2

I PDF signing problems with the latest iTextSharp 5. I know that version is already deprecated, but I must use the older one, because I need to use it in an environment, where no newer than .NET Framework v3.5 is allowed.

For singing documents, the clients may use software or hardware keys. We already used RSA signatures in our company, but now we have toimplement support for ECDsa keys too. That's why I tried to sign PDF files with iText's PrivateKeySignature class, and calling MakeSignature.SignDetached method.

When I use RSA key for signing a PDF, and try to verify signature with European Commission's DSS Demonstration App (https://ec.europa.eu/cefdigital/DSS/webapp-demo/validation), it has no issue with the signature, only that it not accepts the certificate issuer as a trusted CA. That's fine, because I use a test key generated by an internal CA for developer use only.

But if I use ECDSA key for signing a PDF, the DSS Demonstration App says "Signature is not intact.".

The code I use for signing:

AbstractPdfSigner pdfSigner = new PdfSigner();
pdfSigner.SignAsPkcs7Detached = false;
pdfSigner.SignMethod = "Hashed;
pdfSigner.SignReason = "The Quick Brown Fox Jumps Over The Lazy Dog";
pdfSigner.SignLocation = "Test Location";
pdfSigner.SignToNewRevision = true;

pdfSigner.TsaClientUrl = "https://bteszt.e-szigno.hu/tsa";
pdfSigner.TsaClientLogin = "teszt";
pdfSigner.TsaClientPwd = "teszt";
pdfSigner.TsaClientAuthenticationCertificate = null;

pdfSigner.EnableOcsp = false;
pdfSigner.OcspUrl = null;

pdfSigner.HashAlgorithmId = "SHA256";

pdfSigner.VisibleSignatureX1 = 10;
pdfSigner.VisibleSignatureY1 = 10;
pdfSigner.VisibleSignatureX2 = 250;
pdfSigner.VisibleSignatureY2 = 90;

string testPdf = "JVBERi0xLjQKJeLjz9MKMiAwIG9iago8PC9GVC9TaWcvVHlwZS9Bbm5vdC9TdWJ0eXBlL1dpZGdldC9SZWN0WzEwIDEwIDI1MCA5MF0vVChEU0lHKS9GIDQvUCAzIDAgUi9NSzw8L0JDWzAgMCAwXS9CR1sxIDEgMV0+Pi9BUDw8L04gMSAwIFI+Pi9EUjw8Pj4+PgplbmRvYmoKNCAwIG9iago8PC9UeXBlL0ZvbnQvQmFzZUZvbnQvSGVsdmV0aWNhL0VuY29kaW5nL1dpbkFuc2lFbmNvZGluZy9OYW1lL0hlbHYvU3VidHlwZS9UeXBlMT4+CmVuZG9iago1IDAgb2JqCjw8L1R5cGUvRm9udC9CYXNlRm9udC9aYXBmRGluZ2JhdHMvTmFtZS9aYURiL1N1YnR5cGUvVHlwZTE+PgplbmRvYmoKMSAwIG9iago8PC9UeXBlL1hPYmplY3QvU3VidHlwZS9Gb3JtL1Jlc291cmNlczw8Pj4vQkJveFswIDAgMjQwIDgwXS9Gb3JtVHlwZSAxL01hdHJpeCBbMSAwIDAgMSAwIDBdL0xlbmd0aCAyNi9GaWx0ZXIvRmxhdGVEZWNvZGU+PnN0cmVhbQp4nDPQM1UwAGIjY0sgaQ4iilIVghUAORcE5QplbmRzdHJlYW0KZW5kb2JqCjYgMCBvYmoKPDwvUHJvZHVjZXIoR1BMIEdob3N0c2NyaXB0IDguNjQ7IG1vZGlmaWVkIHVzaW5nIGlUZXh0U2hhcnCSIDUuNS4xMy4yIKkyMDAwLTIwMjAgaVRleHQgR3JvdXAgTlYgXChBR1BMLXZlcnNpb25cKSkvQ3JlYXRpb25EYXRlKEQ6MjAxMDA4MjYxNTU3MTcrMDInMDAnKS9Nb2REYXRlKEQ6MjAyMTExMzAxNDExMzUrMDEnMDAnKS9UaXRsZSj+/wBEAG8AYwB1AG0AZQBuAHQAMSkvQ3JlYXRvcij+/wBQAEQARgBDAHIAZQBhAHQAbwByACAAVgBlAHIAcwBpAG8AbgAgADAALgA5AC4AOCkvQXV0aG9yKP7/AG4AYQBnAHkAcABhAGwALgBnAGEAYgBvAHIpL0tleXdvcmRzKCkvU3ViamVjdCgpPj4KZW5kb2JqCjcgMCBvYmoKPDwvTGVuZ3RoIDM2MDAvVHlwZS9NZXRhZGF0YS9TdWJ0eXBlL1hNTD4+c3RyZWFtCjw/eHBhY2tldCBiZWdpbj0i77u/IiBpZD0iVzVNME1wQ2VoaUh6cmVTek5UY3prYzlkIj8+Cjx4OnhtcG1ldGEgeG1sbnM6eD0iYWRvYmU6bnM6bWV0YS8iIHg6eG1wdGs9IkFkb2JlIFhNUCBDb3JlIDUuMS4wLWpjMDAzIj4KICA8cmRmOlJERiB4bWxuczpyZGY9Imh0dHA6Ly93d3cudzMub3JnLzE5OTkvMDIvMjItcmRmLXN5bnRheC1ucyMiPgogICAgPHJkZjpEZXNjcmlwdGlvbiByZGY6YWJvdXQ9IiIKICAgICAgICB4bWxuczpwZGY9Imh0dHA6Ly9ucy5hZG9iZS5jb20vcGRmLzEuMy8iCiAgICAgICAgeG1sbnM6eG1wPSJodHRwOi8vbnMuYWRvYmUuY29tL3hhcC8xLjAvIgogICAgICAgIHhtbG5zOnhtcE1NPSJodHRwOi8vbnMuYWRvYmUuY29tL3hhcC8xLjAvbW0vIgogICAgICAgIHhtbG5zOmRjPSJodHRwOi8vcHVybC5vcmcvZGMvZWxlbWVudHMvMS4xLyIKICAgICAgcGRmOlByb2R1Y2VyPSJHUEwgR2hvc3RzY3JpcHQgOC42NDsgbW9kaWZpZWQgdXNpbmcgaVRleHRTaGFycOKEoiA1LjUuMTMuMiDCqTIwMDAtMjAyMCBpVGV4dCBHcm91cCBOViAoQUdQTC12ZXJzaW9uKSIKICAgICAgcGRmOktleXdvcmRzPSIoKSIKICAgICAgeG1wOk1vZGlmeURhdGU9IjIwMjEtMTEtMzBUMTQ6MTE6MzUrMDE6MDAiCiAgICAgIHhtcDpDcmVhdGVEYXRlPSIyMDEwLTA4LTI2VDE1OjU3OjE3KzAyOjAwIgogICAgICB4bXA6Q3JlYXRvclRvb2w9IlwzNzZcMzc3XDAwMFBcMDAwRFwwMDBGXDAwMENcMDAwclwwMDBlXDAwMGFcMDAwdFwwMDBvXDAwMHJcMDAwIFwwMDBWXDAwMGVcMDAwclwwMDBzXDAwMGlcMDAwb1wwMDBuXDAwMCBcMDAwMFwwMDAuXDAwMDlcMDAwLlwwMDA4IgogICAgICB4bXA6TWV0YWRhdGFEYXRlPSIyMDIxLTExLTMwVDE0OjExOjM1KzAxOjAwIgogICAgICB4bXBNTTpEb2N1bWVudElEPSI1Njk2Y2MxNi1iMzc1LTExZGYtMDAwMC1kZjY3YzU3NGM1NDUiCiAgICAgIHhtcE1NOkluc3RhbmNlSUQ9InV1aWQ6NTY5NmNjMTYtYjM3NS0xMWRmLTAwMDAtZGY2N2M1NzRjNTQ1IgogICAgICBkYzpmb3JtYXQ9ImFwcGxpY2F0aW9uL3BkZiI+CiAgICAgIDxkYzp0aXRsZT4KICAgICAgICA8cmRmOkFsdD4KICAgICAgICAgIDxyZGY6bGkgeG1sOmxhbmc9IngtZGVmYXVsdCI+XDM3NlwzNzdcMDAwRFwwMDBvXDAwMGNcMDAwdVwwMDBtXDAwMGVcMDAwblwwMDB0XDAwMDE8L3JkZjpsaT4KICAgICAgICA8L3JkZjpBbHQ+CiAgICAgIDwvZGM6dGl0bGU+CiAgICAgIDxkYzpjcmVhdG9yPgogICAgICAgIDxyZGY6U2VxPgogICAgICAgICAgPHJkZjpsaT5cMzc2XDM3N1wwMDBuXDAwMGFcMDAwZ1wwMDB5XDAwMHBcMDAwYVwwMDBsXDAwMC5cMDAwZ1wwMDBhXDAwMGJcMDAwb1wwMDByPC9yZGY6bGk+CiAgICAgICAgPC9yZGY6U2VxPgogICAgICA8L2RjOmNyZWF0b3I+CiAgICAgIDxkYzpkZXNjcmlwdGlvbj4KICAgICAgICA8cmRmOkFsdD4KICAgICAgICAgIDxyZGY6bGkgeG1sOmxhbmc9IngtcmVwYWlyIj4oKTwvcmRmOmxpPgogICAgICAgIDwvcmRmOkFsdD4KICAgICAgPC9kYzpkZXNjcmlwdGlvbj4KICAgIDwvcmRmOkRlc2NyaXB0aW9uPgogIDwvcmRmOlJERj4KPC94OnhtcG1ldGE+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKPD94cGFja2V0IGVuZD0idyI/PgplbmRzdHJlYW0KZW5kb2JqCjggMCBvYmoKPDwvVHlwZS9DYXRhbG9nL1BhZ2VzIDkgMCBSL01ldGFkYXRhIDcgMCBSL0Fjcm9Gb3JtPDwvRmllbGRzWzIgMCBSXS9EQSgvSGVsdiAwIFRmIDAgZyApL0RSPDwvRm9udDw8L0hlbHYgNCAwIFIvWmFEYiA1IDAgUj4+Pj4+Pj4+CmVuZG9iago5IDAgb2JqCjw8L1R5cGUvUGFnZXMvS2lkc1szIDAgUl0vQ291bnQgMT4+CmVuZG9iagozIDAgb2JqCjw8L1R5cGUvUGFnZS9NZWRpYUJveFswIDAgNTk1IDg0Ml0vUm90YXRlIDAvUGFyZW50IDkgMCBSL1Jlc291cmNlczw8L1Byb2NTZXRbL1BERi9UZXh0XS9Gb250IDEwIDAgUj4+L0NvbnRlbnRzIDExIDAgUi9Bbm5vdHNbMiAwIFJdPj4KZW5kb2JqCjExIDAgb2JqCjw8L0xlbmd0aCAyNzcvRmlsdGVyL0ZsYXRlRGVjb2RlPj5zdHJlYW0KeJxtUctORCEMjVu+ojthMQyFQstSk4lRJxrv4EbjaowmJncxn+gH+E/Cfc01EQJpTw+HwjmBs+jBtTkHx145uKnrU52U2NDGUFjHxx6ui9p2DCFB+VDO5pzJ81BEYGcFOLCtxV5pMOVLEVqCsm/Z5b9bsuyDRNiMzHf1qndm46yj7GJmvW9JluRkwX0KQd+vk2KcTdFhJt2ZDVomlqAfKyrCMQb9MKJVUt8atFjDPEuIxIT6eTpHXh/WOCz0qzW8aut7jf8s9KkR8TQxYuUQz+oZg1BVfyt3ClNoh4Y/iH78hOFJlFl4fvd4wZ/mXs6kYhJiE9t2AoiVcnbI+cmhEKmaQ1QtksGji+bRrqinOn8Bby9qfAplbmRzdHJlYW0KZW5kb2JqCjEyIDAgb2JqCjw8L0Jhc2VGb250L0hlbHZldGljYS9UeXBlL0ZvbnQvRW5jb2RpbmcgMTMgMCBSL1N1YnR5cGUvVHlwZTE+PgplbmRvYmoKMTQgMCBvYmoKPDwvQmFzZUZvbnQvS1BTSEJPK0NhbGlicmkvRm9udERlc2NyaXB0b3IgMTUgMCBSL1RvVW5pY29kZSAxNiAwIFIvVHlwZS9Gb250L0ZpcnN0Q2hhciAxL0xhc3RDaGFyIDEvV2lkdGhzWzIyNl0vRW5jb2RpbmcgMTcgMCBSL1N1YnR5cGUvVHJ1ZVR5cGU+PgplbmRvYmoKMTUgMCBvYmoKPDwvVHlwZS9Gb250RGVzY3JpcHRvci9Gb250TmFtZS9LUFNIQk8rQ2FsaWJyaS9Gb250QkJveFswIDAgNDg1IDYzMV0vRmxhZ3MgNC9Bc2NlbnQgNjMxL0NhcEhlaWdodCA2MzEvRGVzY2VudCAwL0l0YWxpY0FuZ2xlIDAvU3RlbVYgNzIvTWlzc2luZ1dpZHRoIDUwNi9Gb250RmlsZTIgMTggMCBSPj4KZW5kb2JqCjEwIDAgb2JqCjw8L1I3IDEyIDAgUi9SOCAxNCAwIFI+PgplbmRvYmoKMTggMCBvYmoKPDwvRmlsdGVyL0ZsYXRlRGVjb2RlL0xlbmd0aDEgMjE3NzIvTGVuZ3RoIDYwOTg+PnN0cmVhbQp4nO2ceViUVfvHz5kBBhiGGRAQHXEGR0gDxF1UkpFNETeEsRnc2MXciMUtUdJKwyzL9sVstaLy4dESbbOyfbFs37V9s2wvTfh9n+ee29Trffv9/niv6/11XTOHz3y/932WZz2H41UXQgohLKJFGMXUKcXpg4X+KZmIr+mVC8vrKJ72sxAys3JJo1O5Yd8BJN4XIrhXTd3chb/+OikC/nchwnrOXbC8htoPqUX77Nrq8qrPkzrPwnivIzm8FgnLfdG5QlhjEPetXdi4zH+82/FlW7C4spziofcK0Tt/YfmyusQc4zVon4Gkc1H5wmp/+4H46lG3uKHRH+/U6uvqq+vmbzd0or0Xw9uEMG0RonOzOPkzVZwjGnC9LeIisVFsFo+J90SFWAt3ndgq7hR3C0U8Lp4Tb4n/4KdzefBCEWHcJUJENyG6jnYd7rwTdARHnpTZjKhbkPOvTJet67vTct91bu6ydXaERItwva/FcADZn+TxrqOGLC3uGq7FhnXwVr3HD6Ytnds7t512D4pEqZghZopZokyU4/qrRK2YhzszXywQC8UiPVqEurn4rkE0B60q0Urzf7VaLOpAvWgUTWIJSh18gz/S6s7V4yaxFGWZWC5WiPPEStHs/16qZ1aiZoUeLwOrxGo8mfPFGt2xUmatuEBciKe2TqwXF/9tdPEJ1yo2iEvwnC8Vl/1bv/GUaBPK5eIKvA9XiqvE1eJavBc3iBtPy16j568XW8TNeGe0uquQuVl3Wu3D4mnxgLhfbBcP6veyEneN7gjflxr9HtbhHqzEFa496Yzp/i09cbdW4dq1a2v1X+ky5Nec1GOJ/z5qLdeiJY1Cz0Ebpfm0O7EJ10D+ryui6Cr9+v/KnnxX/i7L9+PGk+7MDXqkudOz/85fLW7CDLwF39pd1dyt8ORu1v3J+S0n2m7V49vE7eIOPIttumOlzJ3w28RdmNv3iDZxL8pf/mRHer+4T39yimgXqtghduJJPih2iQ49/3d1/yq/w59XT2R2iz3iIbwhj4q9WGmeQOHMI8g95s/u03MUPyGeRKy1ouhp8QxWqOfFC+JFsV88hehl/ftZRK+IA+I18Za0wL0qvsL3cfFK8KciUozFOr0H9/lGMVvMdo+rmjN71swZpT6vp6R4WtHUKZMnTSycUDB+XH5ebk72WHfWmLMyR48amTFi+LD0AWmp/ZKT+rr6OOJjomxWizk8LNQUEhxkNEiRmufKL3MqyWVKULJr/Pg0LXaVI1F+UqJMcSKVf2obxVmmN3Oe2tKNljWntXRTS/eJltLmzBSZaanOPJdTeSnX5eyQpUVe+I25Lp9TOaz7SboPStYDC4LERPRw5sXX5joVWebMU/KX1LbmleVivHZzeI4rpzo8LVW0h5thzXBKP1ddu+w3RurG0C9vVLtBhFq0wyrGpLzyKmVqkTcv156Y6NNzIkcfSwnJUUz6WM552jmLDc721L2tl3TYREVZSkSVq6p8plcxlqNTqzGvtXWdEpWi9HflKv1XfBqPS65WUl25eUqKC4MVTjtxAKkEJ9lcztZfBE7edfjbUzPl/kxIku0XoVntEk/cJtSzFzg3nCGuLzFRO5cNHW5RgUBpKfJS7BQVdlW401N8iqFMq9nLNbEeraaFa050L3Mlao8qr8z/s6Q2XmmpcKal4u7rP0n4Qb1TMSaXVVTWalpe3erKzaX7VuJV3Lkw7nL/tea1D0xH+/IyXMQ87TYUeZV0V50S48qmBkg4tWcwr9ird/F3U2JyFFFW6e+lpOflauflzGsty6UT1MZyFXl3iyFdB9uHOu07hoihwqedhxKXg4eSnNfqrapRHGX2KryfNU6vPVFx+3D7fC5vtU97Si6b0v8gDpeoH1HvhWs7rTU31q7clBTq9BrsRp/2tJBw5uPLlZ2JChselx5qTzQ70+mVdsHNcBR/C82dMg4CY1LOeK3KqHXNGW9P9CXS529Oye4/p+AkJfSksWxInDgnOs6/PTVqrZ1Qf2dede5JJ3jKoMH+E/SP9q/P06DdC/+B0SNUe5zjucqYhJmLnAHD6CntKcY7FTHV6XVVu3wuvEPuqV7t2rR7rT/fwmJXYVGpV3/a/rek5JSI6jMoUkQiqjkw5OAdzE+x82PV43F6fCIcf1p1AVc7W0NdhcWt2uAu/4DCiRmEiw5JLijfkBE9FFMzH6ubK7/c5bQ581vLO7paKlrb3e7Wuryy2lHaGK6CqlZXsTfTrp/rNG+zfYV2qGhRKAtLstNSsfZkt7vk+qJ2t1xfXOrdjQ2uc32JVzVIQ05Ztq+9L+q8u51CuPWsQctqSS1waoE20jQEoXp7+263EC16bZCe0OPKDin0XCjnpKjsMFDOxjkDckGUc+s57YOHFF+LW4zlNs9ZpT2elb7a1jKfNrlEHB4lfqQiXWOEYnCNaZeGkAgl3FWdrZhd2Vo+S8tnUT5Ey5vwYsg4iZujrUmtZS6sU3ihvMIu6VU0akM6O7q6SryJL9kP+xLxqs0EpV4lLAVrf3DSBLQbp1GG9DilpbJcOw/h8Wp9TUkFlT68tjwgmhQoYRghzD8CWuTrfbTXEZ0q8WzwAPX+LQiUFp/iS9EO6p3n019nmyLGu0bhsdOYwcnagdJ9rdGuwfrcxFQIT1qnSRjOTRR7KWNHiIP56CaZInDmlS5UVZY5cbeDRGUxXnVaS8PtlKnGkhiUXK0TbvdXCu2yjElmS7gSNgAD4kfz5gHalAxOMvl8dPJ6tM7fAMe2KWacUfJJt9LfAXcHVQXaueBnHU5Va/q4NkxRh5jmWoaVRTtpfSQTqhVLUkE5Fn/qb0bGlcGdQ7U1wuwfYx9lTdqVR+C+G5NKOrq2uZYnnvRJS3Vpvxy0F1PYd+PFFr7W0xPKjJS01NDTsxY93doaavnXHeh+hVpOqJZ05uG3Bhri38QholPIfeFbjx09ujXsWy1zyidIy1j7SKewYW9mwnywiXSBf51Gberq0mrVMKOzw3DBzrB4OQFmLZs1bM5n08JmNZtVbJrZrGRzHpsVbJazWcZmKZslbJrYNLJpYHMumzo2i9ksYrOQzQI289mcw2Yem1o2c9nUsKlmU8Wmkk0Fm3I2ZWzmsJnNZhabmWxmsCll42PjZXM2m+lsPGxK2BSzmcamiM1UNlPYTGYzic1ENoVsJrApYDOezTg2+Wzy2OSyyWGTzWYsGzebLDZj2JzFJpPNaDaj2Ixkk8FmBJvhbIaxGcpmCJvBbAaxGcgmnc0ANmlsUtmksDmTTX82/dicwSaZTRKbvmxcbPqwSWTjZONg05tNAptebOxserLpwSaeTXc2cWxi2cSw6cYmmk0UGxsbK5tINhY2EWzMbMLZhLEJZWNiE8ImmE0QGyMbAxvJRviN7GLTyeY4mz/ZHGNzlM0fbH5n8xubX9n8wuZnNj+x+ZHND2yOsPmezXdsDrP5ls03bL5m8xWbL9l8weZzNp+x+ZTNJ2w+ZnOIzUE2H7H5kM0HbN5n8x6bd9m8w+ZtNm+xeZPNG2xeZ/MamwNsXmXzCpv9bF5m8xKbF9m8wOZ5Ns+xeZbNM2yeZvMUm31snmTzBJvH2exl8xibR9k8wuZhNg+x2cNmN5sONrvYPMjmATY72exgo7JpZ6Ow2c7mfjb3sbmXTRube9jczeYuNtvY3MnmDja3s7mNza1sbmGzlc3NbLawuYnNjWxuYHM9m+vYXMvmGjZXs7mKzZVsNrO5gs3lbDaxuYzNpWw2srmEzQY2rWwuZrOezTo2F7G5kA1veyRveyRveyRveyRveyRveyRveyRveyRveyRveyRveyRveyRveyRveyRveyRveyRveyRve2Q9G97/SN7/SN7/SN7/SN7/SN7/SN7/SN7/SN7/SN7/SN7/SN7/SN7/SN7/SN7/SN7/SN7/SN7/SN7/SN7/SN7/SN7/SN7/SN7/SN7/SN7/SN7/SN7/SN7/SN7/SN7/SN7/SN72SN72SN72SN7tSN7tSN7tSN7tSN7tSN7tSN7tSN7tSN7tyJwdmsGuWe09xoE9s9o7FrKGovPV3qMgLRStJlml9o6ANFO0kuQ8khUky9WEsZBlakIOZCnJEpImqmukqIGknpLnqgnZkDqSxSSLqMlCkgUk89VeeZBzSOaR1JLMJalRe+VCqimqIqkkqSApJykjmUMym/rNomgmyQySUhIfiZfkbJLpJB6SEpJikmkkRSRTSaaQTCaZRDKRpJBkgmovgBSQjFftEyDjSPJVeyEkT7VPhOSS5JBkU91Y6ucmyaJ+Y0jOIsmklqNJRlH3kSQZJCNIhpMMo8GGkgyhUQaTDCIZSIOlkwygfmkkqSQpJGeS9CfpR3IGDZ1MkkRj9iVxkfShoRNJnNTPQdKbJIGkF4mdpKfaczKkB0m82nMKpDtJHCVjSWIo2Y0kmiSK6mwkVkpGklhIIqjOTBJOEkZ1oSQmkhC1x1RIsNqjCBJEYqSkgSJJInSRXSSdehN5nKI/SY6RHKW6Pyj6neQ3kl9JflHjSyA/q/HFkJ8o+pHkB5IjVPc9Rd+RHCb5luq+Ifmakl+RfEnyBcnn1OQzij6l6BOKPiY5RHKQ6j4i+ZCSH5C8T/IeybvU5B2K3iZ5S+1+NuRNtft0yBskr1PyNZIDJK+SvEJN9pO8TMmXSF4keYHkeWryHMmzlHyG5GmSp0j2kTxJLZ+g6HGSvSSPUd2jJI9Q8mGSh0j2kOwm6aCWuyh6kOQBkp0kO9S4LIiqxs2AtJMoJNtJ7ie5j+RekjaSe9Q4rNfybhrlLpJtVHcnyR0kt5PcRnIryS0kW0lupsG20Cg3kdxIdTeQXE9yHcm11OEaiq4muYrkSqrbTKNcQXI51W0iuYzkUpKNJJdQyw0UtZJcTLKeZB3JRWpsOeRCNbYCcgHJWjW2BrKG5Hw11gNpUWOxGMvVauxwyCqSZuq+kvqdR7JCja2CLKfuy0iWkiwhaSJpJGmgoeup+7kkdWpsJWQxDbaIWi4kWUAyn+QcknnUr5ZkLp1ZDXWvJqmilpUkFSTlJGUkc0hm00XPojObSTKDLrqUhvbRgbwkZ9PpTqcDeWiUEpJikmkkRWqMGzJVjdGOMEWN0V7vyWrMWsgkNSYNMpGaFJJMUGOwL5AFFI0nGUfJfDVmFSRPjVkHyVVjVkNy1JgWSLYanQ8ZS+ImySIZo0bj97s8i6JMNcoHGU0ySo3SXo2RJBlq1DjICDXKCxmuRpVChlHdUJIhalQqZDC1HKRGaRc2UI3S5mY6yQDqnkZHSCVJocHOJOlPg/UjOYMkmSRJjdLuUl8SF43Zh8ZMpMGcNIqDpDf1SyDpRWIn6UnSQ7XNgsSrttmQ7qptDiSOJJYkhqQbSTR1iKIONkpaSSJJLCQR1NJMLcMpGUYSSmIiCaGWwdQyiJJGEgOJJBHuLmuFQ6PTWuk4bq1y/Al/DBwFfyD3O3K/gV/BL+Bn5H8CP6LuB8RHwPfgO3AY+W/BN6j7GvFX4EvwBfg8cq7js8hax6fgE/AxOITcQehH4EPwAeL3oe+Bd8E74G3LfMdblkGON6FvWBY4XrckO14DB+BftaQ4XgH7wcuofwm5Fy0LHS/APw//HPyzlnMcz1jmOZ621Dqessx17EPfJzHeE+Bx4O7ai+/HwKPgkYhzHQ9H1Dseimhw7IlodOwGHWAX8g+CB1C3E3U7kFNBO1DAdvNyx/3mFY77zCsd95qbHW3mVY57wN3gLrAN3AnuMKc5bofeBm5Fn1ugW83zHTfDb4G/CdwIfwPGuh5jXYexrkXuGnA1uApcCTaDK9Dvcoy3KXyy47LwKY5Lw+c6Nobf4bgkfJvjQmOS4wJjhmOtzHCs8bR4zm9r8az2NHtWtTV7zM3S3GxvLmw+r7mt+b1md3RI+ErPCs95bSs8yz1LPcvalnr2GC4SNYYL3ZmeJW1NnqCmmKbGJuPPTbKtSeY2yYFN0iCabE3OJmNEo6fe09BW7xH1U+tb6pX6oNFK/cF6g6iX4R1de3fU23vnQ90r6y22/HM9iz11bYs9i2oWes7BCc7LmOupbZvrqcmo8lS3VXkqMyo85RllnjkZszyz22Z5ZmaUema0lXp8GV7P2Wg/PaPE42kr8RRnFHmmtRV5pmRM9kxGflJGoWdiW6FnQsZ4T0HbeM+4jHxPHi5e9LL1cvYy2rQTmNwLZyLsMnug3W0/aD9iDxJ2xb7Xboy29nT0NPS39pA5U3rIxT1W97ish9Eavz/e4I7vn5pv7b6/+0fdv+8e1M3dvf+AfBFni3PGGWO1a4ubVJKva1Yu6aBh+rVOinMl51tjpTXWEWvIc8RKEXUw6kiUMfYx236bwWqVVmuX1eC2ork10hFp0L66Io3uyEEj8q0Wh8WgfXVZjHFuCzLaiGdETC3Jt5odZoMnyzzFbHCbs3Ly3ea0gfnCKJ1SCmmDGEO1s5CxjnzM6x1xMlji93l7SXFKSmFHqJhWqIROnaHI9UpSsfbtLipVQtYrwlM6w9su5aW+dmnIKVFitP/qq8cXbtwoshMKlYRir7I1wVeotMC4NdMFIxLa40S2L2V2Q1NDSkrjbHzNbmhM0X8QySYtStGS2k9DI2KtNOmxSPnbDzWDzGnAp5GTjX/f6//7R/63T+Cf/2kX2v+oMLbLcIGoMqwFa8D5oAWsBqtAM1gJzgMrwHKwDCwFS0ATaAQN4FxQBxaDRWAhWADmg3PAPFAL5oIaUA2qQCWoAOWgDMwBs8EsMBPMAKXAB7zgbDAdeEAJKAbTQBGYCqaAyWASmAgKwQRQAMaDcSAf5IFckAOywVjgBllgDDgLZILRYBQYCTLACDAcDANDwRAwGAwCA0E6GADSQCpIAWeC/qAfOAMkgyTQF7hAH5AInMABeoME0AvYQU/QA8SD7iAOxIIY0A1EgyhgA1YQCSwgAphBOAgDocAEQkAwCBrbhW8jMAAJhKiSyMlOcBz8CY6Bo+AP8Dv4DfwKfgE/g5/Aj+AHcAR8D74Dh8G34BvwNfgKfAm+AJ+Dz8Cn4BPwMTgEDoKPwIfgA/A+eA+8C94Bb4O3wJvgDfA6eA0cAK+CV8B+8DJ4CbwIXgDPg+fAs+AZ8DR4CuwDT4InwONgL3gMPAoeAQ+Dh8AesBt0gF3gQfAA2Al2ABW0AwVsB/eD+8C9oA3cA+4Gd4Ft4E5wB7gd3AZuBbeAreBmsAXcBG4EN4DrwXXgWnANuBpcBa4Em8EV4HKwCVwGLgUbwSVgA2gFF4P1YB24CFwoqsa2SMx/ifkvMf8l5r/E/JeY/xLzX2L+S8x/ifkvMf8l5r/E/JeY/xLzX2L+S8x/ifkv6wHWAIk1QGINkFgDJNYAiTVAYg2QWAMk1gCJNUBiDZBYAyTWAIk1QGINkFgDJNYAiTVAYg2QWAMk1gCJNUBiDZBYAyTWAIk1QGINkFgDJNYAiTVAYg2QWAMk5r/E/JeY/xJzX2LuS8x9ibkvMfcl5r7E3JeY+xJzX2Lu/7fX4X/4x/ffPoF/+Cd+zmwRLERng/FAcKQwCpMYKSaJyWLGw8KCVzpOjJIPPBCbmxuaZnoUr6tBOPHChwopc9zWIINlV8+eWa5dw0I2GqMK8I/3nVmmjVjKs45/ePzl9OMfHo4emX5Ypn9w6MNDth9ejhqZPuTQ64cGDZRRiVE6MZEGkykmxNVngGHYGcnDhwwZPMYwbGiyq0+kQc8NHT5ijHHI4N4GYwxnxhi0WBoP/FlqnHI8xLDKlTV9SHDvntYYS0iwoVd8dFpmkq14RlLmgAST0RRiDA419RuR3adwQV6fd01RCbFxCdGhodEJcbEJUabj7wVHHv0xOPJYTtCCY1caQ0bPzOprvDY81BAUEtLRO77HmaMTC6Zbu9mCzN1sUXGhpuioiH65M49fFNtLG6NXbCyNdXyS/v9d3RIogRIogRIogRIogRIogRIogRIogRIogRIogRIogRIogRIogRIogRIogRIogeIv2sfg/4seMcKoiewJQmCM/6E/+PhP/QSJPvq3/vdNjsiuLv5GHCTo/kgRjftnENofSTEJkVO+YF5F/Tyh1wi5SQSL0P/j0U5rd0Qc6Tol4f+rK0GRfyH3i//9KWn9grd0tCvb98yxZv4ietCBHvpm5YuaPtXn2hXHjh7fEPat6UGEYfq14PM/0pwOBAplbmRzdHJlYW0KZW5kb2JqCjEzIDAgb2JqCjw8L1R5cGUvRW5jb2RpbmcvRGlmZmVyZW5jZXNbMTkzL0FhY3V0ZSAyMDUvSWFjdXRlXT4+CmVuZG9iagoxNiAwIG9iago8PC9GaWx0ZXIvRmxhdGVEZWNvZGUvTGVuZ3RoIDE1OD4+c3RyZWFtCnicXU8xDsMgDNx5hX8ApGuUJV0ytKrafoAYEzHEIEKG/r6BJB06nKXz3cln2Q/XgX0G+UgBX5TBebaJlrAmJBhp8ix0A9ZjPlidOJsoZH8z8f2JBJuB3M7vZib51Je60XsGg6UlGqRkeCLRKtW1znWC2P5JR2B0p1N3O1Sjqv9USrR0OE8CrikR51q0FikFPNPvlxhiScEG8QXpEVLmCmVuZHN0cmVhbQplbmRvYmoKMTcgMCBvYmoKPDwvVHlwZS9FbmNvZGluZy9CYXNlRW5jb2RpbmcvV2luQW5zaUVuY29kaW5nL0RpZmZlcmVuY2VzWzEvZzNdPj4KZW5kb2JqCnhyZWYKMCAxOQowMDAwMDAwMDAwIDY1NTM1IGYgCjAwMDAwMDAzMzAgMDAwMDAgbiAKMDAwMDAwMDAxNSAwMDAwMCBuIAowMDAwMDA0NzMwIDAwMDAwIG4gCjAwMDAwMDAxNTYgMDAwMDAgbiAKMDAwMDAwMDI1NCAwMDAwMCBuIAowMDAwMDAwNTExIDAwMDAwIG4gCjAwMDAwMDA4NTkgMDAwMDAgbiAKMDAwMDAwNDUzNCAwMDAwMCBuIAowMDAwMDA0Njc5IDAwMDAwIG4gCjAwMDAwMDU2NTMgMDAwMDAgbiAKMDAwMDAwNDg3OSAwMDAwMCBuIAowMDAwMDA1MjI0IDAwMDAwIG4gCjAwMDAwMTE4NzUgMDAwMDAgbiAKMDAwMDAwNTMwNCAwMDAwMCBuIAowMDAwMDA1NDY2IDAwMDAwIG4gCjAwMDAwMTE5NDUgMDAwMDAgbiAKMDAwMDAxMjE3MSAwMDAwMCBuIAowMDAwMDA1Njk0IDAwMDAwIG4gCnRyYWlsZXIKPDwvU2l6ZSAxOS9Sb290IDggMCBSL0luZm8gNiAwIFIvSUQgWzw0ZDRjMzExZGQ2YTY3OTBmNGUxYTlhYWI4MmNiZThmYT48ZjU4OTA3MWEyZTdhMDljNDAzNzZhMzg3Yzg3MDFjMTE+XT4+CiVpVGV4dC01LjUuMTMuMgpzdGFydHhyZWYKMTIyNTMKJSVFT0YK";
pdfSigner.InputPdfBuffer = Convert.FromBase64String(testPdf);

Status status = pdfSigner.Sign(this.Handle, null);

The classes I use are here: https://gist.github.com/azure-hu/822229714a6ca896682bbb903e1b1ecf, but the same happened even if I tried to use examples provided by iText. (for example: https://kb.itextsupport.com/home/it5kb/examples/digital-signatures-chapter-2#Digitalsignatures-chapter2-c2_01_signhelloworld)

Is there anything I miss when creating ECDsa signed PDF files? Maybe iTextSharp 5 only able to sign PDF files with RSA or DSA keys?

azur3
  • 23
  • 2
  • 1
    Can you share the signed output? IIRC iText5 doesn't set the signature algorithm OID correctly when signing with ECDSA. – mval Nov 30 '21 at 14:00

1 Answers1

1

Just like @mval mentioned in a comment, iText uses the public key algorithm OID as signature algorithm OID.

In case of RSA that is ok as here the same OID is specified for a RSA key and for RSASSA (with PKCS#1 v1.5 padding).

This is not the case for ECDSA, so eSignature DSS complains. Adobe Acrobat (Reader) on the other hand is very lax. It actually ignores the signature algorithm OID field, you could even have an ECDSA signature with the RSA OID in that field and the current Acrobat wouldn't complain.

To fix this use an IExternalSignatureContainer implementation instead of an IExternalSignature implementation and call MakeSignature.SignExternalContainer instead of MakeSignature.SignDetached. In your IExternalSignatureContainer implementation you can use BouncyCastle or Windows Crypto API classes to create a CMS signature container.

Other questions related to incorrect signature algorithm OIDs in respect to iText:

mkl
  • 90,588
  • 15
  • 125
  • 265
  • I've uploaded an output here: https://drive.google.com/file/d/1pFA4vv-5d7aNl-GQQY5D-Q5S4XXL2C5i/view This is the first time I have to work with signatures, so I'm not completely sure how to implement `IExternalSignatureContainer` interface's `Sign` function. Which class could be the closest example? – azur3 Dec 01 '21 at 08:40
  • Just to confirm @mkl's assessment: looking at your file, the problem is exactly as mkl described. The signature container identifies the signature algorithm with the OID 1.2.840.10045.2.1, which is the identifier for ECDSA public keys. In this case, you need 1.2.840.10045.4.3.2, which is the correct OID for "ECDSA signing with SHA-256". – mval Dec 01 '21 at 13:38
  • 1
    Thank you @mval and @mkl! Without your help, I may never found out that my only problem was the wrong OID of ECDSA. I've created two new classes based on the original ones in iText. The first one is `PdfPKCS7Mod`, which only differs in the `SetExternalDigest` method. The other one is `MakeSignatureMod`, which only has `SignDetached`methods implemented, and uses my `PdfPKCS7Mod` class, where the original one used `PdfPKCS7`. All files will be uploaded into the gist from the question. – azur3 Dec 02 '21 at 11:35