I'm fighting with creating signature with timestamp on my pdf file. After many attempts we succeeded and signed PDF file. Adobe verified this file but there is one mistake with timestamp. There is information about:
Signature is timestamped but the timestamp could not be verified
Is this signature was created inproperly?
There is a code
public String signByPfxCert(String filePath) {
String postfix = "-signed";
try {
PdfReader reader = new PdfReader(filePath);
OutputStream os = new FileOutputStream(filePath + postfix);
PdfStamper stamper = PdfStamper.createSignature(reader, os, '\0');
PdfSignatureAppearance appearance = stamper.getSignatureAppearance();
appearance.setReason("REASON");
appearance.setLocation("LOCATION");
Security.addProvider(new BouncyCastleProvider());
FileInputStream fis = new FileInputStream(getClass().getClassLoader().
getResource("clientcert.pfx").getFile());
String password = "pwd12345";
KeyStore ks = KeyStore.getInstance("PKCS12");
ks.load(fis, password.toCharArray());
String alias = ks.aliases().nextElement();
PrivateKey pk = (PrivateKey) ks.getKey(alias, password.toCharArray());
X509Certificate cert = (X509Certificate) ks.getCertificate(alias);
com.itextpdf.text.pdf.security.TSAClient tsc = new TSAClientBouncyCastle(tsaUrl);
ExternalDigest digest = new BouncyCastleDigest();
ExternalSignature signature = new PrivateKeySignature(pk, "SHA-1", "BC");
MakeSignature.signDetached(appearance, digest, signature, new Certificate[]{cert}, null, null, tsc, 0,
MakeSignature.CryptoStandard.CMS);
if (fis.available() != 0) {
fis.close();
}
File originalFile = new File(filePath);
File signedFile = new File(filePath + postfix);
boolean deleteOriginal = originalFile.delete();
File destination = new File(filePath);
boolean rename = signedFile.renameTo(destination);
if(deleteOriginal && rename){
return destination.getName();
}else {
return "";
}
} catch (Exception e) {
e.printStackTrace();
}
return "";
}