Home/ Questions/Q 572865
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-13T13:39:48+00:00

I use iTextSharp to sign a PDF file. But Adobe Reader cannot verify my

  • 0

I use iTextSharp to sign a PDF file. But Adobe Reader cannot verify my signature. I use SHA-2 test certificate (I tried also SHA-1) generated by certification authority. I have installed root certificate for test certificates of this authority.

public static void SignHashed(X509Certificate2 card, Stream input, Stream output) {
    Org.BouncyCastle.X509.X509CertificateParser cp = new Org.BouncyCastle.X509.X509CertificateParser();
    Org.BouncyCastle.X509.X509Certificate[] chain = new Org.BouncyCastle.X509.X509Certificate[] { cp.ReadCertificate(card.RawData) };

    PdfReader reader = new PdfReader(input);
    PdfStamper stp = PdfStamper.CreateSignature(reader, output, '\0');
    PdfSignatureAppearance sap = stp.SignatureAppearance;
    sap.SignDate = DateTime.Now;
    sap.SetCrypto(null, chain, null, PdfSignatureAppearance.WINCER_SIGNED);
    sap.Reason = "Testování";
    sap.Location = "Praha";
    sap.Acro6Layers = true;
    sap.Render = PdfSignatureAppearance.SignatureRender.GraphicAndDescription;
    PdfSignature dic = new PdfSignature(PdfName.ADOBE_PPKMS, PdfName.ADBE_PKCS7_SHA1);
    dic.Date = new PdfDate(sap.SignDate);
    dic.Name = PdfPKCS7.GetSubjectFields(chain[0]).GetField("CN");
    if (sap.Reason != null) dic.Reason = sap.Reason;
    if (sap.Location != null) dic.Location = sap.Location;
    sap.CryptoDictionary = dic;
    int csize = 4000;
    Hashtable exc = new Hashtable();
    exc[PdfName.CONTENTS] = csize * 2 + 2;
    sap.PreClose(exc);

    System.Security.Cryptography.HashAlgorithm sha = new System.Security.Cryptography.SHA1CryptoServiceProvider();

    Stream s = sap.RangeStream;
    int read = 0;
    byte[] buff = new byte[8192];
    while ((read = s.Read(buff, 0, 8192)) > 0) {
        sha.TransformBlock(buff, 0, read, buff, 0);
    }
    sha.TransformFinalBlock(buff, 0, 0);
    byte[] pk = SignMsg(sha.Hash, card, false);

    byte[] outc = new byte[csize];

    PdfDictionary dic2 = new PdfDictionary();

    Array.Copy(pk, 0, outc, 0, pk.Length);

    dic2.Put(PdfName.CONTENTS, new PdfString(outc).SetHexWriting(true));
    sap.Close(dic2);
}

Does anyone knows better solution for sign a PDF?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Adobe Reader can’t verify the sign because need to import the CA chain to Adobe Reader in Advanced menú, option “Manage Trusted Identities”.
    Good luck!

    • 0