2

I am working with adding digital signature in pdf using JAVA. I have gone through so many APIs for it. But I couldn't get any example for adding the existing pfx file directly into the pdf.

I have tried with Apache PdfBox :

    PDSignature signature = null;
    File file = new File("path\\REPORT.pdf");

    PDDocument doc=PDDocument.load(file);
    FileInputStream pkcs12Stream = new FileInputStream ("path\\abc.pfx");
    KeyStore store = KeyStore.getInstance("PKCS12");
    store.load(pkcs12Stream, "pwd@123".toCharArray());
    PDSignature sign=new PDSignature();
    byte[] bytes =  IOUtils.toByteArray(pkcs12Stream);
    sign.setContents(bytes);
    doc.addSignature(sign); // to add the signature in the pfx file.
    FileOutputStream fos = new FileOutputStream("path\\REPORT_signed.pdf");
    doc.saveIncremental(fos);
    pkcs12Stream.close();

Now here I do not get any exception, But it's generating the currapted signed file which will not load because of the below statment.

 doc.addSignature(sign);

Because it's not able to convert in bytes, this is my assumption.

Is there any way that I can use existing pfx file and generate the signed pdf file.

Please suggest me on this.

YLG
  • 855
  • 2
  • 14
  • 36
  • what version are you using? And how can you add a signature if the bytes to be signed don't exist at that time? Where does this pfx file come from, from what input is it calculated? – Tilman Hausherr Mar 13 '19 at 07:07
  • I am having input as a normal pdf file and pfx file. I have generated pfx file . So these 2 files are input for me.bytes are there but its not containing any value. Its not null. So it's empty (""). – YLG Mar 13 '19 at 08:01
  • I have created a digital signature in the pdf then this pfx file got generated. Now I want it to be done through Java. – YLG Mar 13 '19 at 08:02
  • doc is holding my normal pdf file. as soon as I remove doc.addSignature(sign) line. It will generate the replica of the normal pdf. But whenever I try to add signature. Its created but currepted one. – YLG Mar 13 '19 at 08:04
  • I think you misunderstand how PDF signatures work. The byte stream that is signed is partly the one that you create when saving the PDF. See page 5 here: https://www.adobe.com/devnet-docs/etk_deprecated/tools/DigSig/Acrobat_DigitalSignatures_in_PDF.pdf The correct way to sign is in the Create*Signature*.java examples in the source code download. External signing is possible (even supported in the examples) but tricky. It is definitively impossible to sign first and then add that signature. – Tilman Hausherr Mar 13 '19 at 08:24
  • My concept is someone logs in to the account and generates the pdf report. after generation, the logged in user need to sign it. Which should be done automatically. User will be having their digital signature in the form of PFX file. I just need to add it in the PDF. Please tell me weather I understood correct or not – YLG Mar 13 '19 at 08:32
  • https://stackoverflow.com/questions/2292495/what-is-the-difference-between-a-cer-pvk-and-pfx-file "This contains a variety of cryptographic information, such as certificates, root authority certificates, certificate chains and private keys" => not a signature. Could it be you confuse signature and certificate? – Tilman Hausherr Mar 13 '19 at 08:37
  • Hello, I think you can delete this question, I think that my assumption ("confuse signature and certificate") in the previous comment was right; and you were able to sign a file following the chat in the other question. – Tilman Hausherr Mar 20 '19 at 12:07

0 Answers0