public virtual void LastBytesNotCoveredTest01() { String inPdf = sourceFolder + "lastBytesNotCoveredTest01.pdf"; PdfDocument pdfDocument = new PdfDocument(new PdfReader(inPdf)); SignatureUtil signatureUtil = new SignatureUtil(pdfDocument); NUnit.Framework.Assert.IsFalse(signatureUtil.SignatureCoversWholeDocument("Signature1")); }
public virtual void NotIndirectSigDictionaryTest() { String inPdf = sourceFolder + "notIndirectSigDictionaryTest.pdf"; PdfDocument pdfDocument = new PdfDocument(new PdfReader(inPdf)); SignatureUtil signatureUtil = new SignatureUtil(pdfDocument); NUnit.Framework.Assert.IsTrue(signatureUtil.SignatureCoversWholeDocument("Signature1")); }
public virtual void SpacesBeforeContentsTest02() { String inPdf = sourceFolder + "spacesBeforeContentsTest02.pdf"; PdfDocument pdfDocument = new PdfDocument(new PdfReader(inPdf)); SignatureUtil signatureUtil = new SignatureUtil(pdfDocument); NUnit.Framework.Assert.IsTrue(signatureUtil.SignatureCoversWholeDocument("Signature1")); }
public virtual void BytesAreCoveredTest02() { String inPdf = sourceFolder + "bytesAreCoveredTest02.pdf"; PdfDocument pdfDocument = new PdfDocument(new PdfReader(inPdf)); SignatureUtil signatureUtil = new SignatureUtil(pdfDocument); NUnit.Framework.Assert.IsTrue(signatureUtil.SignatureCoversWholeDocument("sig")); }
/// <summary>Signs a PDF where space was already reserved.</summary> /// <param name="document">the original PDF</param> /// <param name="fieldName">the field to sign. It must be the last field</param> /// <param name="outs">the output PDF</param> /// <param name="externalSignatureContainer"> /// the signature container doing the actual signing. Only the /// method ExternalSignatureContainer.sign is used /// </param> /// <exception cref="System.IO.IOException"/> /// <exception cref="Org.BouncyCastle.Security.GeneralSecurityException"/> public static void SignDeferred(PdfDocument document, String fieldName, Stream outs, IExternalSignatureContainer externalSignatureContainer) { SignatureUtil signatureUtil = new SignatureUtil(document); PdfDictionary v = signatureUtil.GetSignatureDictionary(fieldName); if (v == null) { throw new PdfException(PdfException.ThereIsNoFieldInTheDocumentWithSuchName1).SetMessageParams(fieldName); } if (!signatureUtil.SignatureCoversWholeDocument(fieldName)) { new PdfException(PdfException.SignatureWithName1IsNotTheLastItDoesntCoverWholeDocument).SetMessageParams(fieldName ); } PdfArray b = v.GetAsArray(PdfName.ByteRange); long[] gaps = SignatureUtil.AsLongArray(b); // TODO: refactor if (b.Size() != 4 || gaps[0] != 0) { throw new ArgumentException("Single exclusion space supported"); } IRandomAccessSource readerSource = document.GetReader().GetSafeFile().CreateSourceView(); Stream rg = new RASInputStream(new RandomAccessSourceFactory().CreateRanged(readerSource, gaps)); byte[] signedContent = externalSignatureContainer.Sign(rg); int spaceAvailable = (int)(gaps[2] - gaps[1]) - 2; if ((spaceAvailable & 1) != 0) { throw new ArgumentException("Gap is not a multiple of 2"); } spaceAvailable /= 2; if (spaceAvailable < signedContent.Length) { throw new PdfException(PdfException.AvailableSpaceIsNotEnoughForSignature); } StreamUtil.CopyBytes(readerSource, 0, gaps[1] + 1, outs); ByteBuffer bb = new ByteBuffer(spaceAvailable * 2); foreach (byte bi in signedContent) { bb.AppendHex(bi); } int remain = (spaceAvailable - signedContent.Length) * 2; for (int k = 0; k < remain; ++k) { bb.Append((byte)48); } byte[] bbArr = bb.ToByteArray(); outs.Write(bbArr); StreamUtil.CopyBytes(readerSource, gaps[2] - 1, gaps[3] + 1, outs); }
/// <summary> /// Checks if the signature covers the whole document /// and throws an exception if the document was altered /// </summary> /// <returns>a PdfPKCS7 object</returns> /// <exception cref="Org.BouncyCastle.Security.GeneralSecurityException"/> protected internal virtual PdfPKCS7 CoversWholeDocument() { PdfPKCS7 pkcs7 = sgnUtil.VerifySignature(signatureName); if (sgnUtil.SignatureCoversWholeDocument(signatureName)) { LOGGER.Info("The timestamp covers whole document."); } else { throw new VerificationException((X509Certificate)null, "Signature doesn't cover whole document."); } if (pkcs7.Verify()) { LOGGER.Info("The signed document has not been modified."); return(pkcs7); } else { throw new VerificationException((X509Certificate)null, "The document was altered after the final signature was applied." ); } }