Page 1 of 1
Signing PDF and pincode for smartcard
Posted: Fri Jul 28, 2017 5:07 pm
by rlagrange
Hi,
We successfully sign document using a smartcard and gdpicture.
However, it look like the pincode is only asked once for the process lifetime, and not at each document signing, or gdpicturepdf instance, even when using a blank pincode : "oGdPicturePdf.SigSetCertFromSmartCardBySerialNumber(cert.CertificateSerialNumber, string.Empty);"
It's a usefull feature, but legal wise problematic : you have to prove the intent of the user to sign the document.
Not requiring the pincode could break this aspect, and be legally attacked.
Is it possible to have an option to overwrite this behavior ?
Thanks
Re: Signing PDF and pincode for smartcard
Posted: Fri Jul 28, 2017 5:19 pm
by delbeke
Hi
I'll have a look for that. But I am in vacancies in August.
Best regards
Jean-Luc
Re: Signing PDF and pincode for smartcard
Posted: Tue Aug 01, 2017 10:21 am
by delbeke
Hi rlagrange
I have made some tests and the pin code is asked every time a signature is created if a blank picode is provided.
Perhaps it's a hardware problem.
Can you provide a small snipet reproducing the problem
Best regards.
Jean-Luc
Re: Signing PDF and pincode for smartcard
Posted: Tue Aug 01, 2017 12:02 pm
by rlagrange
Hi
I reproduce the issue with this code :
Code: Select all
class Program
{
private const string GDPICTURE_LICENCE_KEY = "TTTT"; // CLEF V14
const string inPath = @"C:\Users\rlagr\OneDrive\Documents\Analyse VTC.pdf";
const string outPath = @"C:\Users\rlagr\OneDrive\Documents\Analyse VTC_SIGNED.pdf";
const string certSerialNumber = "0099d4464f4865dff92e860dd7";
static void Main(string[] args)
{
GdPicture14.LicenseManager lm = new GdPicture14.LicenseManager();
lm.RegisterKEY(GDPICTURE_LICENCE_KEY);
using (var pdf = new GdPicturePDF())
OpenAndSign(pdf);
using (var pdf = new GdPicturePDF())
OpenAndSign(pdf);
}
private static void OpenAndSign(GdPicturePDF pdf)
{
pdf.LoadFromFile(inPath, true);
pdf.SigSetCertFromSmartCardBySerialNumber(certSerialNumber, string.Empty);
pdf.SigSetCertificationLevel(PdfSignatureCertificationLevel.NoChanges);
pdf.SigSetSignatureInfos("Test", "test", "test", "test");
if (File.Exists(outPath)) File.Delete(outPath);
pdf.SigSign(outPath, PdfSignatureMode.PdfSignatureModeAdobeCADES, false);
pdf.CloseDocument();
}
}
The pincode is asked only once with my hardware. Same behavior if I choose two differents input file.
Re: Signing PDF and pincode for smartcard
Posted: Tue Aug 01, 2017 2:52 pm
by delbeke
Hi rlagrange.
Your code is good.
I do not understand why the pin code is buffered. This do not happens on my side.
Not sure about that but perhaps you can try this (on mys side it change nothing).
pdf.SigSetCertFromSmartCardBySerialNumber(certSerialNumber, "");
After that , you can test a removal of the smat card between signing the pdfs to ensure the pin code is resetted in this case.
Best regards.
Jean-Luc
Re: Signing PDF and pincode for smartcard
Posted: Tue Aug 01, 2017 4:13 pm
by rlagrange
Ok, it should be something in the Oberthur middleware, who don't close the smartcard login token while the process has not ended (or maybe after a timeout period)
I though it was something in GdPicture, so nevermind.
Thank you for taking the time to test this case.
Regards,
Romain Lagrange
Re: Signing PDF and pincode for smartcard
Posted: Mon Aug 07, 2017 9:52 am
by delbeke
Hi rlagrange
Thanks for the return. For our personal information, can you send us informations about solving your problem ?
Thanks you very much.
Best regards.
Jean-Luc