private void BuildSignatureAppearance(PdfSigner signer, Signature signing)
{
// Creating the appearance
PdfSignatureAppearance appearance = signer.GetSignatureAppearance();
appearance.SetReason(signing.SignReason);
appearance.SetContact(signing.SignContact);
appearance.SetLocation(signing.SignLocation);
var arial = PdfFontFactory.CreateFont(Environment.GetEnvironmentVariable("WINDIR") + "\\Fonts\\Arial.ttf", PdfName.WinAnsiEncoding.GetValue(), true);
appearance.SetLayer2Font(arial);
if (!signing.AllowMultiSigning)
{
signer.SetCertificationLevel(PdfSigner.CERTIFIED_FORM_FILLING_AND_ANNOTATIONS);
appearance.SetCertificate(signer.GetSignatureAppearance().GetCertificate());
}
if (signing.DisplaySignatureInDocument)
{
var signPage = SignPageNr(signer, signing);
var left = signing.LeftX;
var bottom = signing.LeftY;
var width = signing.RightX - left;
var height = signing.RightY - bottom;
var rect = new Rectangle(left, bottom, width, height);
appearance.SetPageRect(rect);
appearance.SetPageNumber(signPage);
}
}
protected internal virtual void Sign(String src, String name, String dest, X509Certificate[] chain, ICipherParameters
pk, String digestAlgorithm, PdfSigner.CryptoStandard subfilter, String reason, String location, Rectangle
rectangleForNewField, bool setReuseAppearance, bool isAppendMode, int certificationLevel, float?fontSize
)
{
PdfReader reader = new PdfReader(src);
StampingProperties properties = new StampingProperties();
if (isAppendMode)
{
properties.UseAppendMode();
}
PdfSigner signer = new PdfSigner(reader, new FileStream(dest, FileMode.Create), properties);
signer.SetCertificationLevel(certificationLevel);
PdfFont font = PdfFontFactory.CreateFont(FONT, "WinAnsi", true);
// Creating the appearance
PdfSignatureAppearance appearance = signer.GetSignatureAppearance().SetReason(reason).SetLocation(location
).SetLayer2Font(font).SetReuseAppearance(setReuseAppearance);
if (rectangleForNewField != null)
{
appearance.SetPageRect(rectangleForNewField);
}
if (fontSize != null)
{
appearance.SetLayer2FontSize((float)fontSize);
}
signer.SetFieldName(name);
// Creating the signature
IExternalSignature pks = new PrivateKeySignature(pk, digestAlgorithm);
signer.SignDetached(pks, chain, null, null, null, 0, subfilter);
}
private void TestSignatureOnRotatedPage(int pageNum, PdfSignatureAppearance.RenderingMode renderingMode, StringBuilder
assertionResults)
{
String fileName = "signaturesOnRotatedPages" + pageNum + "_mode_" + renderingMode.ToString() + ".pdf";
String src = sourceFolder + "documentWithRotatedPages.pdf";
String dest = destinationFolder + fileName;
PdfSigner signer = new PdfSigner(new PdfReader(src), new FileStream(dest, FileMode.Create), new StampingProperties
().UseAppendMode());
PdfSignatureAppearance appearance = signer.GetSignatureAppearance();
appearance.SetLayer2Text("Digitally signed by Test User. All rights reserved. Take care!").SetPageRect(new
Rectangle(100, 100, 100, 50)).SetRenderingMode(renderingMode).SetSignatureGraphic(ImageDataFactory.Create
(sourceFolder + "itext.png")).SetPageNumber(pageNum);
signer.SetCertificationLevel(PdfSigner.NOT_CERTIFIED);
IExternalSignature pks = new PrivateKeySignature(pk, DigestAlgorithms.SHA256);
signer.SignDetached(pks, chain, null, null, null, 0, PdfSigner.CryptoStandard.CADES);
// Make sure iText can open the document
new PdfDocument(new PdfReader(dest)).Close();
try {
String testResult = new CompareTool().CompareVisually(dest, sourceFolder + "cmp_" + fileName, destinationFolder
, "diff_");
if (null != testResult)
{
assertionResults.Append(testResult);
}
}
catch (CompareTool.CompareToolExecutionException e) {
assertionResults.Append(e.Message);
}
}
public void Sign(String src, String dest, X509Certificate[] chain, ICipherParameters pk,
String digestAlgorithm, PdfSigner.CryptoStandard subfilter,
int certificationLevel, String reason, String location)
{
PdfReader reader = new PdfReader(src);
PdfSigner signer = new PdfSigner(reader, new FileStream(dest, FileMode.Create), new StampingProperties());
// Create the signature appearance
PdfSignatureAppearance appearance = signer.GetSignatureAppearance();
appearance.SetReason(reason);
appearance.SetLocation(location);
Rectangle rect = new Rectangle(36, 648, 200, 100);
appearance.SetPageRect(rect).SetPageNumber(1);
signer.SetFieldName("sig");
/* Set the document's certification level. This parameter defines if changes are allowed
* after the applying of the signature.
*/
signer.SetCertificationLevel(certificationLevel);
PrivateKeySignature pks = new PrivateKeySignature(pk, digestAlgorithm);
// Sign the document using the detached mode, CMS or CAdES equivalent.
signer.SignDetached(pks, chain, null, null, null, 0, subfilter);
}
public static void Sign(string input, string output, ImageData stamper, ICipherParameters privateKey, X509Certificate[] chain, string flag)
{
PdfDocument document = new PdfDocument(new PdfReader(input));
PdfAcroForm acroForm = PdfAcroForm.GetAcroForm(document, false);
bool append = (acroForm != null && acroForm.GetSignatureFlags() != 0);
int pageNumber = document.GetNumberOfPages();
RegexBasedLocationExtractionStrategy strategy = new RegexBasedLocationExtractionStrategy(flag);
PdfDocumentContentParser parser = new PdfDocumentContentParser(document);
parser.ProcessContent(pageNumber, strategy);
var locations = new List <IPdfTextLocation>(strategy.GetResultantLocations());
document.Close();
StampingProperties properties = new StampingProperties();
properties = append ? properties.UseAppendMode() : properties;
PdfSigner signer = new PdfSigner(new PdfReader(input), new FileStream(output, FileMode.Create), properties);
signer.SetCertificationLevel(PdfSigner.CERTIFIED_NO_CHANGES_ALLOWED);
PdfSignatureAppearance appearance = signer.GetSignatureAppearance();
appearance.SetPageNumber(pageNumber);
int size = locations.Count;
if (size != 0)
{
IPdfTextLocation location = locations[size - 1];
float flagX = location.GetRectangle().GetX();
float flagY = location.GetRectangle().GetY();
float width = stamper.GetWidth();
float height = stamper.GetHeight();
float x = flagX - width / 2;
float y = flagY - height / 2;
appearance.SetRenderingMode(PdfSignatureAppearance.RenderingMode.GRAPHIC);
appearance.SetSignatureGraphic(stamper);
appearance.SetPageRect(new Rectangle(x, y, width, height));
}
PrivateKeySignature signature = new PrivateKeySignature(privateKey, DigestAlgorithms.SHA256);
signer.SignDetached(signature, chain, null, null, null, 0, PdfSigner.CryptoStandard.CADES);
}
public async Task <byte[]> Sign(byte[] source, SigningProperties signingProperties)
{
using (var inputStream = new MemoryStream(source))
using (var reader = new PdfReader(inputStream))
using (var outputStream = new MemoryStream())
{
var stampProps = new StampingProperties();
var signer = new PdfSigner(reader, outputStream, stampProps);
signer.SetCertificationLevel(PdfSigner.CERTIFIED_NO_CHANGES_ALLOWED);
var sap = signer.GetSignatureAppearance();
sap.SetLocation(signingProperties.Location);
sap.SetReason(signingProperties.Reason);
sap.SetReuseAppearance(false);
var certData = await s3Repository.GetDocument(signingProperties.Bucket, signingProperties.Key);
// code from https://stackoverflow.com/questions/12470498/how-to-read-the-pfx-file
using (var keyStream = new MemoryStream(certData))
{
var passphrase = signingProperties.Password;
if (signingProperties.KMSData != null)
{
// key is encrypted with KSM
var key = await kSMRepository.GetKey(signingProperties.KMSData);
passphrase = kSMRepository.DecryptData(passphrase, key);
}
var store = new Pkcs12Store(keyStream, signingProperties.Password.ToCharArray());
string alias = store.Aliases.OfType <string>().First(x => store.IsKeyEntry(x));
var privateKey = store.GetKey(alias).Key;
var keyChain = store.GetCertificateChain(alias)
.Select(x => x.Certificate).ToArray();
IExternalSignature externalSignature = new PrivateKeySignature(privateKey, DigestAlgorithms.SHA256);
signer.SignDetached(externalSignature, keyChain, null, null, null, 0, PdfSigner.CryptoStandard.CADES);
return(outputStream.ToArray());
}
}
}
protected internal virtual void Sign(String src, String name, String dest, X509Certificate[] chain, ICipherParameters
pk, String digestAlgorithm, PdfSigner.CryptoStandard subfilter, int certificationLevel)
{
PdfReader reader = new PdfReader(src);
StampingProperties properties = new StampingProperties();
properties.UseAppendMode();
PdfSigner signer = new PdfSigner(reader, new FileStream(dest, FileMode.Create), properties);
signer.SetCertificationLevel(certificationLevel);
signer.SetFieldName(name);
// Creating the signature
IExternalSignature pks = new PrivateKeySignature(pk, digestAlgorithm);
signer.SignDetached(pks, chain, null, null, null, 0, subfilter);
}
public virtual void CalcHashOnDocCreationThenDeferredSignTest01()
{
String input = sourceFolder + "helloWorldDoc.pdf";
String outFileName = destinationFolder + "calcHashOnDocCreationThenDeferredSignTest01.pdf";
String cmpFileName = sourceFolder + "cmp_calcHashOnDocCreationThenDeferredSignTest01.pdf";
// pre-calculate hash on creating pre-signed PDF
String sigFieldName = "DeferredSignature1";
PdfName filter = PdfName.Adobe_PPKLite;
PdfName subFilter = PdfName.Adbe_pkcs7_detached;
int estimatedSize = 8192;
PdfReader reader = new PdfReader(input);
MemoryStream baos = new MemoryStream();
PdfSigner signer = new PdfSigner(reader, baos, new StampingProperties());
signer.SetCertificationLevel(PdfSigner.CERTIFIED_NO_CHANGES_ALLOWED);
PdfSignatureAppearance appearance = signer.GetSignatureAppearance();
appearance.SetLayer2Text("Signature field which signing is deferred.").SetPageRect(new Rectangle(36, 600,
200, 100)).SetPageNumber(1);
signer.SetFieldName(sigFieldName);
SignDeferredTest.DigestCalcBlankSigner external = new SignDeferredTest.DigestCalcBlankSigner(filter, subFilter
);
signer.SignExternalContainer(external, estimatedSize);
byte[] docBytesHash = external.GetDocBytesHash();
byte[] preSignedBytes = baos.ToArray();
// sign the hash
String signCertFileName = certsSrc + "signCertRsa01.p12";
X509Certificate[] signChain = Pkcs12FileHelper.ReadFirstChain(signCertFileName, password);
ICipherParameters signPrivateKey = Pkcs12FileHelper.ReadFirstKey(signCertFileName, password, password);
byte[] cmsSignature = SignDocBytesHash(docBytesHash, signPrivateKey, signChain);
// fill the signature to the presigned document
SignDeferredTest.ReadySignatureSigner extSigContainer = new SignDeferredTest.ReadySignatureSigner(cmsSignature
);
PdfDocument docToSign = new PdfDocument(new PdfReader(new MemoryStream(preSignedBytes)));
FileStream outStream = new FileStream(outFileName, FileMode.Create);
PdfSigner.SignDeferred(docToSign, sigFieldName, outStream, extSigContainer);
docToSign.Close();
outStream.Dispose();
// validate result
PadesSigTest.BasicCheckSignedDoc(outFileName, sigFieldName);
NUnit.Framework.Assert.IsNull(new CompareTool().CompareVisually(outFileName, cmpFileName, destinationFolder
, null));
}
public void Certify(String keystore, String src, String name, String dest)
{
Pkcs12Store pk12 = new Pkcs12Store(new FileStream(keystore, FileMode.Open, FileAccess.Read), PASSWORD);
string alias = null;
foreach (var a in pk12.Aliases)
{
alias = ((string)a);
if (pk12.IsKeyEntry(alias))
{
break;
}
}
ICipherParameters pk = pk12.GetKey(alias).Key;
X509CertificateEntry[] ce = pk12.GetCertificateChain(alias);
X509Certificate[] chain = new X509Certificate[ce.Length];
for (int k = 0; k < ce.Length; ++k)
{
chain[k] = ce[k].Certificate;
}
PdfReader reader = new PdfReader(src);
PdfSigner signer = new PdfSigner(reader, new FileStream(dest, FileMode.Create),
new StampingProperties().UseAppendMode());
// Set signer options
signer.SetFieldName(name);
signer.SetCertificationLevel(PdfSigner.CERTIFIED_FORM_FILLING);
PdfAcroForm form = PdfAcroForm.GetAcroForm(signer.GetDocument(), true);
form.GetField(name).SetReadOnly(true);
PrivateKeySignature pks = new PrivateKeySignature(pk, DigestAlgorithms.SHA256);
// Sign the document using the detached mode, CMS or CAdES equivalent.
signer.SignDetached(pks, chain, null, null, null,
0, PdfSigner.CryptoStandard.CMS);
}
protected void SignDocumentSignature(string filePath, ElectronicSignatureInfoDTO signatureInfo)
{
PdfSigner pdfSigner = new PdfSigner(new PdfReader(SRC), new FileStream(filePath, FileMode.Create),
new StampingProperties());
pdfSigner.SetCertificationLevel(PdfSigner.CERTIFIED_NO_CHANGES_ALLOWED);
// Set the name indicating the field to be signed.
// The field can already be present in the document but shall not be signed
pdfSigner.SetFieldName("signature");
ImageData clientSignatureImage = ImageDataFactory.Create(IMAGE_PATH);
// If you create new signature field (or use SetFieldName(System.String) with
// the name that doesn't exist in the document or don't specify it at all) then
// the signature is invisible by default.
PdfSignatureAppearance signatureAppearance = pdfSigner.GetSignatureAppearance();
signatureAppearance.SetRenderingMode(PdfSignatureAppearance.RenderingMode.GRAPHIC);
signatureAppearance.SetReason("");
signatureAppearance.SetLocationCaption("");
signatureAppearance.SetSignatureGraphic(clientSignatureImage);
signatureAppearance.SetPageNumber(signatureInfo.PageNumber);
signatureAppearance.SetPageRect(new Rectangle(signatureInfo.Left, signatureInfo.Bottom,
25, 25));
char[] password = "******".ToCharArray();
IExternalSignature pks = GetPrivateKeySignature(CERT_PATH, password);
X509Certificate[] chain = GetCertificateChain(CERT_PATH, password);
OCSPVerifier ocspVerifier = new OCSPVerifier(null, null);
OcspClientBouncyCastle ocspClient = new OcspClientBouncyCastle(ocspVerifier);
List <ICrlClient> crlClients = new List <ICrlClient>(new[] { new CrlClientOnline() });
// Sign the document using the detached mode, CMS or CAdES equivalent.
// This method closes the underlying pdf document, so the instance
// of PdfSigner cannot be used after this method call
pdfSigner.SignDetached(pks, chain, crlClients, ocspClient, null, 0,
PdfSigner.CryptoStandard.CMS);
}
public virtual void TestSigningInAppendModeWithHybridDocument()
{
String src = sourceFolder + "hybrid.pdf";
String dest = destinationFolder + "signed_hybrid.pdf";
String cmp = sourceFolder + "cmp_signed_hybrid.pdf";
PdfSigner signer = new PdfSigner(new PdfReader(src), new FileStream(dest, FileMode.Create), new StampingProperties
().UseAppendMode());
PdfSignatureAppearance appearance = signer.GetSignatureAppearance();
appearance.SetLayer2FontSize(13.8f).SetPageRect(new Rectangle(36, 748, 200, 100)).SetPageNumber(1).SetReason
("Test").SetLocation("Nagpur");
signer.SetFieldName("Sign1");
signer.SetCertificationLevel(PdfSigner.NOT_CERTIFIED);
IExternalSignature pks = new PrivateKeySignature(pk, DigestAlgorithms.SHA256);
signer.SignDetached(pks, chain, null, null, null, 0, PdfSigner.CryptoStandard.CADES);
// Make sure iText can open the document
new PdfDocument(new PdfReader(dest)).Close();
// Assert that the document can be rendered correctly
NUnit.Framework.Assert.IsNull(new CompareTool().CompareVisually(dest, cmp, destinationFolder, "diff_", GetIgnoredAreaTestMap
(new Rectangle(36, 748, 200, 100))));
}