CODEWITHSUNDEEP
javapdfitextdigital-signaturebouncycastle
jeremp
jeremp

Reputation: 51

Error when validating a Pdf signature with Itext

I'm trying to validate a PDF signature with Itext 5 and BouncyCastle 1.48. My code works for many signed pdf but on some pdf of a specific customer. Here's my Java code

// The entry point
public static void verifySignatures(String path) throws IOException, GeneralSecurityException {
    System.out.println(path);
    PdfReader reader = new PdfReader(path);
    AcroFields fields = reader.getAcroFields();
    ArrayList<String> names = fields.getSignatureNames();
    System.out.println("Il y a "+names.size()+" signatures");
    for (String name : names) {
        System.out.println("===== " + name + " =====");
        verifySignature(fields, name);
    }
    System.out.println();
}

public static PdfPKCS7 verifySignature(AcroFields fields, String name)
        throws GeneralSecurityException, IOException {
    System.out.println("Signature covers whole document: "+ fields.signatureCoversWholeDocument(name));
    System.out.println("Document revision: " + fields.getRevision(name)
            + " of " + fields.getTotalRevisions());
    PdfPKCS7 pkcs7 = fields.verifySignature(name);
    System.out.println("Integrity check OK? " + pkcs7.verify());
    return pkcs7;
}

Sometimes i get this Exception :

java.lang.IllegalArgumentException: unknown object in getInstance: org.bouncycastle.asn1.ASN1Enumerated at org.bouncycastle.asn1.ASN1Sequence.getInstance(Unknown Source) at org.bouncycastle.asn1.ocsp.ResponseData.getInstance(Unknown Source) at org.bouncycastle.asn1.ocsp.BasicOCSPResponse.(Unknown Source) at org.bouncycastle.asn1.ocsp.BasicOCSPResponse.getInstance(Unknown Source) at com.itextpdf.text.pdf.security.PdfPKCS7.findOcsp(PdfPKCS7.java:1284) at com.itextpdf.text.pdf.security.PdfPKCS7.(PdfPKCS7.java:382) at com.itextpdf.text.pdf.AcroFields.verifySignature(AcroFields.java:2317)

Does anyone ever had to solve this problem ?

Upvotes: 1

Views: 2540

Answers (1)

jeremp
jeremp

Reputation: 51

I managed to find what was going wrong.

There was a conflict between BouncyCastle libs, i've noticed that Grails (the framework i use) embbed another version of Bouncycastle.

I excluded thoses jar from my BuildConfig.groovy

   // inherit Grails' default dependencies
   inherits("global") {
      excludes 'bcprov-jdk15', 'bcpg-jdk15', 'bcmail-jdk15' 
   }

... and it works.

Upvotes: 1

Related Questions