iText and signing pdf fils

> Hello,
> I can write you after I meet a problem that currently on the signing of a pdf file using :
>
> Hash algorithm: sha256
> Digest algo: sha256withrsa
> iText version 5.0.2
> BC version 14.1.38
>
> I can only signed the pdf I get this error:
>
> Error signature authentication.
>
> Signature contains incorrect data, unrecognized, damaged or suspicious.
> Support Information: SigDict / Contents illegal data
>
> Thank you in advance.
>
> Cordially.

> Hello everyone,
>
> currently I use the latest version of iText I can sign a pdf with the sha256
> parcontre moùent verification is done with the code of iText fails!
>
> Here is the exception thrown:
>
> ExceptionConverter: java.security.InvalidKeyException: Illegal Key must not
> be null
> Has sun.security.rsa.RSAKeyFactory.engineTranslateKey (Unknown Source)
> Has sun.security.rsa.RSAKeyFactory.toRSAKey (Unknown Source)
> Has sun.security.rsa.RSASignature.engineInitVerify (Unknown Source)
> Has java.security.Signature $ Delegate.engineInitVerify (Unknown Source)
> Has java.security.Signature.initVerify (Unknown Source)
> Has iaik.pkcs.pkcs11.provider.signatures.PKCS11Signature.engineInitVerify
> (PKCS11Signature.java: 317)
> Has java.security.Signature $ Delegate.init (Unknown Source)
> Has java.security.Signature $ Delegate.chooseProvider (Unknown Source)
> Has java.security.Signature $ Delegate.engineInitVerify (Unknown Source)
> Has java.security.Signature.initVerify (Unknown Source)
> Has com.itextpdf.text.pdf.security.PdfPKCS7. <init> (PdfPKCS7.java: 392)
> Has com.itextpdf.text.pdf.security.PdfPKCS7. <init> (PdfPKCS7.java: 225)
> Has com.itextpdf.text.pdf.AcroFields.verifySignature (AcroFields.java: 2308)
> Has com.itextpdf.text.pdf.AcroFields.verifySignature (AcroFields.java: 2258)
> Has myPackage.DocumentPDFSigne.verifierPDF (DocumentPDFSigne.java: 317)
>
>
> On reading this error stack we can see that the signing certificate does not
> contain the public key but this is not the case because my signing
> certificate contain the key public good.
>
> Is there someone who can tell me more about?
>
> Maybe you too have already experience this problem.
>
> Thank you for your help.
>
> --
> View this message in context: http://itext-general.2136553.n4.nabble.com/iText-and-signing-pdf-fils-tp4655392p4655534.html
> Sent from the iText - General mailing list archive at Nabble.com.

> Thank you for your response Paulo,
>
> In fact after the end of the execution of my signature programe I have a pdf
> file signed with a signature that appears on this pdf but I actually want to
> check the signed pdf in my programe as a result
>
> PdfReader reader = new PdfReader (new RandomAccessFileOrArray (mypdf),
> null);
> AcroFields reader.getAcroFields af = ();
> Af.getSignatureNames ArrayList names = ();
> String name = "";
> for (int k = 0, k <names.size () k + +) {
>         name = (String) names.get (k);
> }
> pk = af.verifySignature (name);
>
> If you want i can send you the result signed pdf.
>
> Thank you in advance.
>
> --
> View this message in context: http://itext-general.2136553.n4.nabble.com/iText-and-signing-pdf-fils-tp4655392p4655537.html
> Sent from the iText - General mailing list archive at Nabble.com.
>
> ------------------------------------------------------------------------------
> Live Security Virtual Conference
> Exclusive live event will cover all the ways today's security and
> threat landscape has changed and how IT managers can respond. Discussions
> will include endpoint security, mobile security and the latest in malware
> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
> _______________________________________________
> iText-questions mailing list
> [hidden email]
> https://lists.sourceforge.net/lists/listinfo/itext-questions
>
> iText(R) is a registered trademark of 1T3XT BVBA.
> Many questions posted to this list can (and will) be answered with a reference to the iText book: http://www.itextpdf.com/book/
> Please check the keywords list before you ask for examples: http://itextpdf.com/themes/keywords.php

> Hello Michael and other contributors,
>
> I wonder if there are good practices for the provider adds the JVM and the
> usage of storage iText-5.3.0 for signed SHA256?
>
> Currently I worked on an applet that signature using SHA1 PDF and
> iText-2.0.4
> This applet signs the pdf without adding BC before the provider signature
> verification. The IAIK provider is to add on to launch the applet. And it
> works very well.
>
> Now, I worked on the development of this applet to sign with SHA256. So I
> change the version of iText I switched to the latest version 5.3.0 I have
> also changed with the version of BC-bcpkix jdk15on bcprov-147
> and-147-jdk15on.
>
> At this level reaches the applet signed but failed to verify the signature.
>
> And when I add the provider BC Vanat just the verification of the signature
> [Security.addProvider (new BouncyCastleProvider ());] applet comes to being
> signed and verified with suucès.
>
> Only in this project I use the IAIK provider for cryptographic functions.
>
> my questions are:
>
> What are best practices for using iText-5.3.0 with another provider for that
> BC sign with SHA256?
>
> In the previous post to answer me you talked about overload functions, what
> are these functions?
>
> If one has no choice to use another provider than BC when or in what place
> should add?
>
> Regards.
>
> --
> View this message in context: http://itext-general.2136553.n4.nabble.com/iText-and-signing-pdf-fils-tp4655392p4655590.html
> Sent from the iText - General mailing list archive at Nabble.com.
>
> ------------------------------------------------------------------------------
> Live Security Virtual Conference
> Exclusive live event will cover all the ways today's security and
> threat landscape has changed and how IT managers can respond. Discussions
> will include endpoint security, mobile security and the latest in malware
> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
> _______________________________________________
> iText-questions mailing list
> [hidden email]
> https://lists.sourceforge.net/lists/listinfo/itext-questions
>
> iText(R) is a registered trademark of 1T3XT BVBA.
> Many questions posted to this list can (and will) be answered with a reference to the iText book: http://www.itextpdf.com/book/
> Please check the keywords list before you ask for examples: http://itextpdf.com/themes/keywords.php

> zouzou,
>
> As Andreas already said, currently you should just accept that iText is
> built to use BC.
>
> zouzou wrote
>> What are best practices for using iText-5.3.0 with another provider for
>> that BC sign with SHA256?
>
> Currently BC is hardwired in some iText classes. The existence of a number
> of method overloads with an additional provider argument is a hint, though,
> that iText aims at providing the covered functionality with other security
> providers, too. I don't know how far this support already works.
>
> zouzou wrote
>> In the previous post to answer me you talked about overload functions,
>> what are these functions?
>
> Overloaded methods are methods of the same class with the same name but
> different parameter types, e.g. KeyStoreUtil.loadCacertsKeyStore(String) and
> KeyStoreUtil.loadCacertsKeyStore().
>
> zouzou wrote
>> If one has no choice to use another provider than BC when or in what place
>> should add?
>
> Unless some other code in your program time and time again changes the list
> of registered security providers, doing it once during startup should
> suffice. Wheter or not BC needs to be at a special position in that list,
> depends on the requirements of all the components of your program making use
> of security provider functions. Sometimes it's quite a hassle to put them in
> the right order... ;)
>
> Regards,   Michael
>
> --
> View this message in context: http://itext-general.2136553.n4.nabble.com/iText-and-signing-pdf-fils-tp4655392p4655593.html
> Sent from the iText - General mailing list archive at Nabble.com.