digital-signature

问题 I created code that adds an image to an existing pdf document and then signs it, all using PDFBox (see code below). The code nicely adds the image and the signature. However, in some documents, Acrobat Reader complains that "The signature byte range is invalid." The problem seems to be the same as the problem described in this question. The answer to that question describes the problem in more detail: the problem is that my code leaves a mix of cross reference types in the document (streams

问题 I'm evaluating TurboPower LockBox library for digital signing. I've created a 1024 bit RSA key and tried to sign a 260 bytes of text with it. After changing one or two characters in the text the signature is still valid for it. Is that ok? Or maybe it's a problem with this library. Changing even one character has a crucial effect. Do I need to create a larger key? UPDATE To test the library I used the demo application that comes with it. I have generated a 1024 RSA key pair and then tried the

问题 My question is how to create a public key and private key with OpenSSL in windows and how to put the created public key in .crt file and the private one in .pcks8 file in order to use this two keys to sign a SAML assertion in Java Thanks in advance 回答1: You can generate a public-private keypair with the genrsa context (the last number is the keylength in bits): openssl genrsa -out keypair.pem 2048 To extract the public part, use the rsa context: openssl rsa -in keypair.pem -pubout -out

问题 I have a quick question about calculating the digest of a PDF document to use for a digital signature (somewhat related to one of my earlier questions, I'm trying to figure out why you would need to know a client's certificate to create the correct digest). In Adobe's documentation about the PDF format the following is specified: A byte range digest shall be computed over a range of bytes in the file, that shall be indicated by the ByteRange entry in the signature dictionary. This range

问题 On iOS, the Certificate, Key, and Trust Services API contains the following padding types: kSecPaddingNone kSecPaddingPKCS1 kSecPaddingPKCS1MD2 kSecPaddingPKCS1MD5 kSecPaddingPKCS1SHA1 A user on the Apple CDSA mailing list says that "kSecPaddingPKCS1 [...] is the same as PKCS #1 1.5". The Certificate, Key, and Trust Services Reference annotates the latter three padding types ( kSecPaddingPKCS1MD2 , kSecPaddingPKCS1MD5 , and kSecPaddingPKCS1SAH ) with "Standard ASN.1 padding will be done, as

问题 On iOS, the Certificate, Key, and Trust Services API contains the following padding types: kSecPaddingNone kSecPaddingPKCS1 kSecPaddingPKCS1MD2 kSecPaddingPKCS1MD5 kSecPaddingPKCS1SHA1 A user on the Apple CDSA mailing list says that "kSecPaddingPKCS1 [...] is the same as PKCS #1 1.5". The Certificate, Key, and Trust Services Reference annotates the latter three padding types ( kSecPaddingPKCS1MD2 , kSecPaddingPKCS1MD5 , and kSecPaddingPKCS1SAH ) with "Standard ASN.1 padding will be done, as

问题 I read this post how can sign a file with BouncyCastle dll in c# and I would to know if it is possible found some support for certificates stored in smartcard. What I'm trying to do is to create P7M cades but it seems impossibile to found any dopcumentation, .NET classes or free library. 回答1: You can also try this c# ported version of an European Commission initiative: DSS .NET It supports CAdES. Try using the MSCAPISignatureToken and the guide in the CookBook CookBook 回答2: I used DSS.NET

问题 I am trying to sign pdf with a smart card. I use the following code: public class SC { public static final String SRC = "src/test.pdf"; public static final String DEST = "src/test_smartCard.pdf"; public void sign(String src, String dest, Certificate[] chain, PrivateKey pk, String digestAlgorithm, String provider, CryptoStandard subfilter, String reason, String location, Collection<CrlClient> crlList, OcspClient ocspClient, TSAClient tsaClient, int estimatedSize) throws

问题 I need to create a Json Web Token and signing it with an asymetric RS256 algorithm. The key used for signing should be taken from a X509 certificate and be validated by the receiver using the public key. Using HMAC and password works fine, but the JWT created with the code listed below, produces constantlyI an "Invalid signature" at https://jwt.io I got through many postings here, found a lot of usefull hints but none of them solved my problem. Maybe I've still a problem in understanding. I

问题 Several questions to the code below. googled, read javadoc import org.apache.pdfbox.io.IOUtils; import org.apache.pdfbox.pdmodel.PDDocument; import org.apache.pdfbox.pdmodel.PDDocumentCatalog; import org.apache.pdfbox.pdmodel.encryption.InvalidPasswordException; import org.apache.pdfbox.pdmodel.interactive.digitalsignature.PDSignature; import org.apache.pdfbox.pdmodel.interactive.form.PDAcroForm; import org.apache.pdfbox.pdmodel.interactive.form.PDField; import org.apache.pdfbox.pdmodel