Add Digital Signature to a PDF using IText 7

itext itext7

20,522

Ports of the Digital Signatures Whitepaper code examples to iText 7 can be found in the iText 7 Java signature samples github repository test sources package com.itextpdf.samples.signatures, e.g. an excerpt from the simple C2_01_SignHelloWorld example:

public void sign(String src, String dest,
                 Certificate[] chain,
                 PrivateKey pk, String digestAlgorithm, String provider,
                 PdfSigner.CryptoStandard subfilter,
                 String reason, String location)
        throws GeneralSecurityException, IOException {
    // Creating the reader and the signer
    PdfReader reader = new PdfReader(src);
    PdfSigner signer = new PdfSigner(reader, new FileOutputStream(dest), false);
    // Creating the appearance
    PdfSignatureAppearance appearance = signer.getSignatureAppearance()
            .setReason(reason)
            .setLocation(location)
            .setReuseAppearance(false);
    Rectangle rect = new Rectangle(36, 648, 200, 100);
    appearance
            .setPageRect(rect)
            .setPageNumber(1);
    signer.setFieldName("sig");
    // Creating the signature
    IExternalSignature pks = new PrivateKeySignature(pk, digestAlgorithm, provider);
    IExternalDigest digest = new BouncyCastleDigest();
    signer.signDetached(digest, pks, chain, null, null, null, 0, subfilter);
}

20,522

Author by

kz2014

Updated on July 23, 2022

Comments

kz2014 almost 2 years

For IText 5, adding digital signature was fairly easy. The link for its documentation is: http://developers.itextpdf.com/examples/security/digital-signatures-white-paper/digital-signatures-chapter-2

Can someone share the link to documentation for doing so in ITEXT 7? I have tried various ways to no avail. Could not find any links online. I can unsign and check signature, but can't add it.
Banzragch. B over 4 years

Is it possible to add signature to pdf using public key(not private key)?
mkl over 4 years

@Banzragch.B "Is it possible to add signature to pdf using public key" - That would make no sense, would it? Such a signature is meant to ensure that a specific person applied it, no one else. Thus, it must be generated using some private data, not merely a public key.
mkl over 4 years

In principle, though, often key pairs can be used inversely. I.e. one can often technically create a "signature" using a public key, but to verify that signature one needs the private key. This merely makes no sense, see my previous comment.
Banzragch. B over 4 years

i mean the signature has been signed by private key(other service does it) and i have certificate chain. I just need to add signature to existing pdf and do validition. Do you have any advise?
mkl over 4 years

So you want to add a second signature? Or something different altogether? You probably should make this an actual stack overflow question instead of a series of some comments here. In that question you could explain in more detail what your use case is.
Banzragch. B over 4 years

thank you for quick reply, i will add question then put the link here.
Banzragch. B over 4 years

Can you please see my case here stackoverflow.com/questions/60312185/…