public static void SignPdf(string certificate, string signature)
{
byte[] signatureBytes = ConvertToBytes(signature);
byte[] certificateBytes = ConvertToBytes(certificate);
var acsd = Encoding.Default.GetString(signatureBytes);
var chains = GetChains();
var datasplited = chain.Split("=");
var a = HttpUtility.UrlDecode(datasplited[1]);
var b = a.Split(";");
Console.WriteLine(a);
X509Certificate x509Certificate = new X509CertificateParser().ReadCertificate(certificateBytes);
SignerIdentifier sid = new SignerIdentifier(new IssuerAndSerialNumber(x509Certificate.IssuerDN, x509Certificate.SerialNumber));
AlgorithmIdentifier digAlgorithm = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha256);
Attributes authenticatedAttributes = null;
AlgorithmIdentifier digEncryptionAlgorithm = new AlgorithmIdentifier(Org.BouncyCastle.Asn1.Pkcs.PkcsObjectIdentifiers.Sha256WithRsaEncryption);
Asn1OctetString encryptedDigest = new DerOctetString(signatureBytes);
Attributes unauthenticatedAttributes = null;
SignerInfo signerInfo = new SignerInfo(sid, digAlgorithm, authenticatedAttributes, digEncryptionAlgorithm, encryptedDigest, unauthenticatedAttributes);
Asn1EncodableVector digestAlgs = new Asn1EncodableVector();
digestAlgs.Add(signerInfo.DigestAlgorithm);
Asn1Set digestAlgorithms = new DerSet(digestAlgs);
ContentInfo contentInfo = new ContentInfo(CmsObjectIdentifiers.Data, null);
Asn1EncodableVector certs = new Asn1EncodableVector();
certs.Add(x509Certificate.CertificateStructure.ToAsn1Object());
for (int i = 0; i < chains.Length; i++)
{
certs.Add(chains[i].CertificateStructure.ToAsn1Object());
}
Asn1Set certificates = new DerSet(certs);
Asn1EncodableVector signerInfs = new Asn1EncodableVector();
signerInfs.Add(signerInfo);
Asn1Set signerInfos = new DerSet(signerInfs);
SignedData signedData = new SignedData(digestAlgorithms, contentInfo, certificates, null, signerInfos);
contentInfo = new ContentInfo(CmsObjectIdentifiers.SignedData, signedData);
byte[] Signature = contentInfo.GetDerEncoded();
using (PdfReader reader = new PdfReader(temp))
using (PdfDocument document = new PdfDocument(reader))
using (FileStream fout = new FileStream(dest, FileMode.Create))
{
PdfSigner.SignDeferred(document, "Signature", fout, new ExternalPrecalculatedSignatureContainer(Signature));
}
}
public void CreateSignature(String src, String dest, String fieldName,
ICipherParameters pk, X509Certificate[] chain)
{
PdfReader reader = new PdfReader(src);
using (FileStream os = new FileStream(dest, FileMode.Create))
{
PdfSigner signer = new PdfSigner(reader, os, new StampingProperties());
IExternalSignatureContainer external = new MyExternalSignatureContainer(pk, chain);
// Signs a PDF where space was already reserved. The field must cover the whole document.
PdfSigner.SignDeferred(signer.GetDocument(), fieldName, os, external);
}
}
public static void CreateSignature(String src, String dest, String fieldName,
ICipherParameters pk, X509Certificate[] chain)
{
PdfReader reader = new PdfReader(src);
using (FileStream os = new FileStream(dest, FileMode.Create))
{
PdfSigner signer = new PdfSigner(reader, os, new StampingProperties());
var signaturee = ConvertToBytes(signature);
IExternalSignatureContainer external = new MyExternalSignatureContainer(signaturee, chain, digest);
PdfSigner.SignDeferred(signer.GetDocument(), fieldName, os, external);
}
}
/// <summary>
/// Signing container with data retrived from web service
/// </summary>
/// <param name="tempPdf"></param>
/// <param name="signedPdf"></param>
/// <param name="signatureFieldName"></param>
/// <param name="signature"></param>
/// <param name="tbs"></param>
public static void EmbedSignature(string tempPdf, string signedPdf, string signatureFieldName, string signature, string tbs)
{
//Convert given data from web service to bytes
byte[] signedBytes = ConvertToBytes(signature);
byte[] toBeSigned = ConvertToBytes(tbs);
using (PdfReader reader = new PdfReader(tempPdf))
{
using (FileStream os = File.OpenWrite(signedPdf))
{
PdfSigner signer = new PdfSigner(reader, os, new StampingProperties());
IExternalSignatureContainer external = new MyExternalSignatureContainer(signedBytes, GetChains(), toBeSigned);
PdfSigner.SignDeferred(signer.GetDocument(), signatureFieldName, os, external);
}
}
}
public virtual void CalcHashOnDocCreationThenDeferredSignTest01()
{
String input = sourceFolder + "helloWorldDoc.pdf";
String outFileName = destinationFolder + "calcHashOnDocCreationThenDeferredSignTest01.pdf";
String cmpFileName = sourceFolder + "cmp_calcHashOnDocCreationThenDeferredSignTest01.pdf";
// pre-calculate hash on creating pre-signed PDF
String sigFieldName = "DeferredSignature1";
PdfName filter = PdfName.Adobe_PPKLite;
PdfName subFilter = PdfName.Adbe_pkcs7_detached;
int estimatedSize = 8192;
PdfReader reader = new PdfReader(input);
MemoryStream baos = new MemoryStream();
PdfSigner signer = new PdfSigner(reader, baos, new StampingProperties());
signer.SetCertificationLevel(PdfSigner.CERTIFIED_NO_CHANGES_ALLOWED);
PdfSignatureAppearance appearance = signer.GetSignatureAppearance();
appearance.SetLayer2Text("Signature field which signing is deferred.").SetPageRect(new Rectangle(36, 600,
200, 100)).SetPageNumber(1);
signer.SetFieldName(sigFieldName);
SignDeferredTest.DigestCalcBlankSigner external = new SignDeferredTest.DigestCalcBlankSigner(filter, subFilter
);
signer.SignExternalContainer(external, estimatedSize);
byte[] docBytesHash = external.GetDocBytesHash();
byte[] preSignedBytes = baos.ToArray();
// sign the hash
String signCertFileName = certsSrc + "signCertRsa01.p12";
X509Certificate[] signChain = Pkcs12FileHelper.ReadFirstChain(signCertFileName, password);
ICipherParameters signPrivateKey = Pkcs12FileHelper.ReadFirstKey(signCertFileName, password, password);
byte[] cmsSignature = SignDocBytesHash(docBytesHash, signPrivateKey, signChain);
// fill the signature to the presigned document
SignDeferredTest.ReadySignatureSigner extSigContainer = new SignDeferredTest.ReadySignatureSigner(cmsSignature
);
PdfDocument docToSign = new PdfDocument(new PdfReader(new MemoryStream(preSignedBytes)));
FileStream outStream = new FileStream(outFileName, FileMode.Create);
PdfSigner.SignDeferred(docToSign, sigFieldName, outStream, extSigContainer);
docToSign.Close();
outStream.Dispose();
// validate result
PadesSigTest.BasicCheckSignedDoc(outFileName, sigFieldName);
NUnit.Framework.Assert.IsNull(new CompareTool().CompareVisually(outFileName, cmpFileName, destinationFolder
, null));
}
/// <summary>
/// Opens temporary PDF and appends signature and ocsp and crl information (if available)
/// </summary>
/// <param name="signatureInformation">Information required for finding the temporary PDF</param>
public void SignIntermediatePdf(SignatureInformation signatureInformation)
{
var document = new PdfDocument(new PdfReader(signatureInformation.PathToIntermediaryPdf));
using var writer = new FileStream(signatureInformation.pathToSignedPdf, FileMode.Create);
var crlBytesList = GetCrlByteList();
var ocspBytesList = GetOcspBytesList();
var container = new InjectAmaSignatureContainer(signatureInformation.Signature,
_userCertificateChain,
signatureInformation.NakedHashFromIntermediaryPdf,
crlBytesList,
ocspBytesList,
_tsaClient);
PdfSigner.SignDeferred(document, _signatureFieldname, writer, container);
}
public virtual void DeferredHashCalcAndSignTest01()
{
String srcFileName = sourceFolder + "templateForSignCMSDeferred.pdf";
String outFileName = destinationFolder + "deferredHashCalcAndSignTest01.pdf";
String cmpFileName = sourceFolder + "cmp_deferredHashCalcAndSignTest01.pdf";
String signCertFileName = certsSrc + "signCertRsa01.p12";
X509Certificate[] signChain = Pkcs12FileHelper.ReadFirstChain(signCertFileName, password);
ICipherParameters signPrivateKey = Pkcs12FileHelper.ReadFirstKey(signCertFileName, password, password);
IExternalSignatureContainer extSigContainer = new SignDeferredTest.CmsDeferredSigner(signPrivateKey, signChain
);
String sigFieldName = "DeferredSignature1";
PdfDocument docToSign = new PdfDocument(new PdfReader(srcFileName));
FileStream outStream = new FileStream(outFileName, FileMode.Create);
PdfSigner.SignDeferred(docToSign, sigFieldName, outStream, extSigContainer);
docToSign.Close();
outStream.Dispose();
// validate result
PadesSigTest.BasicCheckSignedDoc(outFileName, sigFieldName);
NUnit.Framework.Assert.IsNull(new CompareTool().CompareVisually(outFileName, cmpFileName, destinationFolder
, null));
}
public static byte[] SignPDFStream(MemoryStream source, string rootPath)
{
collection = new X509Certificate2Collection();
collection.Import(GsConfig.GetSslCertificatePath(rootPath), GsConfig.KeyPassword,
X509KeyStorageFlags.DefaultKeySet);
ServicePointManager.Expect100Continue = true;
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
//get JSON access token
JObject access = Login(baseURL, GsConfig.ApiKey, GsConfig.ApiSecret);
//get JSON with id/certificate/ocsp response
JObject identity = Identity(baseURL, access);
String cert = (String)identity.GetValue("signing_cert");
String id = (String)identity.GetValue("id");
String oc1 = (String)identity.GetValue("ocsp_response");
JObject path = CertificatePath(baseURL, access);
String ca = (String)path.GetValue("path");
//Create Certificate chain
X509Certificate[] chain = CreateChain(cert, ca);
//create empty signature
PdfReader reader = new PdfReader(source);
byte[] fileArray = null;
using (MemoryStream os = new MemoryStream()) {
PdfSigner stamper = new PdfSigner(reader, os, new StampingProperties());
PdfSignatureAppearance appearance = stamper.GetSignatureAppearance();
appearance.SetPageRect(new Rectangle(0, 0, 0, 0));
stamper.SetFieldName(fieldName);
IExternalSignatureContainer external = new ExternalBlankSignatureContainer(PdfName.Adobe_PPKLite,
PdfName.Adbe_pkcs7_detached);
stamper.SignExternalContainer(external, 8192);
fileArray = os.ToArray();
}
using (var tempStream = new MemoryStream(fileArray)) {
PdfReader tempReader = new PdfReader(tempStream);
byte[] oc2 = Convert.FromBase64String(oc1);
OcspResp ocspResp = new OcspResp(oc2);
IExternalSignatureContainer gsContainer = new MyExternalSignatureContainer(id, access, chain, ocspResp);
using (MemoryStream destination = new MemoryStream()) {
PdfSigner signer = new PdfSigner(tempReader, destination, new StampingProperties());
PdfSigner.SignDeferred(signer.GetDocument(), fieldName, destination, gsContainer);
fileArray = destination.ToArray();
}
}
using (MemoryStream LTV = new MemoryStream())
using (var newSource = new MemoryStream(fileArray)) {
addLTVToStream(newSource, LTV, new OcspClientBouncyCastle(null),
new CrlClientOnline(), LtvVerification.Level.OCSP_CRL,
LtvVerification.Level.OCSP_CRL);
return(LTV.ToArray());
}
}
