I'm developing a webserver in c# that performs digital signatures validations, to ensure that the pdf files weren't modified. I'm using iText and iTextSharp for this.
But the client-side is based on a java applet. I perform the digital signatures in that java applet. In java i'm able to make the signatures and then verify them. But if I verify the signature in C# it is given a nullreferenceexception.
Here is my Java digital signature code:
String path = "C:/Users/a/Desktop/cert.pfx";
String keystore_password = "fgf";
String key_password = "fgf";
////
BouncyCastleProvider provider = new BouncyCastleProvider();
Security.addProvider(provider);
KeyStore ks = KeyStore.getInstance("pkcs12", "BC");
ks.load(new FileInputStream(path), keystore_password.toCharArray());
String alias = (String)ks.aliases().nextElement();
PrivateKey pk = (PrivateKey) ks.getKey(alias, key_password.toCharArray());
Certificate[] chain = ks.getCertificateChain(alias);
PdfReader reader = new PdfReader(src);
dest = "C:/Users/a/Desktop/" + dest;
FileOutputStream os = new FileOutputStream(dest);
PdfStamper stamper = PdfStamper.createSignature(reader, os, '\0');
PdfSignatureAppearance appearance = stamper.getSignatureAppearance();
ExternalSignature es = new PrivateKeySignature(pk, "SHA-256", "BC");
ExternalDigest digest = new BouncyCastleDigest();
MakeSignature.signDetached(appearance, digest, es, chain, null, null, null, 0, CryptoStandard.CMS);
And my C# verification code:
PdfReader reader = new PdfReader(pdfFile);
AcroFields af = reader.AcroFields;
var names = af.GetSignatureNames();
if (names.Count == 0)
{
throw new InvalidOperationException("No Signature present in pdf file.");
}
foreach (string name in names)
{
if (!af.SignatureCoversWholeDocument(name))
{
throw new InvalidOperationException(string.Format("The signature: {0} does not covers the whole document.", name));
}
PdfPKCS7 pk = af.VerifySignature(name);
var cal = pk.SignDate;
var pkc = pk.Certificates;
if (!pk.Verify())
{
Console.WriteLine("The signature is not valid.");
return false;
}
}
In the line af.VerifySignature(name); the NullReferenceException is thrown up!
The fun thing is, if I perform the signatures with C# code I'm able to verify it in java, since I add these instructions: BouncyCastleProvider provider = new BouncyCastleProvider(); Security.addProvider(provider);
I think my problem relies on some byte conversions... But in C# I don't know how to call a bouncycastleprovider.
Can you help me? My best regards: William.
PdfPKCS7
constructor with only oneByte[]
parameter... – mkliTextSharp.text.pdf.PdfPKCS7..ctor(Byte[] contentsKey)
indicates that you are not actually using version 5.5.0 but a version from before 5.3.0 becausePdfPKCS7
in 5.3.0 had been refactored into the namespaceiTextSharp.text.pdf.security
. Thus, please update your iTextSharp, test again, and if you still get thatNullReferenceException
, post an updated stacktrace. – mkl