public byte[] Sign(byte[] pdf, SignInformation signInfo)
{
PdfReader document = new PdfReader(pdf);
MemoryStream stream = new MemoryStream();
PdfStamper pdfStamper = PdfStamper.CreateSignature(document, stream, '\0');
PdfSignatureAppearance signatureAppearance = pdfStamper.SignatureAppearance;
signatureAppearance.Reason = signInfo.reason; //Reason
signatureAppearance.Location = signInfo.location; //Location
signatureAppearance.CertificationLevel = signInfo.certifyLevel;
signatureAppearance.SignatureRenderingMode = PdfSignatureAppearance.RenderingMode.DESCRIPTION; //Rendering mode
IExternalSignature signature = new RSAProviderPrivateKey(signInfo.cert, signInfo.hashAlgorithm);
try
{
//Do signing
MakeSignature.SignDetached(signatureAppearance, signature, signInfo.chain, null, null, null, 0, signInfo.sigType);
}
catch (Exception e)
{
throw new Exception("Cannot sign the PDF file.", e);
}
return(stream.ToArray());
}
public byte[] SignWithLTVEnable(byte[] pdf, SignInformation signInfo)
{
PdfReader document = new PdfReader(pdf);
MemoryStream stream = new MemoryStream();
//PdfStamper pdfStamper = new PdfStamper(document, stream, '0');
PdfStamper pdfStamper = PdfStamper.CreateSignature(document, stream, '\0');
PdfSignatureAppearance signatureAppearance = pdfStamper.SignatureAppearance;
signatureAppearance.Reason = signInfo.reason; //Reason
signatureAppearance.Location = signInfo.location; //Location
signatureAppearance.CertificationLevel = signInfo.certifyLevel;
signatureAppearance.SignatureRenderingMode = PdfSignatureAppearance.RenderingMode.DESCRIPTION; //Rendering mode
IExternalSignature signature = new RSAProviderPrivateKey(signInfo.cert, signInfo.hashAlgorithm);
bool isTsaConnected = false;
for (int retry = 0; retry < 5; retry++)
{
try
{
//int hash = tsaClient.GetHashCode();
string testString = "test";
byte[] digest;
using (System.Security.Cryptography.SHA256Managed sha256 = new System.Security.Cryptography.SHA256Managed())
{
digest = sha256.ComputeHash(Encoding.UTF8.GetBytes(testString));
}
signInfo.tsaClient.GetTimeStampToken(digest);
isTsaConnected = true;
break;
}
catch (Exception e)
{
Console.WriteLine(e.StackTrace);
}
Console.WriteLine("retry " + (retry + 1));
}
if (signInfo.tsaClient != null && signInfo.crlList != null && isTsaConnected)
{
try
{
//Do signing
MakeSignature.SignDetached(signatureAppearance, signature, signInfo.chain, signInfo.crlList, null, signInfo.tsaClient, 0, signInfo.sigType);
}
catch (Exception e)
{
throw new Exception("Cannot sign the PDF file.", e);
}
}
return(stream.ToArray());
}
private static void Sign()
{
DigitalSig dSig = new DigitalSig();
string pdfPath = @"";
byte[] pdf = File.ReadAllBytes(pdfPath);
SignInformation signInfo = setSignInformation();
byte[] result = dSig.Sign(pdf, signInfo);
string outputPath = @"";
File.WriteAllBytes(outputPath, result);
}
private static void SignWithLTVEnable()
{
DigitalSig dSig = new DigitalSig();
string pdfPath = @"";
byte[] pdf = File.ReadAllBytes(pdfPath);
SignInformation signInfo = setSignInformation();
string tsaUrl = "";
signInfo.tsaClient = new TSAClientBouncyCastle(tsaUrl);
byte[] result = dSig.SignWithLTVEnable(pdf, signInfo);
string outputPath = @"";
File.WriteAllBytes(outputPath, result);
}
private static SignInformation setSignInformation()
{
string sigImgPath = @"";
string tsaUrl = "";
string tsaUsername = "";
string tsaPassword = "";
SignInformation signInfo = new SignInformation();
signInfo.hashAlgorithm = "SHA256";
signInfo.reason = "";
signInfo.location = "";
signInfo.certifyLevel = 1;
signInfo.sigImg = File.ReadAllBytes(sigImgPath);
signInfo.sigType = CryptoStandard.CADES; // 1
signInfo.cert = new DigitalSigUtil().GetX509Certificate2();
X509Chain cert_chain = new X509Chain();
cert_chain.Build(signInfo.cert);
Org.BouncyCastle.X509.X509Certificate bcCert = Org.BouncyCastle.Security.DotNetUtilities.FromX509Certificate(signInfo.cert); // ไม่ได้เก็ต ของผู้ออก Certificate Chain มาด้วย
ICollection <Org.BouncyCastle.X509.X509Certificate> chain = new List <Org.BouncyCastle.X509.X509Certificate> {
bcCert
};
int i = 0;
//Add chain into bouncyCastle.chain
foreach (X509ChainElement entry in cert_chain.ChainElements)
{
if (i != 0)//Skip first certchain due to cert_chain.Build provided first chain(entry.chain.[0])
{
chain.Add(Org.BouncyCastle.Security.DotNetUtilities.FromX509Certificate(entry.Certificate));
}
//chain[i] = Org.BouncyCastle.Security.DotNetUtilities.FromX509Certificate(entry.Certificate);
i++;
}
signInfo.chain = chain;
signInfo.crlList = new DigitalSigUtil().GetCrlList(signInfo.chain);
signInfo.tsaClient = new TSAClientBouncyCastle(tsaUrl, tsaUsername, tsaPassword);
return(signInfo);
}
private void CreateNewSignatureField(SignInformation signInfo)
{
try
{
pdfStamper = PdfStamper.CreateSignature(document, stream, '\0', null, true);
sap = pdfStamper.SignatureAppearance;
sap.Reason = signInfo.reason;
sap.Location = signInfo.location;
sap.CertificationLevel = signInfo.certifyLevel;
PdfSignature sig = new PdfSignature(PdfName.ADOBE_PPKLITE, PdfName.ADBE_PKCS7_DETACHED);
sig.Reason = signInfo.reason;
sap.CryptoDictionary = sig;
Dictionary <PdfName, int> exc = new Dictionary <PdfName, int>();
exc[PdfName.CONTENTS] = ESTIMATE_SIZE * 2 + 2;
sap.PreClose(exc);
}
catch (Exception ex)
{
throw (ex);
}
}