Reputation: 85
How to implement PADES signature in iTextSharp 5?
I am currently using iTextSharp 5 to apply digital signatures to PDFs. I am applying signatures in the detached mode by using the support of BouncyCastle, like this:
public void Sign(PDFDocument doc, SigningKey key)
{
using (PdfReader reader = new PdfReader(doc.Content))
using (MemoryStream memStream = new MemoryStream())
using (PdfStamper stamper = PdfStamper.CreateSignature(reader, memStream, '\0'))
{
PdfSignatureAppearance signature = stamper.SignatureAppearance;
IExternalSignature pks = new PrivateKeySignature(key.ToParameters(), DigestAlgorithms.SHA256);
MakeSignature.SignDetached(signature, pks, key.CertChain, null, null, null, 0, CryptoStandard.CADES);
doc.Content = memStream.ToArray();
}
}
I found out that CryptoStandard allows me to choose the standard for my digital signature, but the only ones I see are CADES and CMS, and I also require support for PADES. Is it possible to do it in iTextSharp?
Upvotes: 0
Views: 2096
Answers (1)
Reputation: 95918
PAdES
First off, you say you require support for PADES but you don't mention which PAdES profile you need.
PAdES originally (in 2009/2010) was specified as an ETSI technical specification (ETSI TS 102 778 parts 1-6) with profiles
- PAdES Basic - PAdES-CMS Profile based on ISO 32000-1
- PAdES Enhanced - PAdES-BES and PAdES-EPES Profile
- Long Term - PAdES-LTV Profile
- PAdES for XML Content - Profiles for XAdES signatures of XML documents embedded in PDF Containers
Meanwhile (2016) it has been updates as an European Standard (ETSI EN 319 142 parts 1-2) with profiles
- PAdES baseline signatures at levels B-B, B-T, B-LT, and B-LTA
- Profile for CMS digital signatures in PDF
- Extended PAdES signature profiles at levels PAdES-E-BES, PAdES-E-EPES, and PAdES-E-LTV
- Profiles for XAdES Signatures signing XML content in PDF
(the latter three being re-christianed versions of the old profiles but the baseline profiles being in focus now).
iText 5.5.x
As you found out the iText enumeration CryptoStandard knows two options CMS and CADES.
First of all, CADES is not for generating arbitrary CAdES signatures but for generating specially profiled CAdES signature containers and embedding them in PDFs as is required for non-CMS-profile PAdES signatures.
Concerning your question, therefore
I also require support for PADES. Is it possible to do it in iTextSharp?
Yes, iText 5.5.x does support simple PAdES profiles. In particular you'll use the CryptoStandard values for following profiles:
CryptoStandard.CMSfor the profile for CMS digital signatures in PDF;CryptoStandard.CADESfor baseline signatures at level B-B and B-T and for extended ones at levels PAdES-E-BES and PAdES-E-EPES.
Upvotes: 1
Related Questions
- How to show digital signature VALUE in signature appearance of PDF file with iTextSharp
- Digital sign of PDF with PAdES standard
- Add multiple Digital Signature in PDF using iTextSharp in C#
- Adding a Digital signature to a PDF with iTextSharp
- Custom signature appearance using iText
- How to verify a custom formatted digital signature with iText?
- How to add signature field to pdf using iTextSharp 5.5.13
- PDF digital signing: customize appearance by using iTextSharp
- c# itextsharp how to get digital signature image
- Signing a PDF with iTextSharp