public void Sign(String src, String dest, X509Certificate[] chain, ICipherParameters pk, String digestAlgorithm, PdfSigner.CryptoStandard subfilter, String reason, String location, ICollection <ICrlClient> crlList, IOcspClient ocspClient, ITSAClient tsaClient, int estimatedSize) { PdfReader reader = new PdfReader(src); PdfSigner signer = new PdfSigner(reader, new FileStream(dest, FileMode.Create), new StampingProperties()); // Create the signature appearance Rectangle rect = new Rectangle(36, 648, 200, 100); PdfSignatureAppearance appearance = signer.GetSignatureAppearance(); appearance .SetReason(reason) .SetLocation(location) // Specify if the appearance before field is signed will be used // as a background for the signed field. The "false" value is the default value. .SetReuseAppearance(false) .SetPageRect(rect) .SetPageNumber(1); signer.SetFieldName("sig"); IExternalSignature pks = new PrivateKeySignature(pk, digestAlgorithm); // Sign the document using the detached mode, CMS or CAdES equivalent. signer.SignDetached(pks, chain, crlList, ocspClient, tsaClient, estimatedSize, subfilter); }
private void addTsa(PdfSignatureAppearance signAppearance) { var es = new PrivateKeySignature(_asymmetricKeyParameter, "SHA-256"); var tsc = new TSAClientBouncyCastle(SignatureData.TsaClient.Url, SignatureData.TsaClient.UserName, SignatureData.TsaClient.Password); MakeSignature.SignDetached(signAppearance, es, _chain, null, null, tsc, 0, CryptoStandard.CMS); }
public static bool SignPDF(X509Certificate2 signature, string sourceDocument, string destinationPath) { if (signature == null) { return(false); } PdfReader reader = new PdfReader(sourceDocument); using (FileStream fout = new FileStream(destinationPath, FileMode.Create, FileAccess.ReadWrite)) { using (PdfStamper stamper = PdfStamper.CreateSignature(reader, fout, '\0')) { // digital signature var pk = Org.BouncyCastle.Security.DotNetUtilities.GetKeyPair(signature.PrivateKey).Private; IExternalSignature es = new PrivateKeySignature(pk, "SHA-256"); Org.BouncyCastle.X509.X509CertificateParser cp = new Org.BouncyCastle.X509.X509CertificateParser(); Org.BouncyCastle.X509.X509Certificate[] chain = new[] { cp.ReadCertificate(signature.RawData) }; try { MakeSignature.SignDetached(stamper.SignatureAppearance, es, chain, null, null, null, 0, CryptoStandard.CMS); } catch (CryptographicException ex) { return(false); } stamper.Close(); } } return(true); }
public virtual void SignEncryptedDoc01() { String fileName = "encrypted.pdf"; String src = sourceFolder + fileName; String dest = destinationFolder + "signed_" + fileName; String fieldName = "Signature1"; byte[] ownerPass = "******".GetBytes(); PdfReader reader = new PdfReader(src, new ReaderProperties().SetPassword(ownerPass)); PdfSigner signer = new PdfSigner(reader, new FileStream(dest, FileMode.Create), true); // Creating the appearance PdfSignatureAppearance appearance = signer.GetSignatureAppearance().SetReason("Test1").SetLocation("TestCity" ); signer.SetFieldName(fieldName); // Creating the signature IExternalSignature pks = new PrivateKeySignature(pk, DigestAlgorithms.SHA256); signer.SignDetached(pks, chain, null, null, null, 0, PdfSigner.CryptoStandard.CADES); LtvVerifier verifier = new LtvVerifier(new PdfDocument(new PdfReader(dest, new ReaderProperties().SetPassword (ownerPass)))); verifier.SetVerifyRootCertificate(false); verifier.Verify(null); }
public void Sign(String src, String name, String dest, ICollection <X509Certificate> chain, ICipherParameters pk, String digestAlgorithm, CryptoStandard subfilter, String reason, String location, String contact, DateTime signDate, String fullName) { // Creating the reader and the stamper PdfReader reader = new PdfReader(src); FileStream os = new FileStream(dest, FileMode.Create); PdfStamper stamper = PdfStamper.CreateSignature(reader, os, '\0'); // Creating the appearance PdfSignatureAppearance appearance = stamper.SignatureAppearance; appearance.Reason = reason; appearance.Location = location; appearance.SetVisibleSignature(name); appearance.Contact = contact; appearance.SignDate = signDate; MySignatureEvent eEvent = new MySignatureEvent(); eEvent.FullName = fullName; appearance.SignatureEvent = eEvent; // Creating the signature IExternalSignature pks = new PrivateKeySignature(pk, digestAlgorithm); MakeSignature.SignDetached(appearance, pks, chain, null, null, null, 0, subfilter); }
virtual protected void SignWithKeyInfo(String src, String dest, ICipherParameters pk, AsymmetricAlgorithm publicKey, String digestAlgorithm) { // Creating the reader and the stamper PdfReader reader = new PdfReader(src); FileStream os = new FileStream(dest, FileMode.Create); PdfStamper stamper = PdfStamper.createXmlSignature(reader, os); // Creating the appearance XmlSignatureAppearance appearance = stamper.XmlSignatureAppearance; //Set XfaXmlLocator to control getting and setting Document appearance.SetXmlLocator(new XfaXmlLocator(stamper)); // Creating the signature IExternalSignature pks = new PrivateKeySignature(pk, digestAlgorithm); KeyInfoClause keyInfo; if (publicKey is DSA) { keyInfo = new DSAKeyValue((DSA)publicKey); } else if (publicKey is RSA) { keyInfo = new RSAKeyValue((RSA)publicKey); } else { throw new ArgumentException("Invalid public key algorithm", "publicKey"); } MakeXmlSignature.SignXmlDSig(appearance, pks, keyInfo); }
public void Sign(String keystore, String src, String name, String dest) { Pkcs12Store store = new Pkcs12Store(new FileStream(keystore, FileMode.Open), PASSWORD); String alias = ""; ICollection <X509Certificate> chain = new List <X509Certificate>(); // searching for private key foreach (string al in store.Aliases) { if (store.IsKeyEntry(al) && store.GetKey(al).Key.IsPrivate) { alias = al; break; } } AsymmetricKeyEntry pk = store.GetKey(alias); foreach (X509CertificateEntry c in store.GetCertificateChain(alias)) { chain.Add(c.Certificate); } RsaPrivateCrtKeyParameters parameters = pk.Key as RsaPrivateCrtKeyParameters; PdfReader reader = new PdfReader(src); FileStream os = new FileStream(dest, FileMode.Create); PdfStamper stamper = PdfStamper.CreateSignature(reader, os, '\0', null, true); // Creating the appearance PdfSignatureAppearance appearance = stamper.SignatureAppearance; appearance.SetVisibleSignature(name); // Creating the signature IExternalSignature pks = new PrivateKeySignature(parameters, "SHA-256"); MakeSignature.SignDetached(appearance, pks, chain, null, null, null, 0, CryptoStandard.CMS); }
private void signDetached(PdfSignatureAppearance signAppearance) { signAppearance.CertificationLevel = PdfSignatureAppearance.CERTIFIED_NO_CHANGES_ALLOWED; var es = new PrivateKeySignature(_asymmetricKeyParameter, "SHA-256"); MakeSignature.SignDetached(signAppearance, es, _chain, null, null, null, 0, CryptoStandard.CMS); }
public void Sign(String src, String name, String dest, X509Certificate[] chain, ICipherParameters pk, String digestAlgorithm, PdfSigner.CryptoStandard subfilter, String reason, String location, PdfSignatureAppearance.RenderingMode renderingMode, ImageData image) { PdfReader reader = new PdfReader(src); PdfSigner signer = new PdfSigner(reader, new FileStream(dest, FileMode.Create), new StampingProperties()); // Create the signature appearance PdfSignatureAppearance appearance = signer.GetSignatureAppearance(); appearance.SetReason(reason); appearance.SetLocation(location); // This name corresponds to the name of the field that already exists in the document. signer.SetFieldName(name); appearance.SetLayer2Text("Signed on " + DateTime.Now); // Set the rendering mode for this signature. appearance.SetRenderingMode(renderingMode); // Set the Image object to render when the rendering mode is set to RenderingMode.GRAPHIC // or RenderingMode.GRAPHIC_AND_DESCRIPTION. appearance.SetSignatureGraphic(image); PrivateKeySignature pks = new PrivateKeySignature(pk, digestAlgorithm); // Sign the document using the detached mode, CMS or CAdES equivalent. signer.SignDetached(pks, chain, null, null, null, 0, subfilter); }
public byte[] SignHash(string hexhash, string password) { byte[] hash = StringToByteArray(hexhash); Pkcs12Store store = new Pkcs12Store(getCertificate(), password.ToCharArray()); String alias = ""; foreach (string al in store.Aliases) { if (store.IsKeyEntry(al) && store.GetKey(al).Key.IsPrivate) { alias = al; break; } } AsymmetricKeyEntry pk = store.GetKey(alias); X509CertificateEntry[] chain = store.GetCertificateChain(alias); List <Org.BouncyCastle.X509.X509Certificate> c = new List <Org.BouncyCastle.X509.X509Certificate>(); foreach (X509CertificateEntry en in chain) { c.Add(en.Certificate); } PrivateKeySignature signature = new PrivateKeySignature(pk.Key, "SHA256"); String hashAlgorithm = signature.GetHashAlgorithm(); PdfPKCS7 sgn = new PdfPKCS7(null, c, hashAlgorithm, false); DateTime signingTime = DateTime.Now; byte[] sh = sgn.getAuthenticatedAttributeBytes(hash, null, null, CryptoStandard.CMS); byte[] extSignature = signature.Sign(sh); sgn.SetExternalDigest(extSignature, null, signature.GetEncryptionAlgorithm()); return(sgn.GetEncodedPKCS7(hash, null, null, null, CryptoStandard.CMS)); }
public void Sign(String src, String dest, X509Certificate[] chain, ICipherParameters pk, String digestAlgorithm, PdfSigner.CryptoStandard subfilter, int certificationLevel, String reason, String location) { PdfReader reader = new PdfReader(src); PdfSigner signer = new PdfSigner(reader, new FileStream(dest, FileMode.Create), new StampingProperties()); // Create the signature appearance PdfSignatureAppearance appearance = signer.GetSignatureAppearance(); appearance.SetReason(reason); appearance.SetLocation(location); Rectangle rect = new Rectangle(36, 648, 200, 100); appearance.SetPageRect(rect).SetPageNumber(1); signer.SetFieldName("sig"); /* Set the document's certification level. This parameter defines if changes are allowed * after the applying of the signature. */ signer.SetCertificationLevel(certificationLevel); PrivateKeySignature pks = new PrivateKeySignature(pk, digestAlgorithm); // Sign the document using the detached mode, CMS or CAdES equivalent. signer.SignDetached(pks, chain, null, null, null, 0, subfilter); }
public static void Sign(string fileName, string signedFileName, string reason, string location, string privateKeyFileName, string certFileName, string password) { PdfReader reader = new PdfReader(fileName); PdfWriter write = new PdfWriter(signedFileName); PdfSigner signer = new PdfSigner(reader, write, false); PdfSignatureAppearance appearance = signer.GetSignatureAppearance(); appearance.SetReason(reason); appearance.SetLocation(location); appearance.SetReuseAppearance(false); Rectangle rect = new Rectangle(36, 648, 200, 100); appearance.SetPageRect(rect); appearance.SetPageNumber(1); signer.SetFieldName("sig"); IExternalSignature pks = new PrivateKeySignature(ReadPrivateKey(privateKeyFileName, password), GetEncryptionAlgorithm()); X509CertificateParser parser = new X509CertificateParser(); X509Certificate cert = LoadCertificate(certFileName); X509Certificate[] chain = new X509Certificate[1]; chain[0] = cert; PdfSigner.CryptoStandard subfilter = GetSubFilter(); signer.SignDetached(pks, chain, null, null, null, 0, subfilter); }
public void testSignSimpleECDsa() { string testFileName = @"..\..\..\resources\circles.pdf"; string storePath = @"..\..\..\..\simple\keystore\test1234.p12"; char[] storePass = "******".ToCharArray(); string storeAlias = "ECDSAkey"; Pkcs12Store pkcs12 = new Pkcs12Store(new FileStream(storePath, FileMode.Open, FileAccess.Read), storePass); AsymmetricKeyParameter key = pkcs12.GetKey(storeAlias).Key; X509CertificateEntry[] chainEntries = pkcs12.GetCertificateChain(storeAlias); X509Certificate[] chain = new X509Certificate[chainEntries.Length]; for (int i = 0; i < chainEntries.Length; i++) { chain[i] = chainEntries[i].Certificate; } PrivateKeySignature signature = new PrivateKeySignature(key, "SHA512"); using (PdfReader pdfReader = new PdfReader(testFileName)) using (FileStream result = File.Create("circles-ECDSA-BC-signed-simple.pdf")) { PdfSigner pdfSigner = new PdfSigner(pdfReader, result, new StampingProperties().UseAppendMode()); ITSAClient tsaClient = null; pdfSigner.SignDetached(signature, chain, null, null, tsaClient, 0, PdfSigner.CryptoStandard.CMS); } }
public virtual void LtvEnabledSingleSignatureTest01() { String signCertFileName = certsSrc + "signCertRsaWithChain.p12"; String tsaCertFileName = certsSrc + "tsCertRsa.p12"; String intermediateCertFileName = certsSrc + "intermediateRsa.p12"; String caCertFileName = certsSrc + "rootRsa.p12"; String srcFileName = sourceFolder + "helloWorldDoc.pdf"; String ltvFileName = destinationFolder + "ltvEnabledSingleSignatureTest01.pdf"; X509Certificate[] tsaChain = Pkcs12FileHelper.ReadFirstChain(tsaCertFileName, password); ICipherParameters tsaPrivateKey = Pkcs12FileHelper.ReadFirstKey(tsaCertFileName, password, password); X509Certificate intermediateCert = (X509Certificate)Pkcs12FileHelper.ReadFirstChain(intermediateCertFileName , password)[0]; ICipherParameters intermediatePrivateKey = Pkcs12FileHelper.ReadFirstKey(intermediateCertFileName, password , password); X509Certificate caCert = (X509Certificate)Pkcs12FileHelper.ReadFirstChain(caCertFileName, password)[0]; ICipherParameters caPrivateKey = Pkcs12FileHelper.ReadFirstKey(caCertFileName, password, password); TestTsaClient testTsa = new TestTsaClient(JavaUtil.ArraysAsList(tsaChain), tsaPrivateKey); TestOcspClient testOcspClient = new TestOcspClient().AddBuilderForCertIssuer(intermediateCert, intermediatePrivateKey ).AddBuilderForCertIssuer(caCert, caPrivateKey); X509Certificate[] signChain = Pkcs12FileHelper.ReadFirstChain(signCertFileName, password); ICipherParameters signPrivateKey = Pkcs12FileHelper.ReadFirstKey(signCertFileName, password, password); IExternalSignature pks = new PrivateKeySignature(signPrivateKey, DigestAlgorithms.SHA256); PdfSigner signer = new PdfSigner(new PdfReader(srcFileName), new FileStream(ltvFileName, FileMode.Create), new StampingProperties()); signer.SetFieldName("Signature1"); signer.SignDetached(pks, signChain, null, testOcspClient, testTsa, 0, PdfSigner.CryptoStandard.CADES); PadesSigTest.BasicCheckSignedDoc(destinationFolder + "ltvEnabledSingleSignatureTest01.pdf", "Signature1"); }
protected internal virtual void Sign(String src, String name, String dest, X509Certificate[] chain, ICipherParameters pk, String digestAlgorithm, PdfSigner.CryptoStandard subfilter, String reason, String location, Rectangle rectangleForNewField, bool setReuseAppearance, bool isAppendMode, int certificationLevel, float?fontSize ) { PdfReader reader = new PdfReader(src); StampingProperties properties = new StampingProperties(); if (isAppendMode) { properties.UseAppendMode(); } PdfSigner signer = new PdfSigner(reader, new FileStream(dest, FileMode.Create), properties); signer.SetCertificationLevel(certificationLevel); PdfFont font = PdfFontFactory.CreateFont(FONT, "WinAnsi", true); // Creating the appearance PdfSignatureAppearance appearance = signer.GetSignatureAppearance().SetReason(reason).SetLocation(location ).SetLayer2Font(font).SetReuseAppearance(setReuseAppearance); if (rectangleForNewField != null) { appearance.SetPageRect(rectangleForNewField); } if (fontSize != null) { appearance.SetLayer2FontSize((float)fontSize); } signer.SetFieldName(name); // Creating the signature IExternalSignature pks = new PrivateKeySignature(pk, digestAlgorithm); signer.SignDetached(pks, chain, null, null, null, 0, subfilter); }
public void Sign2(String src, String name, String dest, X509Certificate[] chain, ICipherParameters pk, String digestAlgorithm, PdfSigner.CryptoStandard subfilter, String reason, String location) { PdfReader reader = new PdfReader(src); PdfSigner signer = new PdfSigner(reader, new FileStream(dest, FileMode.Create), new StampingProperties()); PdfSignatureAppearance appearance = signer.GetSignatureAppearance(); appearance.SetReason(reason); appearance.SetLocation(location); signer.SetFieldName(name); // Creating the appearance for layer 2 PdfFormXObject n2 = appearance.GetLayer2(); // Custom text, custom font, and right-to-left writing // Characters: لورانس العرب Text text = new Text("\u0644\u0648\u0631\u0627\u0646\u0633 \u0627\u0644\u0639\u0631\u0628"); text.SetFont(PdfFontFactory.CreateFont("../../../resources/font/NotoNaskhArabic-Regular.ttf", PdfEncodings.IDENTITY_H, true)); text.SetBaseDirection(BaseDirection.RIGHT_TO_LEFT); new Canvas(n2, signer.GetDocument()).Add(new Paragraph(text).SetTextAlignment(TextAlignment.RIGHT)); IExternalSignature pks = new PrivateKeySignature(pk, digestAlgorithm); signer.SignDetached(pks, chain, null, null, null, 0, subfilter); }
public void Sign1(String src, String name, String dest, X509Certificate[] chain, ICipherParameters pk, String digestAlgorithm, PdfSigner.CryptoStandard subfilter, String reason, String location) { PdfReader reader = new PdfReader(src); PdfSigner signer = new PdfSigner(reader, new FileStream(dest, FileMode.Create), new StampingProperties()); // Create the signature appearance PdfSignatureAppearance appearance = signer.GetSignatureAppearance(); appearance .SetReason(reason) .SetLocation(location); // This name corresponds to the name of the field that already exists in the document. signer.SetFieldName(name); // Set the custom text and a custom font appearance.SetLayer2Text("This document was signed by Bruno Specimen"); appearance.SetLayer2Font(PdfFontFactory.CreateFont(StandardFonts.TIMES_ROMAN)); IExternalSignature pks = new PrivateKeySignature(pk, digestAlgorithm); // Sign the document using the detached mode, CMS or CAdES equivalent. signer.SignDetached(pks, chain, null, null, null, 0, subfilter); }
public Stream SignPDF(Stream pdfstream, Certificate certificate) { pdfstream.Requires(nameof(pdfstream)).IsNotNull(); certificate.Requires(nameof(certificate)).IsNotNull(); var chain = certificate.Chain; var parameters = certificate.Parameters; IExternalSignature pks = new PrivateKeySignature(parameters, DigestAlgorithms.SHA256); using (PdfReader reader = new PdfReader(pdfstream)) { if (reader.IsEncrypted()) { throw new Exception("[PDFEncryptedException] Target PDF is encrypted or owned, unlock PDF and try again."); } var outputpdf = new MemoryStream(); using (PdfStamper st = PdfStamper.CreateSignature(reader, outputpdf, '\0', "tmp.pdf", true)) { PdfSignatureAppearance appearance = st.SignatureAppearance; appearance.SignDate = DateTime.Now; appearance.SignatureRenderingMode = PdfSignatureAppearance.RenderingMode.NAME_AND_DESCRIPTION; MakeSignature.SignDetached(appearance, pks, chain, null, null, null, 0, CryptoStandard.CMS); var mb = outputpdf.ToArray(); return(new MemoryStream(mb)); } } }
public void Sign(String keystore, String src, String name, String dest) { Pkcs12Store pk12 = new Pkcs12Store(new FileStream(keystore, FileMode.Open, FileAccess.Read), PASSWORD); string alias = null; foreach (var a in pk12.Aliases) { alias = ((string)a); if (pk12.IsKeyEntry(alias)) { break; } } ICipherParameters pk = pk12.GetKey(alias).Key; X509CertificateEntry[] ce = pk12.GetCertificateChain(alias); X509Certificate[] chain = new X509Certificate[ce.Length]; for (int k = 0; k < ce.Length; ++k) { chain[k] = ce[k].Certificate; } PdfReader reader = new PdfReader(src); PdfSigner signer = new PdfSigner(reader, new FileStream(dest, FileMode.Create), new StampingProperties().UseAppendMode()); signer.SetFieldName(name); PrivateKeySignature pks = new PrivateKeySignature(pk, DigestAlgorithms.SHA256); signer.SignDetached(pks, chain, null, null, null, 0, PdfSigner.CryptoStandard.CMS); }
private void TestSignatureOnRotatedPage(int pageNum, PdfSignatureAppearance.RenderingMode renderingMode, StringBuilder assertionResults) { String fileName = "signaturesOnRotatedPages" + pageNum + "_mode_" + renderingMode.ToString() + ".pdf"; String src = sourceFolder + "documentWithRotatedPages.pdf"; String dest = destinationFolder + fileName; PdfSigner signer = new PdfSigner(new PdfReader(src), new FileStream(dest, FileMode.Create), new StampingProperties ().UseAppendMode()); PdfSignatureAppearance appearance = signer.GetSignatureAppearance(); appearance.SetLayer2Text("Digitally signed by Test User. All rights reserved. Take care!").SetPageRect(new Rectangle(100, 100, 100, 50)).SetRenderingMode(renderingMode).SetSignatureGraphic(ImageDataFactory.Create (sourceFolder + "itext.png")).SetPageNumber(pageNum); signer.SetCertificationLevel(PdfSigner.NOT_CERTIFIED); IExternalSignature pks = new PrivateKeySignature(pk, DigestAlgorithms.SHA256); signer.SignDetached(pks, chain, null, null, null, 0, PdfSigner.CryptoStandard.CADES); // Make sure iText can open the document new PdfDocument(new PdfReader(dest)).Close(); try { String testResult = new CompareTool().CompareVisually(dest, sourceFolder + "cmp_" + fileName, destinationFolder , "diff_"); if (null != testResult) { assertionResults.Append(testResult); } } catch (CompareTool.CompareToolExecutionException e) { assertionResults.Append(e.Message); } }
private byte[] Sign(byte[] src, Org.BouncyCastle.X509.X509Certificate[] chain, ICipherParameters pk, string digestAlgorithm, PdfSigner.CryptoStandard subfilter, string signatureFieldName ) { using (MemoryStream outputMemoryStream = new MemoryStream()) using (MemoryStream memoryStream = new MemoryStream(src)) using (PdfReader pdfReader = new PdfReader(memoryStream)) { PdfSigner signer = new PdfSigner( pdfReader, outputMemoryStream, new StampingProperties().UseAppendMode() ); signer.SetFieldName(signatureFieldName); IExternalSignature pks = new PrivateKeySignature(pk, digestAlgorithm); try { // Sign the document using the detached mode, CMS or CAdES equivalent. signer.SignDetached(pks, chain, null, null, null, 0, subfilter); } catch (Exception ex) { throw; } pdfReader.Close(); memoryStream.Close(); var documentoAssinado = outputMemoryStream.ToArray(); outputMemoryStream.Close(); return(documentoAssinado); } }
public static byte[] SignPDFBytes(X509Certificate2 signatureCert, byte[] pdf) { byte[] result; MemoryStream ms = new MemoryStream(); PdfReader reader = new PdfReader(pdf); using (PdfStamper signer = PdfStamper.CreateSignature(reader, ms, '\0')) { // digital signature var pk = Org.BouncyCastle.Security.DotNetUtilities.GetKeyPair(signatureCert.PrivateKey).Private; IExternalSignature es = new PrivateKeySignature(pk, "SHA-256"); Org.BouncyCastle.X509.X509CertificateParser cp = new Org.BouncyCastle.X509.X509CertificateParser(); Org.BouncyCastle.X509.X509Certificate[] chain = new[] { cp.ReadCertificate(signatureCert.RawData) }; try { MakeSignature.SignDetached(signer.SignatureAppearance, es, chain, null, null, null, 0, CryptoStandard.CMS); result = ms.ToArray(); } catch (CryptographicException ex) { throw; } signer.Close(); } return(result); }
private static void SignPdfWithLocalCertificate() { var certificate = GetCertificateLocal(); var privateKey = DotNetUtilities.GetKeyPair(certificate.PrivateKey).Private; var externalSignature = new PrivateKeySignature(privateKey, "SHA-256"); SignPdf(certificate, externalSignature, "Local Key.pdf"); }
public async Task DigitallySign(int idDocument, string userId, string password, byte[] certificateData, string reason, string location) { var document = await dbContext .Documents .FirstAsync(it => it.IdDocument == idDocument); var lastState = await dbContext.DocumentStates.Include(it => it.DocumentData).Where(it => it.IdDocument == idDocument).LastAsync(); var unsignedData = ((DocumentDataUpload)lastState.DocumentData).Data; var store = new Pkcs12Store(new MemoryStream(certificateData), password.ToCharArray()); var alias = string.Empty; foreach (string al in store.Aliases) { if (store.IsKeyEntry(al) && store.GetKey(al).Key.IsPrivate) { alias = al; break; } } var pk = store.GetKey(alias); var chain = new List <X509Certificate>(); foreach (X509CertificateEntry c in store.GetCertificateChain(alias)) { chain.Add(c.Certificate); } var certificate = new System.Security.Cryptography.X509Certificates.X509Certificate(certificateData, password); var signedPdfData = new MemoryStream(); using (var reader = new PdfReader(unsignedData)) { var stp = PdfStamper.CreateSignature(reader, signedPdfData, '\0'); stp.SignatureAppearance.Reason = reason; stp.SignatureAppearance.Location = location; stp.SignatureAppearance.SetVisibleSignature(new Rectangle(36, 748, 144, 780), 1, null); var es = new PrivateKeySignature(pk.Key as RsaPrivateCrtKeyParameters, DigestAlgorithms.SHA256); MakeSignature.SignDetached(stp.SignatureAppearance, es, chain, null, null, null, 0, CryptoStandard.CMS); stp.Close(); } dbContext.Entry(lastState).State = EntityState.Detached; lastState.IdDocumentState = 0; lastState.IdDocumentData = 0; lastState.StatusDate = DateTime.Now; lastState.IsDigitallySigned = true; lastState.Version = GetNextVersion(lastState.Version, lastState.DocumentStatus); lastState.DocumentData = new DocumentDataUpload { Data = signedPdfData.ToArray() }; dbContext.DocumentStates.Add(lastState); }
public bool signCertificate(string DocumentPath, string CertificateSavePath, Stream privateKeyStream, string keyPassword) { try { Pkcs12Store pk12 = new Pkcs12Store(privateKeyStream, keyPassword.ToCharArray()); privateKeyStream.Dispose(); //then Iterate throught certificate entries to find the private key entry string alias = null; foreach (string tAlias in pk12.Aliases) { if (pk12.IsKeyEntry(tAlias)) { alias = tAlias; break; } } var pk = pk12.GetKey(alias).Key; // reader and stamper PdfReader reader = new PdfReader(DocumentPath); int PageCount = reader.NumberOfPages; using (FileStream fout = new FileStream(CertificateSavePath, FileMode.Create, FileAccess.ReadWrite)) { using (PdfStamper stamper = PdfStamper.CreateSignature(reader, fout, '\0', null, true)) { // appearance PdfSignatureAppearance appearance = stamper.SignatureAppearance; //appearance.Image = new iTextSharp.text.pdf.PdfImage(); //appearance.Reason = reason; // appearance.Location = location; appearance.SetVisibleSignature(new iTextSharp.text.Rectangle(220, 165, 420, 250), PageCount, "Icsi-Vendor");//.IsInvisible();//s //220,165, 435, 310 //lly - gose up llx - is width 210,245,495,620 500, 300, 297, 200 //iTextSharp.text.Image watermark = iTextSharp.text.Image.GetInstance(SignatureIMGPath); //appearance.Image = watermark; //appearance.Image.ScaleToFit(70, 70); ////appearance.Image.Alignment=100; //appearance.Image.SetAbsolutePosition(100, 100); //appearance.GetAppearance().AddImage(watermark); //digital signature IExternalSignature es = new PrivateKeySignature(pk, "SHA-256"); MakeSignature.SignDetached(appearance, es, new Org.BouncyCastle.X509.X509Certificate[] { pk12.GetCertificate(alias).Certificate }, null, null, null, 0, CryptoStandard.CMS); stamper.Close(); } } return(true); } catch (Exception Ex) { ErrorLog.LogError(Ex); return(false); } }
private void SignDocumentSigningBlock(ICollection <X509Certificate> chain, ICipherParameters pk, string block, PdfSignatureAppearance appearance, PdfStamper stamper, byte[] signatureImage) { appearance.SetVisibleSignature(block); SignDocumentSigningBlockWithImage(signatureImage, appearance); SignDocumentSigningBlockWithText(appearance, chain.First()); IExternalSignature externalSignature = new PrivateKeySignature(pk, "SHA-256"); MakeSignature.SignDetached(appearance, externalSignature, chain, null, null, new TSAClientBouncyCastle("http://services.globaltrustfinder.com/adss/tsa"), 104000, CryptoStandard.CMS); }
public string AddSignature(string PathSource, string PathTarget, string CertPath, string CertPass, int lx = 100, int ly = 100, int ux = 250, int uy = 150, int page = 1, bool Visible = true) { try { Org.BouncyCastle.Crypto.AsymmetricKeyParameter Akp = null; Org.BouncyCastle.X509.X509Certificate[] Chain = null; string alias = null; Org.BouncyCastle.Pkcs.Pkcs12Store pk12; pk12 = new Org.BouncyCastle.Pkcs.Pkcs12Store(new System.IO.FileStream(CertPath, System.IO.FileMode.Open, System.IO.FileAccess.Read), CertPass.ToCharArray()); IEnumerable aliases = pk12.Aliases; foreach (string aliasTemp in aliases) { alias = aliasTemp; if (pk12.IsKeyEntry(alias)) { break; } } Akp = pk12.GetKey(alias).Key; Org.BouncyCastle.Pkcs.X509CertificateEntry[] ce = pk12.GetCertificateChain(alias); Chain = new Org.BouncyCastle.X509.X509Certificate[ce.Length]; for (int k = 0; k < ce.Length; ++k) { Chain[k] = ce[k].Certificate; } iTextSharp.text.pdf.PdfReader reader = new iTextSharp.text.pdf.PdfReader(PathSource); iTextSharp.text.pdf.PdfStamper st = iTextSharp.text.pdf.PdfStamper.CreateSignature(reader, new System.IO.FileStream(PathTarget, System.IO.FileMode.Create, System.IO.FileAccess.Write), '\0', null, true); iTextSharp.text.pdf.PdfSignatureAppearance sap = st.SignatureAppearance; if (Visible == true) { page = (page <1 || page> reader.NumberOfPages) ? 1 : page; sap.SetVisibleSignature(new iTextSharp.text.Rectangle(lx, ly, ux, uy), page, null); } sap.CertificationLevel = iTextSharp.text.pdf.PdfSignatureAppearance.CERTIFIED_NO_CHANGES_ALLOWED; // digital signature - http://itextpdf.com/examples/iia.php?id=222 IExternalSignature es = new PrivateKeySignature(Akp, "SHA-256"); // "BC" MakeSignature.SignDetached(sap, es, new X509Certificate[] { pk12.GetCertificate(alias).Certificate }, null, null, null, 0, CryptoStandard.CMS); st.Close(); return(""); } catch (Exception e) { return(e.Message); } }
private static async Task SignPdfWithExportableCertificateInKeyVault() { var client = GetKeyVaultClient(); var exportableSecretIdentifier = "https://vaultfromcode.vault.azure.net:443/secrets/TestCertificate"; var certificate = await GetCertificateKeyVault(exportableSecretIdentifier); var privateKey = DotNetUtilities.GetKeyPair(certificate.PrivateKey).Private; var externalSignature = new PrivateKeySignature(privateKey, "SHA-256"); SignPdf(certificate, externalSignature, "Exportable Key Vault.pdf"); }
public static void DigitalSign() { PdfReader reader = new PdfReader(@"C:\workspace\PDFDigitalSign\Resource\Result1.pdf"); using (FileStream fout = new FileStream(@"C:\workspace\PDFDigitalSign\Resource\Result2.pdf", FileMode.Create, FileAccess.ReadWrite)) { // appearance PdfStamper stamper = PdfStamper.CreateSignature(reader, fout, '\0', null, true); PdfSignatureAppearance appearance = stamper.SignatureAppearance; //appearance.Reason = SignReason; //appearance.Location = SignLocation; appearance.SignDate = DateTime.Now.Date; appearance.SetVisibleSignature(new iTextSharp.text.Rectangle(100, 100, 50 + 200, 50 + 100), 1, null);//.IsInvisible // Custom text and background image appearance.Image = iTextSharp.text.Image.GetInstance(@"C:\workspace\PDFDigitalSign\Resource\sign2.png"); appearance.ImageScale = 0.6f; appearance.Image.Alignment = 300; appearance.Acro6Layers = true; StringBuilder buf = new StringBuilder(); buf.Append("Digitally Signed by "); String name = "Sidd"; buf.Append(name).Append('\n'); buf.Append("Date: ").Append(DateTime.Now.ToString("dd-MM-yyyy HH:mm:ss zzz")); string text = buf.ToString(); appearance.Layer2Text = text; var pk12 = new Pkcs12Store(new System.IO.FileStream(@"C:\workspace\PDFDigitalSign\Resource\certificate.pfx", System.IO.FileMode.Open, System.IO.FileAccess.Read), "12345678".ToCharArray()); string alias = null; foreach (string tAlias in pk12.Aliases) { if (pk12.IsKeyEntry(tAlias)) { alias = tAlias; break; } } var pk = pk12.GetKey(alias).Key; //digital signature IExternalSignature es = new PrivateKeySignature(pk, "SHA-256"); MakeSignature.SignDetached(appearance, es, new Org.BouncyCastle.X509.X509Certificate[] { pk12.GetCertificate(alias).Certificate }, null, null, null, 0, CryptoStandard.CMS); stamper.Close(); } }
public static void Sign(string input, string output, ImageData stamper, ICipherParameters privateKey, X509Certificate[] chain, string flag) { PdfDocument document = new PdfDocument(new PdfReader(input)); PdfAcroForm acroForm = PdfAcroForm.GetAcroForm(document, false); bool append = (acroForm != null && acroForm.GetSignatureFlags() != 0); int pageNumber = document.GetNumberOfPages(); RegexBasedLocationExtractionStrategy strategy = new RegexBasedLocationExtractionStrategy(flag); PdfDocumentContentParser parser = new PdfDocumentContentParser(document); parser.ProcessContent(pageNumber, strategy); var locations = new List <IPdfTextLocation>(strategy.GetResultantLocations()); document.Close(); StampingProperties properties = new StampingProperties(); properties = append ? properties.UseAppendMode() : properties; PdfSigner signer = new PdfSigner(new PdfReader(input), new FileStream(output, FileMode.Create), properties); signer.SetCertificationLevel(PdfSigner.CERTIFIED_NO_CHANGES_ALLOWED); PdfSignatureAppearance appearance = signer.GetSignatureAppearance(); appearance.SetPageNumber(pageNumber); int size = locations.Count; if (size != 0) { IPdfTextLocation location = locations[size - 1]; float flagX = location.GetRectangle().GetX(); float flagY = location.GetRectangle().GetY(); float width = stamper.GetWidth(); float height = stamper.GetHeight(); float x = flagX - width / 2; float y = flagY - height / 2; appearance.SetRenderingMode(PdfSignatureAppearance.RenderingMode.GRAPHIC); appearance.SetSignatureGraphic(stamper); appearance.SetPageRect(new Rectangle(x, y, width, height)); } PrivateKeySignature signature = new PrivateKeySignature(privateKey, DigestAlgorithms.SHA256); signer.SignDetached(signature, chain, null, null, null, 0, PdfSigner.CryptoStandard.CADES); }