error on trying to sign pdf using itext :Exception in thread “main” java.lang.NoClassDefFoundError: org/bouncycastle/cert/X509CertificateHolder

Question

I am getting the following error on trying to sign a pdf using code sample 2.2 in Bruno Lowagie's white paper: Digital Signatures for PDF Documents

Exception in thread "main" java.lang.NoClassDefFoundError: org/bouncycastle/cert/X509CertificateHolder
at com.itextpdf.text.pdf.security.MakeSignature.signDetached(MakeSignature.java:143)
at com.howtodoinjava.demo.poi.PDFSign.sign(PDFSign.java:77)
at com.howtodoinjava.demo.poi.PDFSign.main(PDFSign.java:51)

Caused by: java.lang.ClassNotFoundException: org.bouncycastle.cert.X509CertificateHolder......

line 77 contains this line of code:MakeSignature.signDetached(appearance, digest, signature, chain,null, null, null, 0, subfilter);

line 51 contains this line:

app.sign(SRC, String.format(DEST, 1), chain, pk, DigestAlgorithms.SHA256,
provider.getName(), CryptoStandard.CMS, "Test 1", "Harare");

code

import com.itextpdf.text.DocumentException;
import com.itextpdf.text.Rectangle;
import com.itextpdf.text.pdf.PdfReader;
import com.itextpdf.text.pdf.PdfSignatureAppearance;
import com.itextpdf.text.pdf.PdfStamper;
import com.itextpdf.text.pdf.security.DigestAlgorithms;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.Security;
import java.security.cert.Certificate;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import com.itextpdf.text.pdf.security.BouncyCastleDigest;
import com.itextpdf.text.pdf.security.ExternalDigest;
import com.itextpdf.text.pdf.security.ExternalSignature;
import com.itextpdf.text.pdf.security.MakeSignature.CryptoStandard;
import com.itextpdf.text.pdf.security.PrivateKeySignature;
import com.itextpdf.text.pdf.security.MakeSignature;


/**
 *
 * @author hdear
 */
public class PDFSign {
public static final String KEYSTORE = "C:\\Program Files\\Java\\jdk1.8.0_05\\bin\\ks";
public static final char[] PASSWORD = "hubert".toCharArray();
public static final String SRC = "Hello World.pdf";
public static final String DEST = "Hello World_signed%s.pdf";
public static void main(String[] args)
throws GeneralSecurityException, IOException, DocumentException {
BouncyCastleProvider provider = new BouncyCastleProvider();
Security.addProvider(provider);
KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
ks.load(new FileInputStream(KEYSTORE), PASSWORD);
String alias = (String)ks.aliases().nextElement();
PrivateKey pk = (PrivateKey) ks.getKey(alias, PASSWORD);
Certificate[] chain = ks.getCertificateChain(alias);
PDFSign app = new PDFSign();
app.sign(SRC, String.format(DEST, 1), chain, pk, DigestAlgorithms.SHA256,
provider.getName(), CryptoStandard.CMS, "Test 1", "Harare");
app.sign(SRC, String.format(DEST, 2), chain, pk, DigestAlgorithms.SHA512,
provider.getName(), CryptoStandard.CMS, "Test 2", "Harare");
app.sign(SRC, String.format(DEST, 3), chain, pk, DigestAlgorithms.SHA256,
provider.getName(), CryptoStandard.CADES, "Test 3", "Harare");
app.sign(SRC, String.format(DEST, 4), chain, pk, DigestAlgorithms.RIPEMD160,
provider.getName(), CryptoStandard.CADES, "Test 4", "Harare");
}
public void sign(String src, String dest,
Certificate[] chain, PrivateKey pk, String digestAlgorithm, String provider,
CryptoStandard subfilter, String reason, String location)
throws GeneralSecurityException, IOException, DocumentException {
// Creating the reader and the stamper
PdfReader reader = new PdfReader(src);
FileOutputStream os = new FileOutputStream(dest);
PdfStamper stamper = PdfStamper.createSignature(reader, os, '\0');
// Creating the appearance
PdfSignatureAppearance appearance = stamper.getSignatureAppearance();
appearance.setReason(reason);
appearance.setLocation(location);
appearance.setVisibleSignature(new Rectangle(36, 748, 144, 780), 1, "sig");
// Creating the signature
ExternalDigest digest = new BouncyCastleDigest();
ExternalSignature signature =
new PrivateKeySignature(pk, digestAlgorithm, provider);
MakeSignature.signDetached(appearance, digest, signature, chain,null, null, null, 0, subfilter);
}
}

Anyone to help?

shebik shebik · Accepted Answer · 2017-03-16T13:35:21

I had same exception. I had only one bouncycastle dependency: bcprov-jdk15on and when I looked inside the jar there was no X509CertificateHolder. I've added another dependency: bcpkix-jdk15on (according to solution found here) and it works :)

My working maven dependencies:

    <dependency>
        <groupId>com.itextpdf</groupId>
        <artifactId>itextpdf</artifactId>
        <version>5.5.8</version>
    </dependency>
    <dependency>
        <groupId>org.bouncycastle</groupId>
        <artifactId>bcprov-jdk15on</artifactId>
        <version>1.49</version>
        <type>jar</type>
        <scope>compile</scope>
        <optional>true</optional>
    </dependency>
    <dependency>
        <groupId>org.bouncycastle</groupId>
        <artifactId>bcpkix-jdk15on</artifactId>
        <version>1.49</version>
        <type>jar</type>
        <scope>compile</scope>
        <optional>true</optional>
    </dependency>

error on trying to sign pdf using itext :Exception in thread “main” java.lang.NoClassDefFoundError: org/bouncycastle/cert/X509CertificateHolder

2 Answers