PAdES signatures in iText and the road ahead
2 likes5,382 views
The document discusses the PAdES (PDF Advanced Electronic Signature) standard, established by ETSI to facilitate secure paperless transactions across Europe, aligning with the European electronic signature directive. It outlines various PAdES profiles, including those for XML content, and details support for these formats in the iText library. The document also addresses both current capabilities and limitations in the iText signing architecture, proposing a new architecture for improved functionality.
![PAdES Part 4
Profiles the electronic signature formats found in ISO
32000-1 [1] to support Long Term Validation (LTV) of
PDF Signatures
Specifies how to include validation information in a PDF
Document and to further protect the document using
time-stamps so that it is possible to subsequently verify a
PDF Signature long after it was signed. This profile may
be used to support long term validation of:
•
•
•
PDF Signatures to profiles specified in TS 102 778-2
PDF Signatures to profiles specified in TS 102 778-3
PDF Signatures to profiles specified in TS 102 778-5
2012-03-29
iText Summit
10](https://image.slidesharecdn.com/pades-131113043048-phpapp02/85/PAdES-signatures-in-iText-and-the-road-ahead-10-320.jpg)
![adbe.x509.rsa.sha1 signing
KeyStore ks = KeyStore.getInstance("pkcs12");
ks.load(new FileInputStream("my_private_key.pfx"), "my_password".toCharArray());
String alias = (String)ks.aliases().nextElement();
PrivateKey key = (PrivateKey)ks.getKey(alias, "my_password".toCharArray());
Certificate[] chain = ks.getCertificateChain(alias);
PdfReader reader = new PdfReader("original.pdf");
FileOutputStream fout = new FileOutputStream("signed.pdf");
PdfStamper stp = PdfStamper.createSignature(reader, fout, '0');
PdfSignatureAppearance sap = stp.getSignatureAppearance();
sap.setCrypto(key, chain, null, PdfSignatureAppearance.SELF_SIGNED);
sap.setReason("I'm the author");
sap.setLocation("Lisbon");
sap.setVisibleSignature(new Rectangle(100, 100, 200, 200), 1, null);
stp.close();
2012-03-29
iText Summit
15](https://image.slidesharecdn.com/pades-131113043048-phpapp02/85/PAdES-signatures-in-iText-and-the-road-ahead-15-320.jpg)
![adbe.pkcs7.sha1 signing
KeyStore ks = KeyStore.getInstance("pkcs12");
ks.load(new FileInputStream("my_private_key.pfx"), "my_password".toCharArray());
String alias = (String)ks.aliases().nextElement();
PrivateKey key = (PrivateKey)ks.getKey(alias, "my_password".toCharArray());
Certificate[] chain = ks.getCertificateChain(alias);
PdfReader reader = new PdfReader("original.pdf");
FileOutputStream fout = new FileOutputStream("signed.pdf");
PdfStamper stp = PdfStamper.createSignature(reader, fout, '0');
PdfSignatureAppearance sap = stp.getSignatureAppearance();
sap.setCrypto(key, chain, null, PdfSignatureAppearance.WINCER_SIGNED);
sap.setReason("I'm the author");
sap.setLocation("Lisbon");
sap.setVisibleSignature(new Rectangle(100, 100, 200, 200), 1, null);
stp.close();
2012-03-29
iText Summit
16](https://image.slidesharecdn.com/pades-131113043048-phpapp02/85/PAdES-signatures-in-iText-and-the-road-ahead-16-320.jpg)
![adbe.pkcs7.detached signing
PdfSignatureAppearance sap = stp.getSignatureAppearance();
sap.setCrypto(null, chain, null, PdfSignatureAppearance.SELF_SIGNED);
PdfSignature dic = new PdfSignature(PdfName.ADOBE_PPKLITE, new PdfName("adbe.pkcs7.detached"));
dic.setDate(new PdfDate(sap.getSignDate()));
sap.setCryptoDictionary(dic);
HashMap<PdfName,Integer> exc = new HashMap<PdfName,Integer>();
exc.put(PdfName.CONTENTS, new Integer(contentEstimated * 2 + 2));
sap.preClose(exc);
PdfPKCS7 sgn = new PdfPKCS7(pk, chain, null, "SHA1", null, false);
InputStream data = sap.getRangeStream();
MessageDigest messageDigest = MessageDigest.getInstance("SHA1");
byte buf[] = new byte[8192]; int n;
while ((n = data.read(buf)) > 0) messageDigest.update(buf, 0, n);
byte hash[] = messageDigest.digest(); Calendar cal = Calendar.getInstance();
TSAClient tsc = new TSAClientBouncyCastle(TSA_URL, TSA_ACCNT, TSA_PASSW);
byte[] ocsp = new OcspClientBouncyCastle((X509Certificate)chain[0], (X509Certificate)chain[1],
url).getEncoded();
byte sh[] = sgn.getAuthenticatedAttributeBytes(hash, cal, ocsp);
sgn.update(sh, 0, sh.length);
byte[] encodedSig = sgn.getEncodedPKCS7(hash, cal, tsc, ocsp);
byte[] paddedSig = new byte[contentEstimated];
System.arraycopy(encodedSig, 0, paddedSig, 0, encodedSig.length);
PdfDictionary dic2 = new PdfDictionary();
dic2.put(PdfName.CONTENTS, new PdfString(paddedSig).setHexWriting(true));
sap.close(dic2);
2012-03-29
iText Summit
17](https://image.slidesharecdn.com/pades-131113043048-phpapp02/85/PAdES-signatures-in-iText-and-the-road-ahead-17-320.jpg)
More Related Content
Similar to PAdES signatures in iText and the road ahead (20)
PAdES signatures in iText and the road ahead
- 1. PAdES signatures in iText and the road ahead Paulo Soares
- 2. About the speaker Paulo Soares M.Sc. Electronics and Telecomunications Hardware background in military comunication systems Works for www.glintt.com Healthcare software (pharmacies, hospitals, clinics, laboratories) Industrial control, automation Software architect iText co-developer since 2000 2012-03-29 iText Summit 2
- 3. Some acronyms OSI - Open Systems Interconnection ASN.1 - Abstract Syntax Notation One BER - Basic Encoding Rules DER - Distinguished Encoding Rules IETF - Internet Engineering Task Force RFC – Request For Comments CMS – Cryptographic Message Syntax CAdES - CMS Advanced Electronic Signatures PAdES - PDF Advanced Electronic Signature Profiles 2012-03-29 iText Summit 3
- 4. What is PAdES In July 2009, ETSI (European Telecommunications Standard Institute) has published a new standard that will facilitate secure paperless transactions throughout Europe, in conformance with European legislation. The standard defines a series of profiles for PAdES — Advanced Electronic Signatures for PDF documents — that meet the requirements of the European Directive on a Community framework for electronic signatures (Directive 1999/93/EC). The new standard was developed by ETSI's Electronic Signatures and Infrastructure (ESI) Technical Committee in collaboration with PDF experts. PDF is defined in a standard ISO 32000-1, so the ETSI activity included reviewing and documenting how ISO 32000-1 can satisfy the European Directive. The resulting PAdES standard, ETSI Technical Specification (TS) 102 778, also introduces a number of adaptations and extensions to PDF to satisfy the Directive's requirements. 2012-03-29 iText Summit 4
- 5. PAdES summary Part 1: "PAdES Overview - a framework document for PAdES"; Part 2: "PAdES Basic - Profile based on ISO 320001"; Part 3: "PAdES Enhanced - PAdES-BES and PAdES-EPES Profiles"; Part 4: "PAdES Long Term - PAdES-LTV Profile"; Part 5: "PAdES for XML Content - Profiles for XAdES signatures". 2012-03-29 iText Summit 5
- 6. PAdES Part 1 Provides a general description of support for signatures in PDF documents including use of XML signatures to protect XML data in PDF documents; Lists the features of the PDF profiles specified in other parts of the document; Describes how the profiles may be used in combination. 2012-03-29 iText Summit 6
- 7. PAdES Part 2 Profiles the use of PDF signatures, as described in ISO 32000-1 and based on CMS, for its use in any application areas where PDF is the appropriate technology for exchange of digital documents including interactive forms. 2012-03-29 iText Summit 7
- 8. PAdES Part 2 SubFilter value adbe.pkcs7.detached Message Digest adbe.pkcs7.sha1 adbe.x509.rsa.sha1a SHA1 (PDF 1.3) SHA1 (PDF 1.3)b SHA1 (PDF 1.3) SHA256 (PDF 1.6) SHA384 (PDF 1.7) SHA384 (PDF 1.7) SHA512 (PDF 1.7) SHA512 (PDF 1.7) RIPEMD160 (PDF 1.7) RSA Algorithm Support SHA256 (PDF 1.6) RIPEMD160 (PDF 1.7) Up to 1024-bit (PDF 1.3) See adbe.pkcs7.detached See adbe.pkcs7.detached See adbe.pkcs7.detached No Up to 2048-bit (PDF 1.5) Up to 4096-bit (PDF 1.5) DSA Algorithm Support Up to 4096-bits (PDF 1.6) a Despite the appearance of sha1 in the name of this SubFilter value, supported encodings shall not be limited to the SHA1 algorithm. The PKCS#1 object contains an identifier that indicates which algorithm shall be used. b Other digest algorithms may be used to digest the signed-data field; however, SHA1 shall be used to digest the data that is being signed. 2012-03-29 iText Summit 8
- 9. PAdES Part 3 Profiles the use of PDF Signatures specified in ISO 32000-1 with an alternative signature encoding to support signature formats equivalent to the signature forms CAdES-BES, CAdES-EPES and CAdES-T as Specified in TS 101 733. The PAdES-BES profile supports basic CMS (RFC 3852) signature features as specified TS 102 778-2 with the additional protection against signing certificate substitution. The PAdES-EPES profile extends the PAdES-BES profile to include signature policies. 2012-03-29 iText Summit 9
- 10. PAdES Part 4 Profiles the electronic signature formats found in ISO 32000-1 [1] to support Long Term Validation (LTV) of PDF Signatures Specifies how to include validation information in a PDF Document and to further protect the document using time-stamps so that it is possible to subsequently verify a PDF Signature long after it was signed. This profile may be used to support long term validation of: • • • PDF Signatures to profiles specified in TS 102 778-2 PDF Signatures to profiles specified in TS 102 778-3 PDF Signatures to profiles specified in TS 102 778-5 2012-03-29 iText Summit 10
- 11. PAdES Part 4 2012-03-29 iText Summit 11
- 12. PAdES Part 5 Defines four profiles that together profile the usage of XAdES signatures, as defined in TS 101 903, for signing XML content within the PDF containers. 2012-03-29 iText Summit 12
- 13. PAdES support in iText Full support of PAdES Part 2 Support of PAdES Part 3 with an external signature Full support of PAdES Part 4 No support of PAdES Part 5 2012-03-29 iText Summit 13
- 14. PAdES Part 2 in iText Direct support of adbe.x509.rsa.sha1 Direct support of adbe.pkcs7.sha1 Support of adbe.pkcs7.detached as an external signature but iText does the signing 2012-03-29 iText Summit 14
- 15. adbe.x509.rsa.sha1 signing KeyStore ks = KeyStore.getInstance("pkcs12"); ks.load(new FileInputStream("my_private_key.pfx"), "my_password".toCharArray()); String alias = (String)ks.aliases().nextElement(); PrivateKey key = (PrivateKey)ks.getKey(alias, "my_password".toCharArray()); Certificate[] chain = ks.getCertificateChain(alias); PdfReader reader = new PdfReader("original.pdf"); FileOutputStream fout = new FileOutputStream("signed.pdf"); PdfStamper stp = PdfStamper.createSignature(reader, fout, '0'); PdfSignatureAppearance sap = stp.getSignatureAppearance(); sap.setCrypto(key, chain, null, PdfSignatureAppearance.SELF_SIGNED); sap.setReason("I'm the author"); sap.setLocation("Lisbon"); sap.setVisibleSignature(new Rectangle(100, 100, 200, 200), 1, null); stp.close(); 2012-03-29 iText Summit 15
- 16. adbe.pkcs7.sha1 signing KeyStore ks = KeyStore.getInstance("pkcs12"); ks.load(new FileInputStream("my_private_key.pfx"), "my_password".toCharArray()); String alias = (String)ks.aliases().nextElement(); PrivateKey key = (PrivateKey)ks.getKey(alias, "my_password".toCharArray()); Certificate[] chain = ks.getCertificateChain(alias); PdfReader reader = new PdfReader("original.pdf"); FileOutputStream fout = new FileOutputStream("signed.pdf"); PdfStamper stp = PdfStamper.createSignature(reader, fout, '0'); PdfSignatureAppearance sap = stp.getSignatureAppearance(); sap.setCrypto(key, chain, null, PdfSignatureAppearance.WINCER_SIGNED); sap.setReason("I'm the author"); sap.setLocation("Lisbon"); sap.setVisibleSignature(new Rectangle(100, 100, 200, 200), 1, null); stp.close(); 2012-03-29 iText Summit 16
- 17. adbe.pkcs7.detached signing PdfSignatureAppearance sap = stp.getSignatureAppearance(); sap.setCrypto(null, chain, null, PdfSignatureAppearance.SELF_SIGNED); PdfSignature dic = new PdfSignature(PdfName.ADOBE_PPKLITE, new PdfName("adbe.pkcs7.detached")); dic.setDate(new PdfDate(sap.getSignDate())); sap.setCryptoDictionary(dic); HashMap<PdfName,Integer> exc = new HashMap<PdfName,Integer>(); exc.put(PdfName.CONTENTS, new Integer(contentEstimated * 2 + 2)); sap.preClose(exc); PdfPKCS7 sgn = new PdfPKCS7(pk, chain, null, "SHA1", null, false); InputStream data = sap.getRangeStream(); MessageDigest messageDigest = MessageDigest.getInstance("SHA1"); byte buf[] = new byte[8192]; int n; while ((n = data.read(buf)) > 0) messageDigest.update(buf, 0, n); byte hash[] = messageDigest.digest(); Calendar cal = Calendar.getInstance(); TSAClient tsc = new TSAClientBouncyCastle(TSA_URL, TSA_ACCNT, TSA_PASSW); byte[] ocsp = new OcspClientBouncyCastle((X509Certificate)chain[0], (X509Certificate)chain[1], url).getEncoded(); byte sh[] = sgn.getAuthenticatedAttributeBytes(hash, cal, ocsp); sgn.update(sh, 0, sh.length); byte[] encodedSig = sgn.getEncodedPKCS7(hash, cal, tsc, ocsp); byte[] paddedSig = new byte[contentEstimated]; System.arraycopy(encodedSig, 0, paddedSig, 0, encodedSig.length); PdfDictionary dic2 = new PdfDictionary(); dic2.put(PdfName.CONTENTS, new PdfString(paddedSig).setHexWriting(true)); sap.close(dic2); 2012-03-29 iText Summit 17
- 18. PAdES Part 3 in iText No direct support but possible to use an external signature iText currently has no capabilities to assist in the signing 2012-03-29 iText Summit 18
- 19. PAdES Part 4 in iText Full LTV support both in Document security Store and Timestamp 2012-03-29 iText Summit 19
- 20. PAdES Part 4 in iText PdfReader r = new PdfReader(IN_FILE); FileOutputStream fout = new FileOutputStream(OUT_FILE); PdfStamper stp = PdfStamper.createSignature(r, fout, '0', null, true); LtvVerification v = stp.getLtvVerification(); AcroFields af = stp.getAcroFields(); for (String sigName : af.getSignatureNames()) { v.addVerification(sigName, new OcspClientBouncyCastle(), new CrlClientImp(), LtvVerification.CertificateOption.WHOLE_CHAIN, LtvVerification.Level.OCSP_CRL, LtvVerification.CertificateInclusion.NO); } PdfSignatureAppearance sap = stp.getSignatureAppearance(); TSAClientBouncyCastle tsa = new TSAClientBouncyCastle(TSA_URL, TSA_ACCNT, TSA_PASSW, 6500, "sha256"); LtvTimestamp.timestamp(sap, tsa, null); 2012-03-29 iText Summit 20
- 21. iText sign architecture Certificate encryption Validation – AcroFields.verifySignature() Signing – PdfSignatureAppearance, PdfPKCS7 Open Source – Modify at will 2012-03-29 iText Summit 21
- 22. Shortcomings of iText signing architecture Monolithic Impossible to open a certificate encrypted PDF with a smartcard with C# Impossible to plug-in another validation engine/logic Arbitrary signing is possible with an external signature but iText won’t assist much in the process Open Source – no urgency in providing a decent interface 2012-03-29 iText Summit 22
- 23. New iText signing architecture Based on the factory pattern Plug-in for certificate encryption, validation and signing Standard plug-in for detached signing and CAdES signing 2012-03-29 iText Summit 23