External signature on a smart card

Previous Topic Next Topic
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

External signature on a smart card

This post has NOT been accepted by the mailing list yet.
This post was updated on .
I am using a smart card that is signing a SHA-1 hash of a document, and compute a 256 bytes digital signature.

I am using one of the example I've found. My problem is that I get the error:" The document has been altered or corrupted since the signature was applied".

I am using a GUI to create the hash and then send the signed 256 bytes that is computed on the card to the signing functions
Here is my code:

hash creating code of filepath pdf document:

 SHA1CryptoServiceProvider sha1 = new SHA1CryptoServiceProvider();
            SHA256 sha2 = SHA256.Create();
            byte[] pdfBytes = System.IO.File.ReadAllBytes(filePath);
            byte[] hash = null;
          hash=  sha1.ComputeHash(pdfBytes);

class PdfSignature
        private string outputPdfPath;
        private string certPath;
        byte[] messageDigest;
        private string inputPdfPath;
        public PdfSignature(byte[] messageDigest, string inputPdfPath,string outputPdfPath)
            this.messageDigest = messageDigest;
            this.outputPdfPath = outputPdfPath;
            this.inputPdfPath = inputPdfPath;

        public void setCertPath(string certPath)
            this.certPath = certPath;

        public void signPdf()
            X509Certificate2 cert = new X509Certificate2();
            cert.Import(certPath); // .cer file certificate obtained from smart card
            X509CertificateParser certParse = new Org.BouncyCastle.X509.X509CertificateParser();
                       Org.BouncyCastle.X509.X509Certificate[] chain = new Org.BouncyCastle.X509.X509Certificate[3] ;
            chain[0] = certParse.ReadCertificate(cert.RawData);
            X509Certificate2[] certs;
            PdfReader reader  = new PdfReader(inputPdfPath);
            FileStream fout = new FileStream(outputPdfPath,FileMode.Create);
            PdfStamper stamper = PdfStamper.CreateSignature(reader, fout, '\0',null,true);
            PdfSignatureAppearance appearance = stamper.SignatureAppearance;
            appearance.SignatureCreator = "Me";
            appearance.Reason = "Testing iText";
            appearance.Location = "On my Laptop";
            iTextSharp.text.Rectangle rec = new iTextSharp.text.Rectangle(50, 50, 250, 100);
            appearance.SetVisibleSignature(rec, 1, "Signature");
           IExternalSignature extSignature= new MyExternalSignature("SHA-1",this.messageDigest);
            MakeSignature.SignDetached(appearance, extSignature, chain, null, null, null, 0, CryptoStandard.CMS);

    class MyExternalSignature :  IExternalSignature
         private String hashAlgorithm;
    private String encryptionAlgorithm;
        private byte[] digestBytes;

        public MyExternalSignature(String hashAlgorithm, byte [] digest)
        this.encryptionAlgorithm = "RSA";
        this.hashAlgorithm = DigestAlgorithms.GetDigest(DigestAlgorithms.GetAllowedDigests(hashAlgorithm));
        digestBytes = digest;

    public virtual byte[] Sign(byte[] message) {

        return digestBytes;

    public virtual String GetHashAlgorithm() {
        return hashAlgorithm;

    public virtual String GetEncryptionAlgorithm() {
        return encryptionAlgorithm;