Hi,

I am having trouble digitally signing a pdf hash. This is the implementation and the solution I have found, which is based on Bruno Lewagie's Digital Signatures for PDF Documents. The idea is to sign the PDF hash to avoid taking it to the client.

This is the solution I have come up with:

1. An Applet Java with which I instance a token, get it, and then access it.

2. A servlet java I use to get the hash of the PDF I want to sign. I calculate the hash with the public key I got from the applet. After getting this hash, I send it to the applet (client) to get it signed.

The applet signs the resulting PDF hash and then returns it to the servlet to be inserted in the resulting PDF and saved in a given directory.

At first, it seemed to work out all right, but after completing the process and opening the PDF with any reader, I get the following error: "Internal cryptografic error. Error code: 0x2727".

It is worth mentioning that when I creat a PDF and sign it only with the applet, the signature is correctly validated.

Code:

Applet that interacts with the token and invokes the servlet ->

Servlet that after having received the public key of the certificate (sent by the applet) reads a PDF and calculates its hash to return it to the applet.

After signing the PDF the servlet is invoked once again from the applet to insert the signed hash in the resulting PDF -->

These are the versions of the libraries I used:

itextpdf -> 5.5.6

bcprov.jdk15on.1.54

jdk1.7