public static void SignPdfCert(String SRC, String DEST, String Reason, String Location, String certPassword, String certFile, String llx, String lly, String urx, String ury, int fontSize) { Pkcs12Store p12ks = new Pkcs12Store(); FileStream fs = new FileStream(certFile, FileMode.Open); p12ks.Load(fs, certPassword.ToCharArray()); String alias = ""; foreach (String al in p12ks.Aliases) { if (p12ks.IsKeyEntry(al) && p12ks.GetKey(al).Key.IsPrivate) { alias = al; break; } } AsymmetricKeyParameter pk = p12ks.GetKey(alias).Key; ICollection<X509Certificate> chain = new List<X509Certificate>(); foreach (X509CertificateEntry entry in p12ks.GetCertificateChain(alias)) { chain.Add(entry.Certificate); } fs.Close(); //Org.BouncyCastle.X509.X509CertificateParser cp = new Org.BouncyCastle.X509.X509CertificateParser(); //Org.BouncyCastle.X509.X509Certificate[] chain = new Org.BouncyCastle.X509.X509Certificate[] { cp.ReadCertificate(cert.RawData) }; IExternalSignature externalSignature = new PrivateKeySignature(pk, DigestAlgorithms.SHA512); PdfReader pdfReader = new PdfReader(SRC); FileStream signedPdf = new FileStream(DEST, FileMode.Create); //the output pdf file Program.logLine("page size" + pdfReader.GetPageSize(1)); PdfStamper pdfStamper = PdfStamper.CreateSignature(pdfReader, signedPdf, '\0'); PdfSignatureAppearance signatureAppearance = pdfStamper.SignatureAppearance; //here set signatureAppearance at your will signatureAppearance.Reason = Reason; signatureAppearance.Location = Location; BaseFont bf = BaseFont.CreateFont(); signatureAppearance.Layer2Font = new Font(bf, fontSize); signatureAppearance.SetVisibleSignature(new Rectangle(float.Parse(llx), float.Parse(lly), float.Parse(urx), float.Parse(ury)), 1, "sig"); //signatureAppearance.SignatureRenderingMode = PdfSignatureAppearance.RenderingMode.DESCRIPTION; MakeSignature.SignDetached(signatureAppearance, externalSignature, chain, null, null, null, 0, CryptoStandard.CMS); //MakeSignature.SignDetached(signatureAppearance, externalSignature, chain, null, null, null, 0, CryptoStandard.CADES); }
virtual protected void SignWithCertificate(String src, String dest, ICipherParameters pk, X509Certificate[] chain, String digestAlgorithm) { // Creating the reader and the stamper PdfReader reader = new PdfReader(src); FileStream os = new FileStream(dest, FileMode.Create); PdfStamper stamper = PdfStamper.createXmlSignature(reader, os); // Creating the appearance XmlSignatureAppearance appearance = stamper.XmlSignatureAppearance; appearance.SetXmlLocator(new XfaXmlLocator(stamper)); // Creating the signature IExternalSignature pks = new PrivateKeySignature(pk, digestAlgorithm); MakeXmlSignature.SignXmlDSig(appearance, pks, chain); }
virtual protected void SignXades(String src, String dest, ICipherParameters pk, X509Certificate[] chain, String digestAlgorithm, bool includeSignaturePolicy) { // Creating the reader and the stamper PdfReader reader = new PdfReader(src); FileStream os = new FileStream(dest, FileMode.Create); PdfStamper stamper = PdfStamper.createXmlSignature(reader, os); // Creating the appearance XmlSignatureAppearance appearance = stamper.XmlSignatureAppearance; appearance.SetXmlLocator(new XfaXmlLocator(stamper)); appearance.SetDescription("Simple xfa form"); // Creating the signature IExternalSignature pks = new PrivateKeySignature(pk, digestAlgorithm); MakeXmlSignature.SignXades(appearance, pks, chain, includeSignaturePolicy); }
protected void SignWithPublicKey(String src, String dest, ICipherParameters pk, AsymmetricAlgorithm publicKey, String digestAlgorithm) { // Creating the reader and the stamper PdfReader reader = new PdfReader(src); FileStream os = new FileStream(dest, FileMode.Create); PdfStamper stamper = PdfStamper.createXmlSignature(reader, os); // Creating the appearance XmlSignatureAppearance appearance = stamper.XmlSignatureAppearance; //Set XfaXmlLocator to control getting and setting Document appearance.SetXmlLocator(new XfaXmlLocator(stamper)); // Creating the signature IExternalSignature pks = new PrivateKeySignature(pk, digestAlgorithm); MakeXmlSignature.SignXmlDSig(appearance, pks, publicKey); }
virtual protected void SignWithKeyInfo(String src, String dest, ICipherParameters pk, AsymmetricAlgorithm publicKey, String digestAlgorithm) { // Creating the reader and the stamper PdfReader reader = new PdfReader(src); FileStream os = new FileStream(dest, FileMode.Create); PdfStamper stamper = PdfStamper.createXmlSignature(reader, os); // Creating the appearance XmlSignatureAppearance appearance = stamper.XmlSignatureAppearance; //Set XfaXmlLocator to control getting and setting Document appearance.SetXmlLocator(new XfaXmlLocator(stamper)); // Creating the signature IExternalSignature pks = new PrivateKeySignature(pk, digestAlgorithm); KeyInfoClause keyInfo; if(publicKey is DSA) keyInfo = new DSAKeyValue((DSA)publicKey); else if(publicKey is RSA) keyInfo = new RSAKeyValue((RSA)publicKey); else throw new ArgumentException("Invalid public key algorithm", "publicKey"); MakeXmlSignature.SignXmlDSig(appearance, pks, keyInfo); }
virtual protected void SignPackageWithCertificate(String src, String dest, XfaXpathConstructor.XdpPackage xdpPackage, ICipherParameters pk, X509Certificate[] chain, String digestAlgorithm) { // Creating the reader and the stamper PdfReader reader = new PdfReader(src); FileStream os = new FileStream(dest, FileMode.Create); PdfStamper stamper = PdfStamper.createXmlSignature(reader, os); // Creating the appearance XmlSignatureAppearance appearance = stamper.XmlSignatureAppearance; //Set XfaXmlLocator to control getting and setting Document appearance.SetXmlLocator(new XfaXmlLocator(stamper)); // Set XpathConstructor, to construct xpath expression for signing an xdp package appearance.SetXpathConstructor(new XfaXpathConstructor(xdpPackage)); // Creating the signature IExternalSignature pks = new PrivateKeySignature(pk, digestAlgorithm); MakeXmlSignature.SignXmlDSig(appearance, pks, chain); }
public void SignPdf(string filename, string outFilename) { PdfReader reader = new PdfReader(filename); PdfStamper st = PdfStamper.CreateSignature(reader, new FileStream(outFilename, FileMode.Create, FileAccess.Write), '\0', null, true); PdfSignatureAppearance sap = st.SignatureAppearance; sap.Reason = "税单完整性"; sap.Location = "广州海关"; sap.SetVisibleSignature(new iTextSharp.text.Rectangle(450,100,650,200),1,"sig"); sap.ImageScale = 1; sap.Layer2Text = "此文档由广州海关签名"; sap.SignatureRenderingMode = PdfSignatureAppearance.RenderingMode.GRAPHIC_AND_DESCRIPTION; sap.SignatureGraphic = Stamp; IExternalSignature signature = new PrivateKeySignature(PrivateKey, "SHA-256"); MakeSignature.SignDetached(sap, signature, CertChain, null, null, null, 0, CryptoStandard.CMS); }
private void signDetached(PdfSignatureAppearance signAppearance) { signAppearance.CertificationLevel = PdfSignatureAppearance.CERTIFIED_NO_CHANGES_ALLOWED; var es = new PrivateKeySignature(_asymmetricKeyParameter, "SHA-256"); MakeSignature.SignDetached(signAppearance, es, _chain, null, null, null, 0, CryptoStandard.CMS); }
private void addTsa(PdfSignatureAppearance signAppearance) { var es = new PrivateKeySignature(_asymmetricKeyParameter, "SHA-256"); var tsc = new TSAClientBouncyCastle(SignatureData.TsaClient.Url, SignatureData.TsaClient.UserName, SignatureData.TsaClient.Password); MakeSignature.SignDetached(signAppearance, es, _chain, null, null, tsc, 0, CryptoStandard.CMS); }
public static void signPDF_old(DocumentData doc, Dictionary<String, String> metadata) { ILog Log; Log = LogManager.GetLogger(Properties.Settings.Default.logName); try { PdfReader reader = new PdfReader(doc.Docsignedpath); if (File.Exists(doc.Docsignedpath + "-signed.pdf")) File.Delete(doc.Docsignedpath + "-signed.pdf"); FileStream fos = new FileStream(doc.Docsignedpath + "-signed.pdf", FileMode.CreateNew, FileAccess.Write); doc.Docsignedpath = doc.Docsignedpath + "-signed.pdf"; Log.Debug(String.Format("Creating Stamper for doc {0}", doc.Docname)); PdfStamper stp = PdfStamper.CreateSignature(reader, fos, '\x002', null, true); Log.Debug(String.Format("Creating Certificate for doc {0}", doc.Docname)); Org.BouncyCastle.X509.X509Certificate[] chain = crearCertificado(); Log.Debug(String.Format("Reading private key for doc {0}", doc.Docname)); AsymmetricKeyParameter pk = readPrivateKey(); stp.Writer.CloseStream = false; LtvVerification v = stp.LtvVerification; AcroFields af = stp.AcroFields; Log.Debug(String.Format("Adding metadata for doc {0}", doc.Docname)); stp.MoreInfo = metadata; foreach (String sigName in af.GetSignatureNames()) { v.AddVerification(sigName, new OcspClientBouncyCastle(), new CrlClientOffline(null), LtvVerification.CertificateOption.WHOLE_CHAIN, LtvVerification.Level.OCSP_CRL, LtvVerification.CertificateInclusion.NO); } PdfSignatureAppearance sap = stp.SignatureAppearance; sap.Reason = ""; sap.Location = ""; //Preserve some space for the contents int contentEstimated = 15000; Dictionary<PdfName, int> exc = new Dictionary<PdfName, int>(); exc.Add(PdfName.CONTENTS, (contentEstimated * 2 + 2)); //Add timestamp Log.Debug(String.Format("Adding timestamp for doc {0}", doc.Docname)); TSAClientBouncyCastle tsc = new TSAClientBouncyCastle(Properties.Settings.Default.tsaUrl, Properties.Settings.Default.tsaUser, Properties.Settings.Default.tsaPass, contentEstimated, DigestAlgorithms.SHA512); // Creating the signature //LtvTimestamp.Timestamp(sap, tsc, null); //Org.BouncyCastle.Crypto.BouncyCastleDigest messageDigest = MessageDigest.getInstance("SHA1"); //IExternalDigest digest = new Org.BouncyCastle.Crypto.BouncyCastleDigest(); //RSACryptoServiceProvider crypt = (RSACryptoServiceProvider)cert.PrivateKey; Log.Debug(String.Format("Dreating signature for doc {0}", doc.Docname)); IExternalSignature signature = new PrivateKeySignature(pk, DigestAlgorithms.SHA512); MakeSignature.SignDetached(sap, signature, chain, null, null, tsc, 0, CryptoStandard.CMS); Log.Debug(String.Format("Closing file for doc {0}", doc.Docname)); stp.Close(); fos.Close(); reader.Close(); } catch (IOException ex) { Log.Error("IOException", ex); } catch (DocumentException dex) { Log.Error("DocumentException", dex); } }
/** * * */ public static void signPDF(DocumentData doc, String metadata, GraphSign sign, Signer signer) { ILog Log; Log = LogManager.GetLogger(Properties.Settings.Default.logName); if (!File.Exists(doc.Docsignedpath /*+ "-signed.pdf"*/)) { File.Copy(doc.Docpath, doc.Docsignedpath); } try { PdfReader reader = new PdfReader(doc.Docsignedpath); if (File.Exists(doc.Docsignedpath + "-signed.pdf")) File.Delete(doc.Docsignedpath + "-signed.pdf"); FileStream fos = new FileStream(doc.Docsignedpath + "-signed.pdf", FileMode.CreateNew, FileAccess.Write); doc.Docsignedpath = doc.Docsignedpath + "-signed.pdf"; Log.Debug(String.Format("Creating Stamper for doc {0}",doc.Docname)); PdfStamper stp = PdfStamper.CreateSignature(reader, fos, '\0', null, true); Log.Debug(String.Format("Creating Certificate for doc {0}", doc.Docname)); Org.BouncyCastle.X509.X509Certificate[] chain = crearCertificado(); Log.Debug(String.Format("Reading private key for doc {0}", doc.Docname)); AsymmetricKeyParameter pk = readPrivateKey(); stp.Writer.CloseStream = false; LtvVerification v = stp.LtvVerification; //AcroFields af = stp.AcroFields; Log.Debug(String.Format("Adding metadata for doc {0}", doc.Docname)); //stp.MoreInfo = metadata; // foreach (String sigName in af.GetSignatureNames()) // { // v.AddVerification(sigName, new OcspClientBouncyCastle(), new CrlClientOffline(null), LtvVerification.CertificateOption.WHOLE_CHAIN, LtvVerification.Level.OCSP_CRL, LtvVerification.CertificateInclusion.NO); // } PdfSignatureAppearance sap = stp.SignatureAppearance; //sap.SignatureRenderingMode = PdfSignatureAppearance.RenderingMode.DESCRIPTION; sap.Reason = metadata; sap.Location = ""; sign.Image.MakeTransparent(); sap.Image = iTextSharp.text.Image.GetInstance(sign.Image, System.Drawing.Imaging.ImageFormat.Png); sap.Layer2Text = ""; //Preserve some space for the contents int contentEstimated = 15000; Dictionary<PdfName, int> exc = new Dictionary<PdfName, int>(); exc.Add(PdfName.CONTENTS, (contentEstimated * 2 + 2)); //Add timestamp Log.Debug(String.Format("Adding timestamp for doc {0}", doc.Docname)); TSAClientBouncyCastle tsc = new TSAClientBouncyCastle(Properties.Settings.Default.tsaUrl, Properties.Settings.Default.tsaUser, Properties.Settings.Default.tsaPass, contentEstimated, DigestAlgorithms.SHA512); // Creating the signature //LtvTimestamp.Timestamp(sap, tsc, null); //Org.BouncyCastle.Crypto.BouncyCastleDigest messageDigest = MessageDigest.getInstance("SHA1"); //IExternalDigest digest = new Org.BouncyCastle.Crypto.BouncyCastleDigest(); //RSACryptoServiceProvider crypt = (RSACryptoServiceProvider)cert.PrivateKey; Log.Debug(String.Format("Dreating signature for doc {0}", doc.Docname)); IExternalSignature signature = new PrivateKeySignature(pk, DigestAlgorithms.SHA512); sap.Layer2Text = "Huella: "+signature.GetHashCode(); sap.SetVisibleSignature(new Rectangle(signer.X, signer.Y, 200, 200), signer.Page, signer.Nombre+index); MakeSignature.SignDetached(sap, signature, chain, null, null, tsc, 0, CryptoStandard.CMS); Log.Debug(String.Format("Closing file for doc {0}", doc.Docname)); stp.Close(); fos.Close(); reader.Close(); } catch (IOException ex) { Log.Error("IOException", ex); } catch (DocumentException dex) { Log.Error("DocumentException", dex); } }
private void SignPdf(Stream input, Stream output, X509Certificate2 cert) { var bcCert = DotNetUtilities.FromX509Certificate(cert); var bcKey = DotNetUtilities.GetKeyPair(cert.PrivateKey); var signature = new PrivateKeySignature(bcKey.Private, "SHA-512"); var tsaClient = new TSAClientBouncyCastle("http://timestamp.globalsign.com/scripts/timestamp.dll"); using (var reader = new PdfReader(input)) using (var stamper = PdfStamper.CreateSignature(reader, output, '\0')) { MakeSignature.SignDetached(stamper.SignatureAppearance, signature, new[] { bcCert }, null, null, tsaClient, 0, CryptoStandard.CMS); } }