetVisibleSignature(name); // Creating the signature IExternalSignature pks = new PrivateKeySignature(parameters, "SHA-256"); MakeSignature.SignDetached(appearance, pks, chain, null, null, null, 0, CryptoStandard.CMS); }
/// <summary> /// Signs a PDF document using iTextSharp library /// </summary> /// <param name="sourceDocument">The path of the source pdf document which is to be signed</param> /// <param name="reason">String describing the reason for signing, would be embedded as part of the signature</param> /// <param name="location">Location where the document was signed, would be embedded as part of the signature</param> public static byte[] SignPdfFile(byte[] sourceDocument, string reason, string location) { var cert = DigitalSignature.GetStoreCertificate(); var cp = new Org.BouncyCastle.X509.X509CertificateParser(); var pdfCert = cp.ReadCertificate(cert.RawData); var certChain = new[] { pdfCert }; // reader and stamper PdfReader reader = new PdfReader(sourceDocument); using (MemoryStream fout = new MemoryStream()) { using (PdfStamper stamper = PdfStamper.CreateSignature(reader, fout, '\0')) { // appearance PdfSignatureAppearance appearance = stamper.SignatureAppearance; appearance.Reason = reason; appearance.Location = location; var rect = reader.GetPageSize(1); appearance.SetVisibleSignature(new Rectangle(rect.Width - 128, rect.Height - 78, rect.Width - 10, rect.Height - 20), 1, null); // digital signature IExternalSignature es = new X509Certificate2Signature(cert, "SHA1"); MakeSignature.SignDetached(appearance, es, certChain, null, null, null, 0, CryptoStandard.CMS); stamper.Close(); } return(fout.ToArray()); } }
public void Sign(String src, String name, String dest, ICollection <X509Certificate> chain, ICipherParameters pk, String digestAlgorithm, CryptoStandard subfilter, String reason, String location, String contact, DateTime signDate, String fullName) { // Creating the reader and the stamper PdfReader reader = new PdfReader(src); FileStream os = new FileStream(dest, FileMode.Create); PdfStamper stamper = PdfStamper.CreateSignature(reader, os, '\0'); // Creating the appearance PdfSignatureAppearance appearance = stamper.SignatureAppearance; appearance.Reason = reason; appearance.Location = location; appearance.SetVisibleSignature(name); appearance.Contact = contact; appearance.SignDate = signDate; MySignatureEvent eEvent = new MySignatureEvent(); eEvent.FullName = fullName; appearance.SignatureEvent = eEvent; // Creating the signature IExternalSignature pks = new PrivateKeySignature(pk, digestAlgorithm); MakeSignature.SignDetached(appearance, pks, chain, null, null, null, 0, subfilter); }
public void Pkcs11RsaSignatureReuseTest() { using (Pkcs11RsaSignature pkcs11RsaSignature = new Pkcs11RsaSignature(_libraryPath, _tokenSerial, _tokenLabel, _pin, _ckaLabel, _ckaId, _hashAlgorithm)) { byte[] signingCertificate = pkcs11RsaSignature.GetSigningCertificate(); List <byte[]> otherCertificates = pkcs11RsaSignature.GetAllCertificates(); ICollection <X509Certificate> certPath = CertUtils.BuildCertPath(signingCertificate, otherCertificates); for (int i = 0; i < 100; i++) { string unsignedPdfPath = GetTempDocPath(); string signedPdfPath = GetTempDocPath(); try { GenerateRandomPdf(unsignedPdfPath); using (PdfReader pdfReader = new PdfReader(unsignedPdfPath)) using (FileStream outputStream = new FileStream(signedPdfPath, FileMode.Create)) using (PdfStamper pdfStamper = PdfStamper.CreateSignature(pdfReader, outputStream, '\0', GetTempDocPath(), true)) MakeSignature.SignDetached(pdfStamper.SignatureAppearance, pkcs11RsaSignature, certPath, null, null, null, 0, CryptoStandard.CADES); Assert.IsTrue(1 == VerifySignatureIntegrity(signedPdfPath)); } finally { File.Delete(unsignedPdfPath); File.Delete(signedPdfPath); } } } }
private String calculateSigningContent(X509Certificate2 cert) { byte[] sh = null; try { Org.BouncyCastle.X509.X509Certificate[] chain = GetCertChain(cert); sgn = new PdfPKCS7(null, chain, "SHA-256", true); hashValue = HashFile(sap.GetRangeStream()); List <ICrlClient> crlList = new List <ICrlClient>(); crlList.Add(new CrlClientOnline(chain)); ICollection <byte[]> crlBytes = null; int i = 0; while (crlBytes == null && i < chain.Length) { crlBytes = MakeSignature.ProcessCrl(chain[i++], null); } sh = sgn.getAuthenticatedAttributeBytes(hashValue, null, crlBytes /*crlbyte*/, CryptoStandard.CADES); } catch (Exception ex) { if (document != null) { document.Close(); } if (pdfStamper != null) { pdfStamper.Close(); } throw new Exception("getHash : " + ex.Message, ex); } return(System.Convert.ToBase64String(sh)); }
public Stream SignPDF(Stream pdfstream, Certificate certificate) { pdfstream.Requires(nameof(pdfstream)).IsNotNull(); certificate.Requires(nameof(certificate)).IsNotNull(); var chain = certificate.Chain; var parameters = certificate.Parameters; IExternalSignature pks = new PrivateKeySignature(parameters, DigestAlgorithms.SHA256); using (PdfReader reader = new PdfReader(pdfstream)) { if (reader.IsEncrypted()) { throw new Exception("[PDFEncryptedException] Target PDF is encrypted or owned, unlock PDF and try again."); } var outputpdf = new MemoryStream(); using (PdfStamper st = PdfStamper.CreateSignature(reader, outputpdf, '\0', "tmp.pdf", true)) { PdfSignatureAppearance appearance = st.SignatureAppearance; appearance.SignDate = DateTime.Now; appearance.SignatureRenderingMode = PdfSignatureAppearance.RenderingMode.NAME_AND_DESCRIPTION; MakeSignature.SignDetached(appearance, pks, chain, null, null, null, 0, CryptoStandard.CMS); var mb = outputpdf.ToArray(); return(new MemoryStream(mb)); } } }
public void SignWithThisCert(X509Certificate2 cert, Stream Archivo, string URLDocumento) { string DestPdfFileName = URLDocumento; Org.BouncyCastle.X509.X509CertificateParser cp = new Org.BouncyCastle.X509.X509CertificateParser(); Org.BouncyCastle.X509.X509Certificate[] chain = new Org.BouncyCastle.X509.X509Certificate[] { cp.ReadCertificate(cert.RawData) }; IExternalSignature externalSignature = new X509Certificate2Signature(cert, "SHA-1"); Archivo.Flush(); // Don't know if this is necessary Archivo.Position = 0; PdfReader pdfReader = new PdfReader(Archivo); FileStream signedPdf = new FileStream(DestPdfFileName, FileMode.Create); //the output pdf file PdfStamper pdfStamper = PdfStamper.CreateSignature(pdfReader, signedPdf, '\0'); PdfSignatureAppearance signatureAppearance = pdfStamper.SignatureAppearance; //here set signatureAppearance at your will signatureAppearance.Reason = ConfigurationManager.AppSettings["firma_RazonInversionista"].ToString(); signatureAppearance.Location = ConfigurationManager.AppSettings["firma_Ubicacion"].ToString(); signatureAppearance.SignatureRenderingMode = PdfSignatureAppearance.RenderingMode.DESCRIPTION; MakeSignature.SignDetached(signatureAppearance, externalSignature, chain, null, null, null, 0, CryptoStandard.CMS); //MakeSignature.SignDetached(signatureAppearance, externalSignature, chain, null, null, null, 0, CryptoStandard.CADES); signedPdf.Close(); //signedPdf = new FileStream(DestPdfFileName, FileMode.Open); //return signedPdf; }
public void Sign(string inputPath, string outPath, string imagePath, bool visible = true) { X509Store store = new X509Store(StoreLocation.CurrentUser); store.Open(OpenFlags.ReadOnly); X509Certificate2Collection sel = X509Certificate2UI.SelectFromCollection(store.Certificates, null, null, X509SelectionFlag.SingleSelection); X509Certificate2 cert = sel[0]; Org.BouncyCastle.X509.X509CertificateParser cp = new Org.BouncyCastle.X509.X509CertificateParser(); Org.BouncyCastle.X509.X509Certificate[] chain = new Org.BouncyCastle.X509.X509Certificate[] { cp.ReadCertificate(cert.RawData) }; IExternalSignature externalSignature = new X509Certificate2Signature(cert, "SHA-1"); PdfReader pdfReader = new PdfReader(inputPath); var signedPdf = new FileStream(outPath, FileMode.Create); var pdfStamper = PdfStamper.CreateSignature(pdfReader, signedPdf, '\0'); PdfSignatureAppearance signatureAppearance = pdfStamper.SignatureAppearance; if (imagePath != null && imagePath != string.Empty) { signatureAppearance.SignatureGraphic = Image.GetInstance(imagePath); } signatureAppearance.SetVisibleSignature(new Rectangle(100, 100, 250, 150), pdfReader.NumberOfPages, "Signature"); signatureAppearance.SignatureRenderingMode = PdfSignatureAppearance.RenderingMode.GRAPHIC_AND_DESCRIPTION; MakeSignature.SignDetached(signatureAppearance, externalSignature, chain, null, null, null, 0, CryptoStandard.CMS); Process.Start(outPath); }
public bool signCertificate(string DocumentPath, string CertificateSavePath, Stream privateKeyStream, string keyPassword) { try { Pkcs12Store pk12 = new Pkcs12Store(privateKeyStream, keyPassword.ToCharArray()); privateKeyStream.Dispose(); //then Iterate throught certificate entries to find the private key entry string alias = null; foreach (string tAlias in pk12.Aliases) { if (pk12.IsKeyEntry(tAlias)) { alias = tAlias; break; } } var pk = pk12.GetKey(alias).Key; // reader and stamper PdfReader reader = new PdfReader(DocumentPath); int PageCount = reader.NumberOfPages; using (FileStream fout = new FileStream(CertificateSavePath, FileMode.Create, FileAccess.ReadWrite)) { using (PdfStamper stamper = PdfStamper.CreateSignature(reader, fout, '\0', null, true)) { // appearance PdfSignatureAppearance appearance = stamper.SignatureAppearance; //appearance.Image = new iTextSharp.text.pdf.PdfImage(); //appearance.Reason = reason; // appearance.Location = location; appearance.SetVisibleSignature(new iTextSharp.text.Rectangle(220, 165, 420, 250), PageCount, "Icsi-Vendor");//.IsInvisible();//s //220,165, 435, 310 //lly - gose up llx - is width 210,245,495,620 500, 300, 297, 200 //iTextSharp.text.Image watermark = iTextSharp.text.Image.GetInstance(SignatureIMGPath); //appearance.Image = watermark; //appearance.Image.ScaleToFit(70, 70); ////appearance.Image.Alignment=100; //appearance.Image.SetAbsolutePosition(100, 100); //appearance.GetAppearance().AddImage(watermark); //digital signature IExternalSignature es = new PrivateKeySignature(pk, "SHA-256"); MakeSignature.SignDetached(appearance, es, new Org.BouncyCastle.X509.X509Certificate[] { pk12.GetCertificate(alias).Certificate }, null, null, null, 0, CryptoStandard.CMS); stamper.Close(); } } return(true); } catch (Exception Ex) { ErrorLog.LogError(Ex); return(false); } }
public async Task DigitallySign(int idDocument, string userId, string password, byte[] certificateData, string reason, string location) { var document = await dbContext .Documents .FirstAsync(it => it.IdDocument == idDocument); var lastState = await dbContext.DocumentStates.Include(it => it.DocumentData).Where(it => it.IdDocument == idDocument).LastAsync(); var unsignedData = ((DocumentDataUpload)lastState.DocumentData).Data; var store = new Pkcs12Store(new MemoryStream(certificateData), password.ToCharArray()); var alias = string.Empty; foreach (string al in store.Aliases) { if (store.IsKeyEntry(al) && store.GetKey(al).Key.IsPrivate) { alias = al; break; } } var pk = store.GetKey(alias); var chain = new List <X509Certificate>(); foreach (X509CertificateEntry c in store.GetCertificateChain(alias)) { chain.Add(c.Certificate); } var certificate = new System.Security.Cryptography.X509Certificates.X509Certificate(certificateData, password); var signedPdfData = new MemoryStream(); using (var reader = new PdfReader(unsignedData)) { var stp = PdfStamper.CreateSignature(reader, signedPdfData, '\0'); stp.SignatureAppearance.Reason = reason; stp.SignatureAppearance.Location = location; stp.SignatureAppearance.SetVisibleSignature(new Rectangle(36, 748, 144, 780), 1, null); var es = new PrivateKeySignature(pk.Key as RsaPrivateCrtKeyParameters, DigestAlgorithms.SHA256); MakeSignature.SignDetached(stp.SignatureAppearance, es, chain, null, null, null, 0, CryptoStandard.CMS); stp.Close(); } dbContext.Entry(lastState).State = EntityState.Detached; lastState.IdDocumentState = 0; lastState.IdDocumentData = 0; lastState.StatusDate = DateTime.Now; lastState.IsDigitallySigned = true; lastState.Version = GetNextVersion(lastState.Version, lastState.DocumentStatus); lastState.DocumentData = new DocumentDataUpload { Data = signedPdfData.ToArray() }; dbContext.DocumentStates.Add(lastState); }
public void CreateSignature(String src, String dest, String fieldname, AsymmetricKeyEntry pk, IList <X509Certificate> chain) { PdfReader reader = new PdfReader(src); FileStream os = new FileStream(dest, FileMode.Create); IExternalSignatureContainer external = new MyExternalSignatureContainer(pk, chain); MakeSignature.SignDeferred(reader, fieldname, os, external); }
private void SignDocumentSigningBlock(ICollection <X509Certificate> chain, ICipherParameters pk, string block, PdfSignatureAppearance appearance, PdfStamper stamper, byte[] signatureImage) { appearance.SetVisibleSignature(block); SignDocumentSigningBlockWithImage(signatureImage, appearance); SignDocumentSigningBlockWithText(appearance, chain.First()); IExternalSignature externalSignature = new PrivateKeySignature(pk, "SHA-256"); MakeSignature.SignDetached(appearance, externalSignature, chain, null, null, new TSAClientBouncyCastle("http://services.globaltrustfinder.com/adss/tsa"), 104000, CryptoStandard.CMS); }
public static bool SignHashed(string Source, string Target, SysX509.X509Certificate2 Certificate, string Reason, string Location, bool AddVisibleSign, bool AddTimeStamp, string strTSA) { PdfReader objReader = null; PdfStamper objStamper = null; try { X509CertificateParser objCP = new Org.BouncyCastle.X509.X509CertificateParser(); X509Certificate[] objChain = new X509Certificate[] { objCP.ReadCertificate(Certificate.RawData) }; IList <ICrlClient> crlList = new List <ICrlClient>(); crlList.Add(new CrlClientOnline(objChain)); objReader = new PdfReader(Source); objStamper = PdfStamper.CreateSignature(objReader, new FileStream(Target, FileMode.Create), '\0', null, true); // Creamos la apariencia PdfSignatureAppearance signatureAppearance = objStamper.SignatureAppearance; signatureAppearance.Reason = "Inforegistro, S.L."; //signatureAppearance.Location = Location; // Custom signature appearance text var font = FontFactory.GetFont("Times New Roman", 11, iTextSharp.text.Font.BOLDITALIC, BaseColor.DARK_GRAY); signatureAppearance.Layer2Font = font; signatureAppearance.Layer2Text = "Firmado digitalmente por \r\nInforegistro, S.L.\r\nFecha " + DateTime.Now.ToShortDateString(); var rectangle = new Rectangle(350, 30, 500, 120); // Si está la firma visible: if (AddVisibleSign) { signatureAppearance.SetVisibleSignature(rectangle, 2, "Inforegistro"); } ITSAClient tsaClient = null; IOcspClient ocspClient = null; // Creating the signature IExternalSignature externalSignature = new X509Certificate2Signature(Certificate, "SHA-1"); MakeSignature.SignDetached(signatureAppearance, externalSignature, objChain, crlList, ocspClient, tsaClient, 0, CryptoStandard.CMS); return(File.Exists(Target)); } catch (Exception ex) { throw ex; } finally { if (objReader != null) { objReader.Close(); } if (objStamper != null) { objStamper.Close(); } } }
public string Execute(SingInfo singInfo) { var certificate = this.certificadoA3.Obter(); this.cadeiaTempo = this.certificadoA3.CadeiaCertificadoTempo(); this.MontarEstruturaCertificacao(certificate); var pdfAux = Path.Combine( Path.GetDirectoryName(singInfo.SourcePdf), Path.GetFileNameWithoutExtension(singInfo.SourcePdf) + "-aux.pdf"); using (var reader = new PdfReader(singInfo.SourcePdf)) { using (var os = new FileStream(pdfAux, FileMode.Create)) { var stamper = PdfAStamper.CreateSignature(reader, os, '\0', PdfAConformanceLevel.PDF_A_2A); var appearance = stamper.SignatureAppearance; var caminhoFonte2 = @"C:\Windows\Fonts\cour.ttf"; appearance.Layer2Font = FontFactory.GetFont(caminhoFonte2, BaseFont.WINANSI, BaseFont.EMBEDDED, 8); appearance.Reason = singInfo.SignatureReason; appearance.Contact = singInfo.SignatureContact; appearance.Location = singInfo.SignatureLocation; appearance.SignatureRenderingMode = PdfSignatureAppearance.RenderingMode.DESCRIPTION; var pks = new X509Certificate2Signature(certificate, DigestAlgorithms.SHA256); MakeSignature.SignDetached( appearance, pks, this.chain, this.crlList, this.ocspClient, this.tsaClient, EstimatedSize, CryptoStandard.CMS); } } using (var reader = new PdfReader(pdfAux)) { using (var os = new FileStream(singInfo.TargetPdf, FileMode.Create)) { var stamper = PdfStamper.CreateSignature(reader, os, '\0', null, true); var appearance = stamper.SignatureAppearance; this.AdicionarLtv(stamper, appearance); } } this.RemoverArquivoTemporario(pdfAux); return(singInfo.TargetPdf); }
public string AddSignature(string PathSource, string PathTarget, string CertPath, string CertPass, int lx = 100, int ly = 100, int ux = 250, int uy = 150, int page = 1, bool Visible = true) { try { Org.BouncyCastle.Crypto.AsymmetricKeyParameter Akp = null; Org.BouncyCastle.X509.X509Certificate[] Chain = null; string alias = null; Org.BouncyCastle.Pkcs.Pkcs12Store pk12; pk12 = new Org.BouncyCastle.Pkcs.Pkcs12Store(new System.IO.FileStream(CertPath, System.IO.FileMode.Open, System.IO.FileAccess.Read), CertPass.ToCharArray()); IEnumerable aliases = pk12.Aliases; foreach (string aliasTemp in aliases) { alias = aliasTemp; if (pk12.IsKeyEntry(alias)) { break; } } Akp = pk12.GetKey(alias).Key; Org.BouncyCastle.Pkcs.X509CertificateEntry[] ce = pk12.GetCertificateChain(alias); Chain = new Org.BouncyCastle.X509.X509Certificate[ce.Length]; for (int k = 0; k < ce.Length; ++k) { Chain[k] = ce[k].Certificate; } iTextSharp.text.pdf.PdfReader reader = new iTextSharp.text.pdf.PdfReader(PathSource); iTextSharp.text.pdf.PdfStamper st = iTextSharp.text.pdf.PdfStamper.CreateSignature(reader, new System.IO.FileStream(PathTarget, System.IO.FileMode.Create, System.IO.FileAccess.Write), '\0', null, true); iTextSharp.text.pdf.PdfSignatureAppearance sap = st.SignatureAppearance; if (Visible == true) { page = (page <1 || page> reader.NumberOfPages) ? 1 : page; sap.SetVisibleSignature(new iTextSharp.text.Rectangle(lx, ly, ux, uy), page, null); } sap.CertificationLevel = iTextSharp.text.pdf.PdfSignatureAppearance.CERTIFIED_NO_CHANGES_ALLOWED; // digital signature - http://itextpdf.com/examples/iia.php?id=222 IExternalSignature es = new PrivateKeySignature(Akp, "SHA-256"); // "BC" MakeSignature.SignDetached(sap, es, new X509Certificate[] { pk12.GetCertificate(alias).Certificate }, null, null, null, 0, CryptoStandard.CMS); st.Close(); return(""); } catch (Exception e) { return(e.Message); } }
public byte[] SignWithLTVEnable(byte[] pdf, SignInformation signInfo) { PdfReader document = new PdfReader(pdf); MemoryStream stream = new MemoryStream(); //PdfStamper pdfStamper = new PdfStamper(document, stream, '0'); PdfStamper pdfStamper = PdfStamper.CreateSignature(document, stream, '\0'); PdfSignatureAppearance signatureAppearance = pdfStamper.SignatureAppearance; signatureAppearance.Reason = signInfo.reason; //Reason signatureAppearance.Location = signInfo.location; //Location signatureAppearance.CertificationLevel = signInfo.certifyLevel; signatureAppearance.SignatureRenderingMode = PdfSignatureAppearance.RenderingMode.DESCRIPTION; //Rendering mode IExternalSignature signature = new RSAProviderPrivateKey(signInfo.cert, signInfo.hashAlgorithm); bool isTsaConnected = false; for (int retry = 0; retry < 5; retry++) { try { //int hash = tsaClient.GetHashCode(); string testString = "test"; byte[] digest; using (System.Security.Cryptography.SHA256Managed sha256 = new System.Security.Cryptography.SHA256Managed()) { digest = sha256.ComputeHash(Encoding.UTF8.GetBytes(testString)); } signInfo.tsaClient.GetTimeStampToken(digest); isTsaConnected = true; break; } catch (Exception e) { Console.WriteLine(e.StackTrace); } Console.WriteLine("retry " + (retry + 1)); } if (signInfo.tsaClient != null && signInfo.crlList != null && isTsaConnected) { try { //Do signing MakeSignature.SignDetached(signatureAppearance, signature, signInfo.chain, signInfo.crlList, null, signInfo.tsaClient, 0, signInfo.sigType); } catch (Exception e) { throw new Exception("Cannot sign the PDF file.", e); } } return(stream.ToArray()); }
private void signPDF(int llx, int lly, int urx, int ury) { // Do something interesting with unsigned PDF document FileInfo unsignedPdfInfo = new FileInfo(unsignedPdfPath); //Assert.IsTrue(unsignedPdfInfo.Length > 0); // Specify path to the unmanaged PCKS#11 library string libraryPath = @"C:\Windows\System32\cvP11.dll"; // Specify serial number of the token that contains signing key. May be null if tokenLabel is specified. string tokenSerial = @"910e21b0da172e34"; // Specify label of of the token that contains signing key. May be null if tokenSerial is specified string tokenLabel = @"SuisseID"; // Specify PIN for the token string pin = "091011"; // Specify label (value of CKA_LABEL attribute) of the private key used for signing. May be null if ckaId is specified. string ckaLabel = null; // Specify hex encoded string with identifier (value of CKA_ID attribute) of the private key used for signing. May be null if ckaLabel is specified. string ckaId = "6D808CE0BF9C368FB0AD28E24366F646BA0B3F67"; // Specify hash algorihtm used for the signature creation HashAlgorithm hashAlgorithm = HashAlgorithm.SHA256; // Create instance of Pkcs11Signature class that allows iText to create PKCS#1 v1.5 RSA signature with the private key stored on PKCS#11 compatible device using (Pkcs11RsaSignature pkcs11RsaSignature = new Pkcs11RsaSignature(libraryPath, tokenSerial, tokenLabel, pin, ckaLabel, ckaId, HashAlgorithm.SHA256)) { // When signing certificate is stored on the token it can be usually read with GetSigningCertificate() method byte[] signingCertificate = pkcs11RsaSignature.GetSigningCertificate(); // All certificates stored on the token can be usually read with GetAllCertificates() method List <byte[]> otherCertificates = pkcs11RsaSignature.GetAllCertificates(); // Build certification path for the signing certificate ICollection <Org.BouncyCastle.X509.X509Certificate> certPath = CertUtils.BuildCertPath(signingCertificate, otherCertificates); // Read unsigned PDF document using (PdfReader pdfReader = new PdfReader(unsignedPdfPath)) { // Create output stream for signed PDF document using (FileStream outputStream = new FileStream(signedPdfPath, FileMode.Create)) { // Create PdfStamper that applies extra content to the PDF document using (PdfStamper pdfStamper = PdfStamper.CreateSignature(pdfReader, outputStream, '\0', Path.GetTempFileName(), true)) { // Sign PDF document PdfSignatureAppearance signatureAppearance = pdfStamper.SignatureAppearance; signatureAppearance.SignatureRenderingMode = PdfSignatureAppearance.RenderingMode.GRAPHIC_AND_DESCRIPTION; signatureAppearance.SignatureGraphic = iTextSharp.text.Image.GetInstance("logo_sign.png"); signatureAppearance.SetVisibleSignature(new iTextSharp.text.Rectangle((float)llx, (float)lly, (float)urx, (float)ury), 1, null); MakeSignature.SignDetached(pdfStamper.SignatureAppearance, pkcs11RsaSignature, certPath, null, null, null, 0, CryptoStandard.CADES); //MakeSignature.SignDetached(pdfStamper.SignatureAppearance, pkcs11RsaSignature, certPath, null, null, null, 0, CryptoStandard.CADES); } } } } // Do something interesting with the signed PDF document FileInfo signedPdfInfo = new FileInfo(signedPdfPath); //Assert.IsTrue(signedPdfInfo.Length > signedPdfPath.Length); }
public static void DigitalSign() { PdfReader reader = new PdfReader(@"C:\workspace\PDFDigitalSign\Resource\Result1.pdf"); using (FileStream fout = new FileStream(@"C:\workspace\PDFDigitalSign\Resource\Result2.pdf", FileMode.Create, FileAccess.ReadWrite)) { // appearance PdfStamper stamper = PdfStamper.CreateSignature(reader, fout, '\0', null, true); PdfSignatureAppearance appearance = stamper.SignatureAppearance; //appearance.Reason = SignReason; //appearance.Location = SignLocation; appearance.SignDate = DateTime.Now.Date; appearance.SetVisibleSignature(new iTextSharp.text.Rectangle(100, 100, 50 + 200, 50 + 100), 1, null);//.IsInvisible // Custom text and background image appearance.Image = iTextSharp.text.Image.GetInstance(@"C:\workspace\PDFDigitalSign\Resource\sign2.png"); appearance.ImageScale = 0.6f; appearance.Image.Alignment = 300; appearance.Acro6Layers = true; StringBuilder buf = new StringBuilder(); buf.Append("Digitally Signed by "); String name = "Sidd"; buf.Append(name).Append('\n'); buf.Append("Date: ").Append(DateTime.Now.ToString("dd-MM-yyyy HH:mm:ss zzz")); string text = buf.ToString(); appearance.Layer2Text = text; var pk12 = new Pkcs12Store(new System.IO.FileStream(@"C:\workspace\PDFDigitalSign\Resource\certificate.pfx", System.IO.FileMode.Open, System.IO.FileAccess.Read), "12345678".ToCharArray()); string alias = null; foreach (string tAlias in pk12.Aliases) { if (pk12.IsKeyEntry(tAlias)) { alias = tAlias; break; } } var pk = pk12.GetKey(alias).Key; //digital signature IExternalSignature es = new PrivateKeySignature(pk, "SHA-256"); MakeSignature.SignDetached(appearance, es, new Org.BouncyCastle.X509.X509Certificate[] { pk12.GetCertificate(alias).Certificate }, null, null, null, 0, CryptoStandard.CMS); stamper.Close(); } }
public byte[] signPdfWithPfxFile(string pfxFile, string pinCode, string pdfFileName) { PfxSigner signer = new PfxSigner(SignatureAlg.RSA_SHA256.getName(), pfxFile, pinCode); ECertificate signatureCertificate = signer.getSignersCertificate(); Pkcs12Store store = new Pkcs12Store(new FileStream(pfxFile, FileMode.Open), pinCode.ToCharArray()); String alias = ""; string dest = AppDomain.CurrentDomain.BaseDirectory + "\\tmp.pdf"; if (File.Exists(dest)) { File.Delete(dest); } ICollection <Org.BouncyCastle.X509.X509Certificate> chain = new List <Org.BouncyCastle.X509.X509Certificate>(); // searching for private key foreach (string al in store.Aliases) { if (store.IsKeyEntry(al) && store.GetKey(al).Key.IsPrivate) { alias = al; break; } } AsymmetricKeyEntry pk = store.GetKey(alias); foreach (X509CertificateEntry c in store.GetCertificateChain(alias)) { chain.Add(c.Certificate); } RsaPrivateCrtKeyParameters parameters = pk.Key as RsaPrivateCrtKeyParameters; // Creating the reader and the stamper PdfReader reader = new PdfReader(pdfFileName); FileStream os = new FileStream(dest, FileMode.Create); PdfStamper stamper = PdfStamper.CreateSignature(reader, os, '\0'); // Creating the appearance PdfSignatureAppearance appearance = stamper.SignatureAppearance; appearance.Reason = ""; appearance.Location = ""; //appearance.SetVisibleSignature(new Rectangle(36, 748, 144, 780), 1, "sig");//don't show rectangle on pdf // Creating the signature IExternalSignature pks = new PrivateKeySignature(parameters, DigestAlgorithms.SHA256); MakeSignature.SignDetached(appearance, pks, chain, null, null, null, 0, CryptoStandard.CADES); byte[] buffer = File.ReadAllBytes(dest); File.Delete(dest); return(buffer); }
public void EmptySignature(String src, String dest, String fieldname, IList <X509Certificate> chain) { PdfReader reader = new PdfReader(src); FileStream os = new FileStream(dest, FileMode.Create); PdfStamper stamper = PdfStamper.CreateSignature(reader, os, '\0'); PdfSignatureAppearance appearance = stamper.SignatureAppearance; appearance.SetVisibleSignature(new Rectangle(36, 748, 144, 780), 1, fieldname); appearance.Certificate = chain[0]; IExternalSignatureContainer external = new ExternalBlankSignatureContainer(PdfName.ADOBE_PPKLITE, PdfName.ADBE_PKCS7_DETACHED); MakeSignature.SignExternalContainer(appearance, external, 8192); }
public bool signSupportingDoc(string RefID, string DocumentPath, string CertificateSavePath, Stream privateKeyStream, string keyPassword) { try { Pkcs12Store pk12 = new Pkcs12Store(privateKeyStream, keyPassword.ToCharArray()); privateKeyStream.Dispose(); //then Iterate throught certificate entries to find the private key entry string alias = null; foreach (string tAlias in pk12.Aliases) { if (pk12.IsKeyEntry(tAlias)) { alias = tAlias; break; } } var pk = pk12.GetKey(alias).Key; // reader and stamper PdfReader reader = new PdfReader(DocumentPath); int PageCount = reader.NumberOfPages; using (FileStream fout = new FileStream(CertificateSavePath, FileMode.Create, FileAccess.ReadWrite)) { using (PdfStamper stamper = PdfStamper.CreateSignature(reader, fout, '\0', null, true)) { // appearance PdfSignatureAppearance appearance = stamper.SignatureAppearance; //appearance.Image = new iTextSharp.text.pdf.PdfImage(); appearance.Reason = "Sign Request (Ref : " + RefID + ")"; // appearance.Location = location; (0, 0, 320, 72) Lower left conner appearance.SetVisibleSignature(new iTextSharp.text.Rectangle(600, 0, 400, 72), PageCount, "Icsi-Vendor"); //digital signature IExternalSignature es = new PrivateKeySignature(pk, "SHA-256"); MakeSignature.SignDetached(appearance, es, new Org.BouncyCastle.X509.X509Certificate[] { pk12.GetCertificate(alias).Certificate }, null, null, null, 0, CryptoStandard.CMS); stamper.Close(); } } return(true); } catch (Exception Ex) { ErrorLog.LogError(Ex); return(false); } }
static void Main() { var reader = new PdfReader(Inpdf); var stamper = PdfStamper.CreateSignature(reader, new FileStream(Outpdf, FileMode.Create, FileAccess.Write), '\0', null, true); var appearance = stamper.SignatureAppearance; appearance.Reason = "Testing"; appearance.Location = "Location string here"; appearance.CertificationLevel = PdfSignatureAppearance.CERTIFIED_NO_CHANGES_ALLOWED; var cryptoBits = DoLocal(); // //cryptoBits = DoKeyVault(); MakeSignature.SignDetached(appearance, cryptoBits.Item1, cryptoBits.Item2, null, null, null, 0, CryptoStandard.CMS); }