signature byte range is invalid after enabling LTV
I am using aws cloudHSM and itext7 to sign the pdf. Everything is fine till i am not enabling LTV.
But after enabling LTV getting error "Atleast one signature has problem" and showing reason signature byte range is invalid.
Below is the code
private void ltvEnable(PdfSigner signer, OutputStream baos, String name11,
OcspClientBouncyCastle ocspClient, CrlClientOnline crlClient, CustomTSAClient tsc) {
ByteArrayInputStream signedPdfInput = new ByteArrayInputStream(((ByteArrayOutputStream)baos).toByteArray());
try {
PdfReader pdfReader = new PdfReader(signedPdfInput);
PdfDocument document = new PdfDocument(pdfReader.setUnethicalReading(true), new PdfWriter(baos),
new StampingProperties().useAppendMode());
LtvVerification ltvVerification = new LtvVerification(document);
SignatureUtil signatureUtil = new SignatureUtil(document);
List<String> names = signatureUtil.getSignatureNames();
String sigName = names.get(names.size() - 1);
PdfPKCS7 pkcs7 = signatureUtil.readSignatureData(sigName);
if (pkcs7.isTsp()) {
ltvVerification.addVerification(sigName, ocspClient, crlClient, LtvVerification.CertificateOption.WHOLE_CHAIN,
LtvVerification.Level.OCSP_CRL, LtvVerification.CertificateInclusion.YES);
} else {
for (String name : names) {
ltvVerification.addVerification(name, ocspClient, crlClient, LtvVerification.CertificateOption.WHOLE_CHAIN,
LtvVerification.Level.OCSP_CRL, LtvVerification.CertificateInclusion.YES);
}
}
ltvVerification.merge();
//signer.timestamp(tsc, null);
document.close();
pdfReader.close();
} catch (IOException | GeneralSecurityException e) {
logger.error("Error while making signature ltv enabled");
}
}
Before enabling ltv -:
After -:
Solution
In your architecture you have a ByteArrayOutputStream parameter in which you retrieve the pdf to LTV-enable and in which you also in the end return the LTV-enabled result pdf.
In such an architecture have to clear the ByteArrayOutputStream between retrieving the original content from it and adding the new content to it.
In your case, therefore, you have to clear it between
ByteArrayInputStream signedPdfInput = new ByteArrayInputStream(((ByteArrayOutputStream)baos).toByteArray());
and
PdfDocument document = new PdfDocument(pdfReader.setUnethicalReading(true), new PdfWriter(baos),
new StampingProperties().useAppendMode());
- How do I use org.scribe.oauth to connect to the tumblr API?
- java stream to set the values to a list from another list
- Delete directories recursively in Java
- How can I call scikit-learn classifiers from Java?
- Java method declared to throw IOException not propagating the exception up the call stack
- How to get integer and fraction portions of a BigDecimal in Java
- How to auto add imports in IntelliJ?
- remove double quotes from csv while using open csv
- Java custom annotation for a behaviour like trim
- Cors Error when calling microservice from Vue frontend application
- Why isn't my class unloaded when I erase any link to them and to ClassLoader?
- Java UTF-8 filenames with IBM JVM (AIX)
- What would be a good use-case scenario for the Spliterator in Java 8?
- Caused by: java.lang.NoClassDefFoundError: io/jsonwebtoken/Jwts
- Are supertypes of a type just the ones that are directly extended or implemented?
- ModelAttribute returns null values to controller in Spring MVC
- Jaybird 3 and Firebird transaction information
- IntelliJ - Invalid source release: 17
- How to use JScrollPane with JTextArea in Swing?
- Java FFM - Obtaining a var handle to an array field of a structure
- Is there auto type inferring in Java?
- Springboot Keycloak Admin add role or reset password error
- Setting up IntelliJ IDEA with Java 1.8/1.7 and resolve "java: System Java Compiler was not found in classpath"
- How to add a simple horizontal line at Y value of JFreeChart TimeSeries
- java.sql.SQLException: Column Index out of range, 2 > 1
- Task app:compileDebugJavaWithJavac failed
- Column name as a parameter to Spring Data JPA Query
- Pervasive SQL Java database name
- XML to be validated against multiple xsd schemas
- How many sessions can be managed by an Java Application in Struts 2?