Theoretically it's possible to sign the original document, and then sign the document a second time by storing the second signature in a new change set. Stephan van Hulst wrote:Don't quote me on this, but I believe that PDFs DO have a mode where every set of changes is stored in a separate block of data that is appended to the original document. But it's something I think you'd want to pursue. And I wouldn't be surprised to discover that only Adobe has tools to handle the complete functionality. How much of this sort of infrastructure is actually supported. Mods would have to be overlays and clearly indicated as such. Needless to say, no modifications are possible to the core document, since that would invalidate the whole purpose of signing. I could carry this further for "fill in the form/graaphic signature overlay" mods to the document by tying the mods to an Approval Signature. I can now validate both the primary signature and the Approval signatures by locating the original document/signature embedded within the approved document. The end of the chain where that multiple people have signed off. I add an Approval Signature that contains a personal signature key that identifies me and no one else. I'd expect them to work something like this: On the other hand, the end of that post mentions something called "Approval Signatures". Well, again, since the signature covers every byte of the document, including itself, the only way to have multiple signers is if they all contribute to the base signature at the time of signing. Which must differ ("S1", "S2") or be null but it makes no difference. I lived in hope, that the solution lies in the last parameter of setVisibleSignature Sap.setVisibleSignature(new Rectangle(x, y, x+s, y - s), 1, "S2") īut the resulting PDF after the second signing has its first sign always invalid. Sap.setVisibleSignature(new Rectangle(x, y, x+s, y - s), 1, "S1") Sap.setCrypto(key, chain, null, PdfSignatureAppearance.WINCER_SIGNED) Sap.setLayer2Font(new Font(BaseFont.createFont(BaseFont.TIMES_ROMAN, "Cp1250", true))) PdfSignatureAppearance sap = stp.getSignatureAppearance() PdfStamper stp = PdfStamper.createSignature(reader, fout, '\0') PrivateKey key = (PrivateKey)ks.getKey(alias, certPass.toCharArray()) Ĭertificate chain = ks.getCertificateChain(alias) įileOutputStream fout = new FileOutputStream(pathDst) String alias = (String)ks.aliases().nextElement() Ks.load(new FileInputStream(path), certPass.toCharArray()) KeyStore ks = KeyStore.getInstance("pkcs12") InputStream is = new FileInputStream(pathSrc) Hello, I need to sign PDF twice (for the testing purpose with the same certificate, I hope it does't matter).
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |