
I've been trying to implement digital signing (CAdES) for PDF files using Portuguese Citizen Card, however I'm having a hard time figuring out the perfectly working solution. Currently I have two sets of code.

First one:

public void signCAdES(...)
        String pkcs11Config = "name=GemPC" + "\n" + "library=C:\\WINDOWS\\SysWOW64\\pteidpkcs11.dll";
        ByteArrayInputStream configStream = new ByteArrayInputStream(pkcs11Config.getBytes());
        Provider pkcs11Provider = new sun.security.pkcs11.SunPKCS11(configStream);

                    //provider_name: SunPKCS11-GemPC

        javax.security.auth.callback.CallbackHandler cmdLineHdlr = new DialogCallbackHandler();

        KeyStore.Builder builder = KeyStore.Builder.newInstance("PKCS11", pkcs11Provider,
                new KeyStore.CallbackHandlerProtection(cmdLineHdlr));
        KeyStore ks= builder.getKeyStore();

        PdfReader reader = new PdfReader(src);
        FileOutputStream os = new FileOutputStream(dest);

        PdfStamper stamper = PdfStamper.createSignature(reader, os, '\0', new File(tempPath), true);
        PdfSignatureAppearance appearance = stamper.getSignatureAppearance();



                    //certificates from electronic card and resources folder
        Certificate[] certs = getSignatureCertificatesChain(ks);

        PrivateKey pk = (PrivateKey) ks.getKey(alias, null);

        ExternalSignature es = new PrivateKeySignature(pk, "SHA-1", pkcs11Provider.getName());
        ExternalDigest digest = new BouncyCastleDigest();

        MakeSignature.signDetached(appearance, digest, es, certs, null, null, null, 0, MakeSignature.CryptoStandard.CADES);

The first one works, however I have a validator given to me that verifies if the signatures of a PDF satisfies the standards, and it seems that one of the attributes is missing (sigining certificate issuer's serial number).

The second one is different, and I have to add the attributes manually, however the generated PDF is corrupted (and then I might need to add the issuer serial attribute too):

private static void signCAdES(byte[] aDocument, PrivateKey aPrivateKey, Certificate[] certChain, String outputPath) {
    try {

        Security.addProvider(new BouncyCastleProvider());
        ArrayList<X509Certificate> certsin = new ArrayList<X509Certificate>();
        for (Certificate certChain1 : certChain) {
            certsin.add((X509Certificate) certChain1);

        X509Certificate signingCertificate= certsin.get(0);

        MessageDigest dig = MessageDigest.getInstance("SHA-1");
        byte[] certHash = dig.digest(signingCertificate.getEncoded());

        ESSCertID essCertid = new ESSCertID(certHash);
        DERSet set = new DERSet(new SigningCertificate(essCertid));

        Attribute certHAttribute = new Attribute(PKCSObjectIdentifiers.id_aa_signingCertificate, set);
        AttributeTable at = getAttributeTableWithSigningCertificateAttribute(certHAttribute);
        CMSAttributeTableGenerator attrGen = new DefaultSignedAttributeTableGenerator(at);

        SignerInfoGeneratorBuilder genBuild = new SignerInfoGeneratorBuilder(new BcDigestCalculatorProvider());

        CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
        ContentSigner shaSigner = new JcaContentSignerBuilder("SHA1withRSA").build(aPrivateKey);
        SignerInfoGenerator sifGen = genBuild.build(shaSigner, new X509CertificateHolder(signingCertificate.getEncoded()));
        JcaCertStore jcaCertStore = new JcaCertStore(certsin);

        CMSTypedData msg = new CMSProcessableByteArray(aDocument);
        CMSSignedData sigData = gen.generate(msg, false); // false=detached

        byte[] encoded = sigData.getEncoded();

        ASN1InputStream in = new ASN1InputStream(encoded);
        CMSSignedData sigData2 = new CMSSignedData(new CMSProcessableByteArray(aDocument), in);
        byte[] encoded2 = sigData2.getEncoded();

        FileOutputStream fos = new FileOutputStream(outputPath);
//      fos.write(encoded);
    } catch (CMSException | IOException | OperatorCreationException | CertificateEncodingException ex) {
        log("signCAdES", "Error: " + ex.toString());

Is there anyone who understands CAdES digital signature using Java? Any help would be appreciated!

Please share sample documents. Furthermore, can you name the validator and share the validation report?mkl
The source code of the validator is here: github.com/arhs/sd-dss (by ARHS Group). The report of the validation says that the signature done by the first set of code is valid, but has a warning of "<Warning NameId="BBB_ICS_AIDNASNE_ANS">The 'issuer-serial' attribute is absent or does not match!</Warning>". By sample documents do you mean the signing/signed PDFs?aries23
By sample documents do you mean the signing/signed PDFs? - Yes, the signed PDFs. Concerning the warning: Does it indicate the location of the faulty or missing issuer-serial attribute? If it is an attribute of a certificate you include, you can not fix it in your code but merely by switching to a different, better issuer.mkl
Due to security issues I cannot share the signed documents, although the signed document generate by the 2nd set of code is broken so it would be useless to analyze it.aries23
Is it not possible to apply your signing to a sample document to prevent security issues.Without such a sample I don't see how to help.mkl

1 Answers


The 'issuer-serial' attribute is absent or does not match!

It means that your cades signature has not signed attribute: the signed reference to the signing certificate or that this reference is tampered.

Please check: ETSI TS 101 733 V2.2.1 (2013-04) for more information:

5.7.3 Signing Certificate Reference Attributes

The Signing certificate reference attributes are supported by using either the ESS signing-certificate attribute or the ESS-signing-certificate-v2 attribute...