search

perevoznyk / swelio-pdf

PDF digital signature with Belgian eid card
4 stars 3 forks source link

Error when signing a pdf #4

Closed natan-ds closed 3 years ago

natan-ds commented 3 years ago

Hello Mr. Perevoznyk.

I tried to sign a pdf document with your demo program but got an error at this line : MakeSignature.SignDetached(appearance, eidSignature, certPath, crlList, null, tsaClient, 0, CryptoStandard.CADES);

Here is what i wrote in commandline : PDFSigner -i test.pdf -o res.pdf -p XXXX

Here is the stack trace : `` itextsharp --- La référence d'objet n'est pas définie à une instance d'un objet.----- à iTextSharp.text.pdf.security.PdfPKCS7.GetEncodedPKCS7(Byte[] secondDigest, ITSAClient tsaClient, Byte[] ocsp, ICollection'1 crlBytes, CryptoStandard sigtype) à iTextSharp.text.pdf.security.MakeSignature.SignDetached(PdfSignatureAppearance sap, IExternalSignature externalSignature, ICollection1 chain, ICollection'1 crlList, IOcspClient ocspClient, ITSAClient tsaClient, Int32 estimatedSize, CryptoStandard sigtype, SignaturePolicyIdentifier signaturePolicy) à PDFSigner.Program.Main(String[] args) dans C:\Users\Admin\OneDrive - NetBee\Documents\swelio-pdf-master\PDFSigner\Program.cs:ligne 142

perevoznyk commented 3 years ago

@natan-ds Do you use the recent Belgian eID card for your test? The certificate standard is changed and in order to get the non-repudiation certificate from the card the eID middleware version 5.x must be installed.

natan-ds commented 3 years ago

@perevoznyk

image

I have the 5.0.17 middleware version installed. I'm using Digipass 870 card reader.

Here is my query :

PDFSigner -i "C:\Users\Admin\Documents\PDFSIGN\PDFSigner\bin\Release\test.pdf" -o "C:\Users\Admin\Documents\PDFSIGN\PDFSigner\bin\Release\newpdf.pdf" -p XXXX

I tried to debug your demo program and it crashes at the MakeSignature.SignDetached().

perevoznyk commented 3 years ago

You can try new release https://github.com/perevoznyk/swelio-pdf/releases/tag/v1.2

natan-ds commented 3 years ago

@perevoznyk Hello. Thank you for your answer. I get now "Can't read the certificate from the card". It goes in your catch NullReferenceException. Do you have an idea of the problem?

eIdViewer can read my certificate so it's not a problem of reader.

perevoznyk commented 3 years ago

Fixed in v2.0

natan-ds commented 3 years ago

Hello @perevoznyk. First of all I want to thank you for helping me. The NullReferenceException is fixed, your program is correctly generating another pdf but empty because I now have another exception at the same line (SignDetached).

Here is my query : PDFSIgner -i MyFile.pdf -o MyFileSigned.pdf -p XXXX

Here is the stack trace :

à iText.Signatures.PdfPKCS7.GetEncodedPKCS7(Byte[] secondDigest, CryptoStandard sigtype, ITSAClient tsaClient, ICollection1 ocsp, ICollection1 crlBytes) à iText.Signatures.PdfSigner.SignDetached(IExternalSignature externalSignature, X509Certificate[] chain, ICollection1 crlList, IOcspClient ocspClient, ITSAClient tsaClient, Int32 estimatedSize, CryptoStandard sigtype, SignaturePolicyIdentifier signaturePolicy) à iText.Signatures.PdfSigner.SignDetached(IExternalSignature externalSignature, X509Certificate[] chain, ICollection1 crlList, IOcspClient ocspClient, ITSAClient tsaClient, Int32 estimatedSize, CryptoStandard sigtype) à PDFSigner.Program.Main(String[] args) dans C:\Users\Admin\OneDrive - NetBee\Documents\PDFSIGN\PDFSigner\Program.cs:ligne 128 Unknown PdfException.

perevoznyk commented 3 years ago

Please use new version and check if you see the message "Problem with generation of non-repudiation signature. Check swelio32/64.dll version". In this case check which version of dll do you have with your application. It should be 1.18.6.0 You can also check that you don't have any other copies of swelio32/64.dll on your PC. I tested the current version with 7 different id cards with applet version 1.7 and 1.8 and in all cases I was able to sign pdf document.

perevoznyk commented 3 years ago

test1.pdf Here is a test file signed using id card with applet version 1.8

natan-ds commented 3 years ago

test1.pdf Here is a test file signed using id card with applet version 1.8

I get "Unknown pdf exception." I tried with Belfius & ING card reader. I can't figure out why..

Unknown PdfException.
à iText.Signatures.PdfPKCS7.GetEncodedPKCS7(Byte[] secondDigest, CryptoStandard sigtype, ITSAClient tsaClient, ICollection1 ocsp, ICollection1 crlBytes) à iText.Signatures.PdfSigner.SignDetached(IExternalSignature externalSignature, X509Certificate[] chain, ICollection`1 crlList, IOcspClient ocspClient, ITSAClient tsaClient, Int32 estimatedSize, CryptoStandard sigtype, SignaturePolicyIdentifier signaturePolicy) à PDFSigner.Program.Main(String[] args) dans C:\Users\Admin\OneDrive - NetBee\Documents\swelio-pdf-2.0\PDFSigner\Program.cs:ligne 127

perevoznyk commented 3 years ago

@natan-ds Please try https://github.com/perevoznyk/swelio-pdf/releases/tag/v2.2 release. If you have "Unknown pdf exception." then probably you have wrong version of swelio32.dll used. Take zip archive from tag "as-is" and repeat your test with it

natan-ds commented 3 years ago

@perevoznyk I tried with another card reader and it works perfectly.

Thank you for your great work and thank you for your help.

perevoznyk commented 3 years ago

@natan-ds In this case the problem can be in the card reader type. What is the difference between used card readers? Is some of it with keypad and another not? Or any other possibe difference? I will try to find out how it can be fixed.

natan-ds commented 3 years ago

Hi @perevoznyk, the difference is that I tried with bank card readers (which have an included eid reader digipass 870) like Belfius or ING. It works with eid readers.