EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Code for PDF signing

Also by EldoS: BizCrypto
Components for BizTalk® and SQL Server® Integration Services that let you securely store and transfer information in your business automation solutions.
#21310
Posted: 09/05/2012 14:13:00
by Zdenek Mukensnabl (Priority Standard support level)
Joined: 09/05/2012
Posts: 15

Hi,
I have following code in C++ Builder XE for sign PDF document with certificate on token, but I have two problem:
1) When I exit from my application I got Access violation error.
2) When I open PDF document that is already signed, when I call PDFDocument->Open(F) I got error "Invalid ASN.1 sequence.".

Code
    // opening the PDF file
    bool Success = false;
    TFileStream* F = new TFileStream("c:\\test.pdf", fmOpenReadWrite | fmShareDenyWrite);
    try
    {
        try
        {
            // opening the document
            PDFDocument->Open(F);

            TElPKCS11SessionInfo *xSession;
            try
            {
                // checking if the document is already encrypted
                if (PDFDocument->Encrypted)
                {
                    MessageDlg("Cannot sign the encrypted document", mtError, TMsgDlgButtons()<<mbOK, 0);
                    return;
                }
                // adding the signature and setting up property values

                int Index = PDFDocument->AddSignature();
                TElPDFSignature* Sig = PDFDocument->Signatures[Index];
                Sig->Handler = PublicKeyHandler;
                Sig->AuthorName = "Author Name";
                Sig->SigningTime = UTCNow();
                // configuring signature type
                Sig->Invisible = false;

                TokenCertStorage->DLLName = "eTPKCS11.dll";
                TokenCertStorage->Open();

                TElPKCS11Module *xModule = TokenCertStorage->Module;

                int xSlotIndex;
                for (int i=0; i<xModule->SlotCount; i++)
                {
                  TElPKCS11SlotInfo *xSlotInfo = xModule->Slot[i];
                  if (xSlotInfo->TokenPresent)
                    xSlotIndex = i;
                }


                xSession = TokenCertStorage->OpenSession(xSlotIndex, true);
                xSession->Login(utUser, "7931");

                TElX509Certificate *Cert = TokenCertStorage->Certificates[0];


                CertStorage->Clear();
                CertStorage->Add(Cert, true);



                PublicKeyHandler->CertStorage = TokenCertStorage;

                // allowing to save the document
                Success = true;
            }
            __finally
            {
                // closing the document
                PDFDocument->Close(Success);

                xSession->Logout();
                TokenCertStorage->Close();

            }
        }
        __finally
        {
              delete F;
        }
    }
    catch(Exception &e)
    {
        MessageDlg((AnsiString)"Error: " + e.Message, mtError, TMsgDlgButtons()<<mbOK, 0);
        Success = false;
    }
#21311
Posted: 09/06/2012 01:21:44
by Eugene Mayevski (EldoS Corp.)

Please check if the sample works with your PDF and find the differences in sample code and your code.

Basic support level doesn't include working with user code.


Sincerely yours
Eugene Mayevski
#21314
Posted: 09/06/2012 04:28:14
by Zdenek Mukensnabl (Priority Standard support level)
Joined: 09/05/2012
Posts: 15

OK, but can you tell me that is possible open signed PDF document with one signature or is it any bug?

Thanks
#21315
Posted: 09/06/2012 04:33:09
by Vsevolod Ievgiienko (EldoS Corp.)

Yes its possible to open such documents if they are not corrupted or malformed. You can try to skip the exception because it could be an internal one that is caught inside SBB code.
#21316
Posted: 09/06/2012 04:33:10
by Eugene Mayevski (EldoS Corp.)

Please run the sample and see if the sample can open the PDF document.

Of course, PDFBlackbox can be used to open signed documents and validate signatures. However, there's many third-party software that generates broken PDFs. While our parser tries to be tolerant to invalid PDF, it's not always possible to handle any broken document. So it's likely that there's an issue in the signature.

BTW do you get the same ASN.1 error when running the application NOT from the IDE? It's possible that the exception is handled internally but IDE stops on it.


Sincerely yours
Eugene Mayevski
#21319
Posted: 09/06/2012 06:00:22
by Zdenek Mukensnabl (Priority Standard support level)
Joined: 09/05/2012
Posts: 15

Hi,
thanks for answer, execpetion on opening signed PDF document is realy in IDE environment and not show in runtime. What is it exception? Can I suppress this exception? I solved my second problem too.
#21320
Posted: 09/06/2012 06:05:11
by Vsevolod Ievgiienko (EldoS Corp.)

You can add this exception to the ignore list in the IDE. This can be done using Tools -> Options -> Debugger Options -> Embarcadero Debuggers -> Language Exceptions.
#21321
Posted: 09/06/2012 07:14:02
by Zdenek Mukensnabl (Priority Standard support level)
Joined: 09/05/2012
Posts: 15

Hi,
thanks, I have a problem with adding timestamp in PDF document while signing PDF document. I set following property TSAClient of PublicKeyHandler, but when I open sifned PDF docuemnt in Ac┼Ľobat signature has only local timestamp and not timestamp from timestamp server?

HTTPSClient->RequestParameters->Username = "demoTSA";
HTTPSClient->RequestParameters->Password = "demoTSA2010";

HTTPTSPClient->HTTPClient = HTTPSClient;
HTTPTSPClient->URL = "https://www.postsignum.cz/DEMOTSA/TSS_user/";
HTTPTSPClient->HashAlgorithm = SB_ALGORITHM_DGST_SHA1;
PublicKeyHandler->TSPClient = HTTPTSPClient;


Thanks
#21322
Posted: 09/06/2012 07:15:27
by Eugene Mayevski (EldoS Corp.)

Please check if the sample works for you.


Sincerely yours
Eugene Mayevski
#21325
Posted: 09/06/2012 07:44:20
by Zdenek Mukensnabl (Priority Standard support level)
Joined: 09/05/2012
Posts: 15

Hi,
I found only sample TinySigner for C++ Builder XE, but this sample have no timestamping of PDF document, only signing. In Delphi directory is too TinySigner with timestamping but this code I cannot compile.

It's my code right, can I set any other property?

Thanks
Also by EldoS: Solid File System
A virtual file system that offers a feature-rich storage for application documents and data with built-in compression and encryption.

Reply

Statistics

Topic viewed 4642 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!