Digital Signatures using JSONP across Domains
Currently using Apex 3.2.1 through OHS. Not that that really matters in this instance, it would probably work the same in Apex 4.
I have working code to digitally sign an apex web form. The user presses a "Digitally Sign" button on the page, and an ondemand process runs the pl/sql package to read in the required CGI variables and create a signature string (similar to what you may see on a digitally signed PDF file), then saves that string to the database to mark that form as being digitally signed.
However, the web server that is running this code must be setup to require user certificates in order for this to work. Instead, what I would like to do is make a call to our login server which is already setup to require user certificates, and get the digital signature from there instead.
So far, I have created a mod_plsql call on the login server which I can access via a URL to return the signature, but what I don't know how to do is call that URL from an Apex page on the normal server? From my research, I'm thinking this is going to need to use JSONP because it would require cross domain communication. Am I going in the right direction here? I don't know a thing about JSON, and I'm not sure where to start.
Can anyone provide any guidance?
Thanks,
Kris
Anybody have any guidance on how to handle this?
Thanks!
Similar Messages
-
I am unable to sign with Digital signature using a .PFX file. The button does not appear.
When I try to sign with a Digital signature using a .PFX file, the button to select the signature does not appear. I have JAVE SE 7 U11 10.11.2.21 platform in my add ons and JAVA Consol 6.0.33 and 6.0.35 in my extentions.
This problem is not encountered in Crome or IE-8
ASHISHRegarding your first question about bookmarks, I think you discovered the answer in when you pressed the address bar. The second tab there has your bookmarks.
As for the keyboard, I'm not sure why your Firefox is reacting so slowly; mine seems to show keyboards even when I don't want them. If you have accumulated a lot of history, perhaps that's an issue?
Did you use any third party software to move your Firefox data from internal memory to the storage card? -
Digital Signature using acrobat x
I've made a form and included a field for a digital signature. I saved it as user enabled but it still won't let someone using reader only sign the document. I need help with this.
Seriously? Wow. Ok. Thanks. This is the product that was purchased for me through work so I'm stuck I guess.
-
Verifying a Digital Signature using message digest
Hi, i am new to java.
I have a Digitally signed document, i wanna verify this signed document against the original one.
i got the idea from this link:
http://help.sap.com/saphelp_45b/helpdata/en/8d/517619da7d11d1a5ab0000e835363f/content.htm
i signed a pdf doc with my SmartCard. the third party signing tool passed me the PKCS7 digital signature and i stored it in database. the problem arose when i retrieved this digital signature from DB and verified against the original doc using the message digest method. the base64 result strings are always not equal.
I am sure about this:
-the retrieved digital signature was GOOD.
-the original doc was GOOD.
but why i can't get the same 2 message digests? can somebody please help?
below is part of my code:
while (rsetDs.next())
InputStream DSName2 = rsetDs.getBinaryStream(1);
ByteArrayOutputStream byteStream = new ByteArrayOutputStream();
byte[] myByte = Base64.decode(byteStream.toString());
ByteArrayInputStream newStream = new ByteArrayInputStream(myByte);
CertificateFactory cf = CertificateFactory.getInstance("X.509");
Collection c = cf.generateCertificates(newStream2);
Iterator i = c.iterator();
while (i.hasNext())
Certificate cert = (Certificate)i.next();
X509Certificate cert1 = (X509Certificate)cert;
try
java.security.MessageDigest md = java.security.MessageDigest.getInstance("MD5");
/*=============DB MD (BEGIN)==================*/
byte [] pubkeyByte = cert1.getPublicKey().getEncoded();
md.update(myByte);
md.update(pubkeyByte);
byte[] raw = md.digest();
String db_md = Base64.encode(raw);
/*============DB MD (end)============*/
/*=============PDF MD (BEGIN)==================*/
DataInputStream m_disFile = new DataInputStream(new FileInputStream("C:\\" + "original_doc.pdf"));
int m_iNum = m_disFile.available();
byte[] msgBytes = new byte[m_iNum];
m_iNum = m_disFile.read(msgBytes, 0, m_iNum);
md.update(msgBytes);
byte[] digestMd = md.digest();
md.reset();
String pdf_md = Base64.encode(digestMd);
/*=============PDF MD (END)==================*/
..thanks in advance.PKCS#7 SignedData objects are far more complex then it looks like you are taking them. First the PKCS#7 SignedData object will contain the OID for the message digest algorithm used and for the encryption algorithm used. From the looks of your code you are simply assuming MD5.
It also contains all of the data that was signed which is typically much more than just the document. It also of course contains the public keys and signatures which singed the document. In your case it will probably only have one public certificate and one signature.
Also note that a signature is an encrypted hash. Looking at your code I do not see you use encryption at all or rather for verification decryption.
Here is the basic process a signature takes.
MessageDigest md = MessageDigest.getInstance(algOID);
byte[] digest = md.digest(message.getBytes(charEncoding));
Cipher c = Cipher.getInstance("RSA/2/PKCS1Padding");
c.init(Cipher.ENCRYPT_MODE, priKey);
byte[] signature = c.doFinal(digest);Note that the resulting byte array is not the message digest but the encrypted message digest. You must use the corresponding public key to decrypt the signature to get the message digest value. It is because the trusted public key can decrypt the correct message digest that we know it was encrypted by the holder of the private key. It is because the decrypted message digest value is equal to my computed message digest value that we know the document has not be altered...
Now PKCS#7 SignedData does not take the message digest of the document, in your case your PDF. It creates a message digest on an ASN.1 object which includes the bytes of your document plus a bunch of meta data.
For more info on the exact format of a PKCS#7 signature file check out
http://www.rsasecurity.com/rsalabs/pkcs/pkcs-7/index.html
Look through this doucment for SignedData as a starting place and follow through all of the sub objects that make up a SignedData object. This will give you an idea of what is involved. -
Unable to add digital signatures using Adobe LCES Digital Security
I have tried running the Sample Java code to add digital signature fields and add signatures. I am getting errors. The log file shows:
com/adobe/idp/Context
Jan 2, 2009 4:00:14 PM com.adobe.livecycle.signatures.common.CommonBaseException logException
SEVERE: ALC-DSS-300-000 Generic SignaturesBaseException (in the operation : addSignatureField)
Caused By: com/adobe/idp/Context(EjbMessageDispatcher.java163)
Caused By: com/adobe/idp/Context(Class.java-2)
ALC-DSS-300-000 Generic SignaturesBaseException (in the operation : addSignatureField)
Caused By: com/adobe/idp/Context(EjbMessageDispatcher.java163)
Caused By: com/adobe/idp/Context(Class.java-2)
com.adobe.livecycle.signatures.client.SignatureServiceClient.addSignatureField(SignatureSe rviceClient.java:342)
apple.AddSignatureField.main(AddSignatureField.java:53)
Caused By: com.adobe.idp.dsc.DSCException
com.adobe.idp.dsc.provider.impl.ejb.EjbMessageDispatcher.doSend(EjbMessageDispatcher.java: 163)
com.adobe.idp.dsc.provider.impl.base.AbstractMessageDispatcher.send(AbstractMessageDispatc her.java:57)
com.adobe.idp.dsc.clientsdk.ServiceClient.invoke(ServiceClient.java:208)
com.adobe.livecycle.signatures.client.SignatureServiceClient.addSignatureField(SignatureSe rviceClient.java:324)
apple.AddSignatureField.main(AddSignatureField.java:53)
Has anyone worked with the JAVA API to add digital signatures on to a PDF file using Adobe LiveCycle ES 8.2? If yes please let me know.
- RaghaThis was traced back to one of the ini files still having a folder name from the last instance installed (i.e. SERVER6).
So it is fixed -
Add Digital Signature Using C# and Acrobat SDK
Hi everybody!
Please, how can I digitally sign PDF documents using Acrobat Professional 8 API and C# language?
I know that I need use JavaScript APIs (IAC) but I can't find anything really helpful in the Acrobat SDK Documentation. Could anyone post a sample of how use javascript manipulation inside C# (Framework 2.0), or give me a direction?
Thank in advance!Hi Felipe,
when i am signing the document.
I believe i am missing something in my code. After executing the code to sign, when i open it i get "The following signature fields are not signed".
Please let me know where i m doing wrong?
Here is my VB.NET Code
Dim gapp As Acrobat.CAcroApp
Dim gpddoc As Acrobat.CAcroPDDoc
Dim jso As Object
gapp = CreateObject("acroexch.app")
gpddoc = CreateObject("acroexch.pddoc")
If gpddoc.Open("C:\Test1.pdf") Then
jso = gpddoc.GetJSObject()
jso.SetUserPassword("'testpassword12'")
'jso.ShowMyMessage("SetUserDigitalIDPath")
jso.SetUserDigitalIDPath("'c:\\DrTest.pfx'")
jso.app.execMenuItem("ADBESDK:AddSignature")
jso.AddSignature(jso)
gapp.Show()
and here is the javascript
// password to use the digital signature
var sigUserPwd = "UNKNOWN";
// to test the sample without user input, specify:
// var sigUserPwd = "testpassword";
// path to the digital signature file
var sigDigitalIDPath = "UNKNOWN";
// to test the sample without user input, specify:
//var sigDigitalIDPath = "/C/DrTest.pfx";
// other variables the user can modify
var sigHandlerName = "Adobe.PPKLite";
var sigFieldname = "sdkSignatureTest";
var sigReason = "I want to test my digital signature program.";
var sigLocation = "San Jose, CA";
var sigContactInfo = "[email protected]";
/* Add a menu item for AddSignature */
app.addMenuItem( { cName: "ADBESDK:AddSignature", cUser: "Add My Signature", cParent: "Advanced",
cEnable: "event.rc = (event.target != null);",
cExec: "AddSignature(event.target)" });
// main function
AddSignature=app.trustedFunction(function (doc)
app.beginPriv(); // explicitly raise privilege
// if sigDigitalIDPath is not spcified, ask for user input
if(sigDigitalIDPath == "UNKNOWN"){
var cResponse = app.response({
cQuestion: "Input your digital ID path:",
cTitle: "Digital Signature",
cDefault: "/C/DrTest.pfx",
if ( cResponse == null) {
app.alert("No input.");
return;
else
SetUserDigitalIDPath(cResponse);
// if sigUserPwd is not spcified, ask for user input
if(sigUserPwd == "UNKNOWN"){
var cResponse = app.response({
cQuestion: "Input your password:",
cTitle: "Digital Signature",
cDefault: "testpassword",
if ( cResponse == null) {
app.alert("No input.");
return
else
SetUserPassword(cResponse);
// create a new signature field
var signatureField = AddSignatureField(doc);
// sign it
if(signatureField) Sign(signatureField, sigHandlerName);
app.endPriv();
// create a signature field in the upper left conner with name of sigFieldname
function AddSignatureField(doc)
var inch=72;
var aRect = doc.getPageBox( {nPage: 0} );
aRect[0] += 0.5*inch; // from upper left hand corner of page.
aRect[2] = aRect[0]+2*inch; // Make it 2 inch wide
aRect[1] -= 0.5*inch;
aRect[3] = aRect[1] - 0.5*inch; // and 0.5 inch high
var sigField = null;
try {
sigField = doc.addField(sigFieldname, "signature", 0, aRect );
} catch (e) {
console.println("An error occurred: " + e);
return sigField;
// define the Sign function as a privileged function
Sign = app.trustedFunction (
function( sigField, DigSigHandlerName )
try {
app.beginPriv();
var myEngine = security.getHandler(DigSigHandlerName);
myEngine.login( sigUserPwd, sigDigitalIDPath);
sigField.signatureSign({oSig: myEngine,
bUI: false,
oInfo: { password: sigUserPwd,
reason: sigReason,
location: sigLocation,
contactInfo: sigContactInfo}
app.endPriv
} catch (e) {
console.println("An error occurred: " + e);
// set a correct password for using the signature, so you can quietly sign a doc.
function SetUserPassword(pwd)
sigUserPwd = pwd;
// set path to the digital signature file
function SetUserDigitalIDPath(idPath)
sigDigitalIDPath = idPath;
Sumit -
How do I do a digital signature using the inbuilt camera
I am using a MacBook Pro 13" and today I was shown in PC world how to use a digital signature by using the inbuilt camera. Is this possible with this model or is it only with the Retina models?
You may find this article helpful.
http://9to5mac.com/2014/02/15/how-to-use-preview-to-put-signatures-on-pdfs-pages -documents-and-mail-messages/
Click the blue Reader button at the end of Safari address bar for easy viewing. -
PDF Digital Signature using SM2 Encryption
Hi,
Is there any way to use SM2 encryption for digital signature in PDF instead of the default encryption?
Thanks,
Amir MehmoodHi Lrosenth,
Could you please help me with the following questions regarding SM2 encryption.
1) Whether Adobe China supports SM2 algorithm inside their Chinese version of Adobe Reader. US version does not support SM2 algorithm so signature validation will fail even if we were to use SM2 algorithm in our PDFs. This will be a key question to ask Adobe China and how they support viewing/validating of signed PDFs.
2) We use iText library to digitally sign the PDF document. iText uses BouncyCastle library (http://bouncycastle.org/specifications.html) to perform the actual encryption. SM2 algorithm is not supported by BouncyCastle out-of-the-box so we will need to extend BouncyCastle by implementing SM2 and modifying iText (open source version) to use SM2 for digitally signing the PDF. This could be a non-trivial task. So, the question is how do the Chinese digitally sign their PDFs using SM2? Do they use a third-party library that we can license?
3) Does Adobe China provide a PDF Java library for programmatically modifying and signing a PDF which is "Chinese"-compliant?
Thank you -
Adobe Form Digital Signature using WDA
Hi,
I have implemented Interactive Adobe Form using WDA, with one Signature Field.
I need to set and verify the status of the Digital Signature.
1) Is it possible to sign the Adobe form without the user selecting the Digital Id, basically what is needed to implement automatic signatures (setting and verifying)?
2) Once the data is filled online, the form is to be distributed or downloaded. How to apply security parameters to Form in this case (like pass protected etc). From SAP documentation, I understand we need to use Adobe Policy Server. Can we install this server on the Java stack of SAP WAS. Are there any other alternatives to implement such features?
Thanks & Regards,
Chitrali ShahI realize there is quite a bit of crossover between the two topics, but becuase you want to know about digital signature and specifically offline security; this question would probably be better asked in the Adobe Interactive Forms forum:
SAP Interactive Forms by Adobe
However I'm not going to lock the thread, as the WDA forum you will find many Forms experts as well and might find a solution. I just think you might have better luck in the other forum. This is perhas a rare case where double posting would be appropriate as long as you go back and update both threads with any solutions.
It sounds like you may have already found it, but about all I can offer on the subject is the link to the latest version of the online help on the subject:
http://help.sap.com/saphelp_nw70ehp1/helpdata/en/48/a0677efb696bb9e10000000a42189d/frameset.htm -
Unable to Split pdf form containing Digital Signature using Assembler
Hi All,
I am trying to split a pdf form into multiple forms using Assembler service provided by Adobe LiveCycle. Normal pdf's are getting splitted but facing issues with pdf's containing Digital Signature is there any way to split those forms please suggest ?????
Regards,
AliHello,
We have a livecycle form that allows people to save an image with an image field and other data in some text fields.
The users having problems are using Acrobat Pro XI. They seem to be able to open the form, fill in some data and save the data just fine except for this image.
The image does not display when the user re-opens the form. However, if another user opens that saved form then that user can see the image OK.
Any ideas what might be happening?
Thank you. -
How to create a digital signature using mac
C
an someone tell me how to create a digital signature I can use to sign documents with?Launch the Preview application and search its built-in help for the term "signature."
-
Where to laod the digital signature used to signform 16
Hi,
I'am working on Digital Signature for form16
I configured SSL and ADS between JAVA and ABAP stacks.
Now i got a demo digital signature.
I'am confused where to load this credential and how to use it.
Please guide me with a solution
With regards,
Pradeep.BUnfortunatly the update server is having some very strange hicups every now and then. I've been able to reproduce this once on a sparc box. What I did was basicly running 'smpatch analyze' for a second time, followed by the regular 'update' command after which things worked out for me.
Some strange things also occur when you sometimes run the 'analyze' command, and then run it again. Sometimes you'll be presented with 2 different lists of available updates. -
Digital Signature using Adobe Document Services
Sorry, I am new to portal and ADF. I want to capture digital signatures. Can I do this adobe document services?
The problem was on the users workstation copy of Adobe. There is a parameter that allows the PDF to be opened in a separate window.
-
How do I create a digital signature using Safari 6.0.3
Just got a refurbished macbook air , awesome, however I am realizing that it doesnt have mountain lion which had the ability to take a snapshot of your signature and save it and use it on docs/pdfs. Is there a way to do this using Safari?
ThanksJust got a refurbished macbook air , awesome, however I am realizing that it doesnt have mountain lion which had the ability to take a snapshot of your signature and save it and use it on docs/pdfs. Is there a way to do this using Safari?
Thanks -
Help to bring light to the digital signature, using PKCS7
Hi! I want some little explanation on how to the digital signing documents work. I've read that are "detached" signatures or encapsulated. How do this works? you create signature based on the file and store the binary information in some place, and the original file stays as is, then you check the file with the signature or how do this works?
Thanks a lot for your time!You are better off studying the material from either David Hook's book "Beginning Cryptography in Java" (http://www.wrox.com/WileyCDA/WroxTitle/productCd-0764596330.html) or from the PKCS7 standard at http://www.rsasecurity.com/rsalabs/node.asp?id=2124. Hook's book has code samples in it.
Maybe you are looking for
-
Shipping Charge for free goods Error FF805 Tax statement item missing o0
Hi, We handle a lot of free goods and Subsequent deliveries which are free of charge. The item category has been set "relevant for billing" and "100% discount (B)" for relevant for pricing. We have absolutely no trouble in billing and creating the a
-
Please help my phone wont let me type in my password and when connected to itunes it wont let me type my password in still
-
Use "Update List Item" to add multiple Values
I'm having a List on a SharePoint 2013 Farm. Each Entry can be a Member of a different Entry, and also can have multiple members. Now i want to Update my List Items with Orchestrator IP "Update List Item" and want to add this members to my List Eleme
-
Pdf reader X has problems with small pdf and printer with post script driver
Hi friends. I have installed new Reader X and then i saw that, when i print a very small pdf with about 50 kb and i print it on a Laserjet 4000 printer the printer has problem with the amount of data that reader 10 produces. When i install a Postscri
-
Customize the stored procedure migrating of MWB
Hi, All, Is there anybody know how much customize we can have for using the MWB when migrate stored procedure? For sample I have a SQL Server 6.5 strored procedure like following: /******************* SQL Server 6.5 sp *************/ CREATE PROCEDURE