The Macedon
Reputation: 199
iTextPDF 5.5.0 BouncyCastle dependency issue
I'm trying to extract digital signature data from signed PDF using iTextPDF in Java. My code is:
PdfReader reader = new PdfReader(is);
AcroFields af = reader.getAcroFields();
ArrayList<String> names = af.getSignatureNames();
if(names == null || names.isEmpty()) return null;
KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
ks.load(null, null);
ArrayList<Map<QName, Serializable>> aspects = new ArrayList<Map<QName, Serializable>>();
for (String name : names) {
System.out.println("Signature name: " + name);
System.out.println("Signature covers whole document: " + af.signatureCoversWholeDocument(name));
System.out.println("Document revision: " + af.getRevision(name) + " of " + af.getTotalRevisions());
PdfPKCS7 pk = af.verifySignature(name);
X509Certificate certificate = pk.getSigningCertificate();
Map<QName, Serializable> aspectSignatureProperties = new HashMap<QName, Serializable>();
aspectSignatureProperties.put(SignModel.PROP_CERTIFICATE_PRINCIPAL, certificate.getSubjectX500Principal().toString());
aspectSignatureProperties.put(SignModel.PROP_CERTIFICATE_SERIAL_NUMBER, certificate.getSerialNumber().toString());
aspectSignatureProperties.put(SignModel.PROP_CERTIFICATE_NOT_AFTER, certificate.getNotAfter());
aspectSignatureProperties.put(SignModel.PROP_CERTIFICATE_ISSUER, certificate.getIssuerX500Principal().toString());
aspects.add(aspectSignatureProperties);
}
However, at PdfPKCS7 pk = af.verifySignature(name); i get this Exception:
Caused by: java.lang.NoClassDefFoundError: org/bouncycastle/asn1/ASN1ObjectIdentifier
at com.itextpdf.text.pdf.AcroFields.verifySignature(AcroFields.java:2349)
at com.itextpdf.text.pdf.AcroFields.verifySignature(AcroFields.java:2302)
at es.keensoft.alfresco.behaviour.CustomBehaviour.getDigitalSignatures(CustomBehaviour.java:133)
at es.keensoft.alfresco.behaviour.CustomBehaviour.onCreateNode(CustomBehaviour.java:78)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.alfresco.repo.policy.JavaBehaviour$JavaMethodInvocationHandler.invoke(JavaBehaviour.java:174)
at com.sun.proxy.$Proxy54.onCreateNode(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.alfresco.repo.policy.TransactionBehaviourQueue.execute(TransactionBehaviourQueue.java:245)
... 41 more
Caused by: java.lang.ClassNotFoundException: org.bouncycastle.asn1.ASN1ObjectIdentifier
at org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1702)
at org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1547)
... 56 more
I tried to include BouncyCastle dependencies but then I get:
Signer information does not match
Any ideas? Thanks
EDIT:
I'm using Maven with these dependencies:
<dependency>
<groupId>com.itextpdf</groupId>
<artifactId>itextpdf</artifactId>
<version>5.5.0</version>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk15on</artifactId>
<version>1.49</version>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcpkix-jdk15on</artifactId>
<version>1.49</version>
</dependency>
and I'm getting the following error:
java.lang.SecurityException: class "org.bouncycastle.asn1.ASN1ObjectIdentifier"'s signer information does not match signer information of other classes in the same package
Upvotes: 1
Views: 6048
Answers (1)
Angel Borroy
Reputation: 71
Try using this:
<dependencies>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk15on</artifactId>
<version>1.50</version>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcpkix-jdk15on</artifactId>
<version>1.50</version>
</dependency>
<dependency>
<groupId>com.itextpdf.tool</groupId>
<artifactId>xmlworker</artifactId>
<version>5.5.0</version>
</dependency>
<dependency>
<groupId>com.itextpdf</groupId>
<artifactId>itextpdf</artifactId>
<version>5.5.0</version>
</dependency>
</dependencies>
Dependencies are not clearly declared by iText in Maven.
As other users claim in the answers, 1.49 is working fine with 5.5.0. First MAVEN versions of iText where not so clear managing dependencies (even Bruno Lowagie talked about that).
The problem seems to be that existent 1.45 artifacts are interfering with the execution. In that case, following libraries combination will work.
<dependencies>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk15on</artifactId>
<version>1.45</version>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcpkix-jdk15on</artifactId>
<version>1.45</version>
</dependency>
<dependency>
<groupId>com.itextpdf.tool</groupId>
<artifactId>xmlworker</artifactId>
<version>5.0.6</version>
</dependency>
<dependency>
<groupId>com.itextpdf</groupId>
<artifactId>itextpdf</artifactId>
<version>5.0.6</version>
</dependency>
</dependencies>
Upvotes: 1
Related Questions
- How to add local .jar file dependency to build.gradle file?
- KeystoreException Bouncy Castle not found on application server
- java.lang.RuntimeException: com.sun.tools.javac.code.Symbol$CompletionFailure: class file for org.bouncycastle.asn1.DERInteger not found
- How do I tell Maven to use the latest version of a dependency?
- JPA, Open JPA OneToMany - FailedObject
- Watch Service java.lang.IllegalStateException
- Cannot add data to database in my web app using JSF, javaEE
- Hibernate, Postgresql on TomEE
- How come Glassfish does not fail to start but Tomcat does if scope is not provided?