Quantcast

C5_06_ValidateLTV error

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

C5_06_ValidateLTV error

mgomez
This post was updated on .
Hi, I have a problem with C5_06_ValidateLTV class.

I followed all recommendations about Pades LTV files, but when I verify, this error appear:  

"The document can't be verified
certificate does not verify with supplied key"

I have been working with itextpdf-5.5.0

Adobe Reader says that all signatures are LTV Enable, but I can't pass LtvVerifier.

I attach a sample file:

https://storage.dataokey.com:7001/fbsharing/sEU0AmgG

Thanks to all!
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: C5_06_ValidateLTV error

mgomez
This post was updated on .
Hi, I have a problem with C5_06_ValidateLTV class.

I followed all recommendations about Pades LTV files, but when I verify, this error appear:  

"The document can't be verified
certificate does not verify with supplied key"

I have been working with itextpdf-5.5.0

Adobe Reader says that all signatures are LTV Enable, but I can't pass LtvVerifier.

I attach a sample file:

https://storage.dataokey.com:7001/fbsharing/sEU0AmgG

attached this example:


public static void main(String[] args) throws IOException, GeneralSecurityException {
    BouncyCastleProvider provider = new BouncyCastleProvider();
    Security.addProvider(provider);
    C5_06_ValidateLTV app = new C5_06_ValidateLTV();
    System.out.println(EXAMPLE1);
    app.validate(new PdfReader(EXAMPLE1));
    System.out.println();
}



public void validate(PdfReader reader) throws IOException, GeneralSecurityException {
    KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
    ks.load(null, null);
    CertificateFactory cf = CertificateFactory.getInstance("X.509");



    ks.setCertificateEntry((cf.generateCertificate(new FileInputStream(ROOT))).toString(),
            cf.generateCertificate(new FileInputStream(ROOT)));


    CertificateVerifier custom = new CertificateVerifier(null) {
        public List<VerificationOK> verify(X509Certificate signCert,
                X509Certificate issuerCert, Date signDate)
                throws GeneralSecurityException, IOException {
            System.out.println(signCert.getSubjectDN().getName() + ": ALL VERIFICATIONS DONE");
            return new ArrayList<VerificationOK>();
        }
    };

    LtvVerifier data = new LtvVerifier(reader);
    data.setRootStore(ks);
    data.setCertificateOption(CertificateOption.WHOLE_CHAIN);
    data.setVerifier(custom);
    data.setOnlineCheckingAllowed(false);
    data.setVerifyRootCertificate(false);
    List<VerificationOK> list = data.verifySignature();
    try {
        data.verify(list);
    }
    catch(GeneralSecurityException e) {
        System.err.println(e.getMessage());
    }
    System.out.println();
    if (list.size() == 0) {
        System.out.println("The document can't be verified");
    }
    for (VerificationOK v : list)
        System.out.println(v.toString());
}


Where ROOT variable is a string with the path where the root certificate of the certificate chain is. It is a file with extension ".crt" and EXAMPLE1 variable is a string with the path where pdf signed is.


Thanks to all!
Loading...