I have a pair of pdf signature modules (adbe.pkcs.sha1), written in Java and Vb.net, using Bouncycastle, AbcPdf, and iText 2.1.7 libraries.
That modules add a timestamp token to the digital signature, provided by TSA RFC 3161 Servers.
We use different providers, for testing we use:
Up to now, it works fine, but now, a 'production' TSA Server, is returning a timestamp 'in a way' that Adobe Reader can't process. That provider, says that they only are sending the message as RFC 3161 says... and they don't want to tell me more.
Using that TimeStampToken, the signature it's showed in Adobe Reader, but with "the signature has a timestamp -- unavailable timestamp" warning. And in some versions, we can see the "show certificate button" but Adobe Reader crashes.
My question is: which tool could help me to discover what it's wrong in the timestamp token we are adding to our PDFs? Inspectig pdf code, or using adobe professional, I'm able to see the TimeStampToken, but I have no ideas to detect the trouble.
Any idea will be welcome. Thanks for reading this.
Update:
If I sign a serialized text file, (byte array) and add this TimeStampToken to the signature, then I can extract the Token from the CmsSignedData, and it seems to be correct.
... p_oContenido as CmsSignedData
Dim oAlmacenFirmantes As SignerInformationStore = p_oContenido.GetSignerInfos()
' extracción de certificados del objeto firmado
Dim aCertificadosDetectados As IX509Store = p_oContenido.GetCertificates("Collection")
Dim aFirmantes As ICollection = oAlmacenFirmantes.GetSigners()
Dim oSello As New TimeStampToken(p_oContenido)
oFec = oSello.TimeStampInfo.GenTime ' it's ok
Maybe Abode Reader don't understand the TSA Server Policy?
