iText pdf library
Website search

Digital signatures - chapter 1

These examples were written in the context of Chapter 1 - "Understanding the concept of digital signatures" of the Digital Signatures for PDF documents eBook.

C1_01_DigestDefault.java
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
/*
    This file is part of the iText (R) project.
    Copyright (c) 1998-2020 iText Group NV
    Authors: iText Software.
 
    For more information, please contact iText Software at this address:
    sales@itextpdf.com
 */
/*
 * This class is part of the white paper entitled
 * "Digital Signatures for PDF documents"
 * written by Bruno Lowagie
 *
 * For more info, go to: http://itextpdf.com/learn
 */
package com.itextpdf.samples.signatures.chapter01;
 
import java.io.File;
import java.io.UnsupportedEncodingException;
import java.math.BigInteger;
import java.nio.charset.StandardCharsets;
import java.security.GeneralSecurityException;
import java.security.MessageDigest;
import java.util.Arrays;
 
public class C1_01_DigestDefault {
    public static final String DEST = "./target/test/resources/signatures/chapter01/";
 
    public static final String EXPECTED_OUTPUT = "Digest using MD5: 16\n" +
            "Digest: 5f4dcc3b5aa765d61d8327deb882cf99\n" +
            "Is the password 'password'? true\n" +
            "Is the password 'secret'? false\n" +
            "Digest using SHA-1: 20\n" +
            "Digest: 5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8\n" +
            "Is the password 'password'? true\n" +
            "Is the password 'secret'? false\n" +
            "Digest using SHA-224: 28\n" +
            "Digest: d63dc919e201d7bc4c825630d2cf25fdc93d4b2f0d46706d29038d01\n" +
            "Is the password 'password'? true\n" +
            "Is the password 'secret'? false\n" +
            "Digest using SHA-256: 32\n" +
            "Digest: 5e884898da28047151d0e56f8dc6292773603d0d6aabbdd62a11ef721d1542d8\n" +
            "Is the password 'password'? true\n" +
            "Is the password 'secret'? false\n" +
            "Digest using SHA-384: 48\n" +
            "Digest: a8b64babd0aca91a59bdbb7761b421d4f2bb38280d3a75ba0f21f2bebc4558" +
            "3d446c598660c94ce680c47d19c30783a7\n" +
            "Is the password 'password'? true\n" +
            "Is the password 'secret'? false\n" +
            "Digest using SHA-512: 64\n" +
            "Digest: b109f3bbbc244eb82441917ed06d618b9008dd09b3befd1b5e07394c706a8bb980b" +
            "1d7785e5976ec049b46df5f1326af5a2ea6d103fd07c95385ffab0cacbc86\n" +
            "Is the password 'password'? true\n" +
            "Is the password 'secret'? false\n" +
            "RIPEMD128 MessageDigest not available\n" +
            "RIPEMD160 MessageDigest not available\n" +
            "RIPEMD256 MessageDigest not available\n";
 
    protected byte[] digest;
    protected MessageDigest messageDigest;
 
    protected C1_01_DigestDefault(String password, String algorithm, String provider) throws GeneralSecurityException,
            UnsupportedEncodingException {
        if (provider == null) {
            messageDigest = MessageDigest.getInstance(algorithm);
        } else {
            messageDigest = MessageDigest.getInstance(algorithm, provider);
        }
        digest = messageDigest.digest(password.getBytes("UTF-8"));
    }
 
    public static C1_01_DigestDefault getInstance(String password, String algorithm) throws GeneralSecurityException,
            UnsupportedEncodingException {
        return new C1_01_DigestDefault(password, algorithm, null);
    }
 
    public static void main(String[] args) {
        File file = new File(DEST);
        file.mkdirs();
 
        testAll();
    }
 
    public static void testAll() {
        showTest("MD5");
        showTest("SHA-1");
        showTest("SHA-224");
        showTest("SHA-256");
        showTest("SHA-384");
        showTest("SHA-512");
        showTest("RIPEMD128");
        showTest("RIPEMD160");
        showTest("RIPEMD256");
    }
 
    public static void showTest(String algorithm) {
        try {
            C1_01_DigestDefault app = getInstance("password", algorithm);
            System.out.println("Digest using " + algorithm + ": " + app.getDigestSize());
            System.out.println("Digest: " + app.getDigestAsHexString());
            System.out.println("Is the password 'password'? " + app.checkPassword("password"));
            System.out.println("Is the password 'secret'? " + app.checkPassword("secret"));
        } catch (Exception exc) {
            System.out.println(exc.getMessage());
        }
    }
 
    public int getDigestSize() {
        return digest.length;
    }
 
    public String getDigestAsHexString() {
        return new BigInteger(1, digest).toString(16);
    }
 
    /* This method checks if the digest of the password is equal
     * to the digest of the text line which is passed as argument
     */
    public boolean checkPassword(String password) {
        return Arrays.equals(digest, messageDigest.digest(password.getBytes()));
    }
}
C1_02_DigestBC.java
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
/*
    This file is part of the iText (R) project.
    Copyright (c) 1998-2020 iText Group NV
    Authors: iText Software.
 
    For more information, please contact iText Software at this address:
    sales@itextpdf.com
 */
/*
 * This class is part of the white paper entitled
 * "Digital Signatures for PDF documents"
 * written by Bruno Lowagie
 *
 * For more info, go to: http://itextpdf.com/learn
 */
 
package com.itextpdf.samples.signatures.chapter01;
 
import java.io.File;
import java.io.UnsupportedEncodingException;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.MessageDigest;
import java.security.Provider;
import java.util.Arrays;
 
import org.bouncycastle.jce.provider.BouncyCastleProvider;
 
public class C1_02_DigestBC {
    public static final String DEST = "./target/test/resources/signatures/chapter01/";
 
    public static final BouncyCastleProvider PROVIDER = new BouncyCastleProvider();
 
    public static final String EXPECTED_OUTPUT = "Digest using MD5: 16\n" +
            "Digest: 5f4dcc3b5aa765d61d8327deb882cf99\n" +
            "Is the password 'password'? true\n" +
            "Is the password 'secret'? false\n" +
            "Digest using SHA-1: 20\n" +
            "Digest: 5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8\n" +
            "Is the password 'password'? true\n" +
            "Is the password 'secret'? false\n" +
            "Digest using SHA-224: 28\n" +
            "Digest: d63dc919e201d7bc4c825630d2cf25fdc93d4b2f0d46706d29038d01\n" +
            "Is the password 'password'? true\n" +
            "Is the password 'secret'? false\n" +
            "Digest using SHA-256: 32\n" +
            "Digest: 5e884898da28047151d0e56f8dc6292773603d0d6aabbdd62a11ef721d1542d8\n" +
            "Is the password 'password'? true\n" +
            "Is the password 'secret'? false\n" +
            "Digest using SHA-384: 48\n" +
            "Digest: a8b64babd0aca91a59bdbb7761b421d4f2bb38280d3a75ba0f21f2bebc45583d446c" +
            "598660c94ce680c47d19c30783a7\n" +
            "Is the password 'password'? true\n" +
            "Is the password 'secret'? false\n" +
            "Digest using SHA-512: 64\n" +
            "Digest: b109f3bbbc244eb82441917ed06d618b9008dd09b3befd1b5e07394c706a8bb980b1d7" +
            "785e5976ec049b46df5f1326af5a2ea6d103fd07c95385ffab0cacbc86\n" +
            "Is the password 'password'? true\n" +
            "Is the password 'secret'? false\n" +
            "Digest using RIPEMD128: 16\n" +
            "Digest: c9c6d316d6dc4d952a789fd4b8858ed7\n" +
            "Is the password 'password'? true\n" +
            "Is the password 'secret'? false\n" +
            "Digest using RIPEMD160: 20\n" +
            "Digest: 2c08e8f5884750a7b99f6f2f342fc638db25ff31\n" +
            "Is the password 'password'? true\n" +
            "Is the password 'secret'? false\n" +
            "Digest using RIPEMD256: 32\n" +
            "Digest: f94cf96c79103c3ccad10d308c02a1db73b986e2c48962e96ecd305e0b80ef1b\n" +
            "Is the password 'password'? true\n" +
            "Is the password 'secret'? false\n";
 
    protected byte[] digest;
    protected MessageDigest messageDigest;
 
    protected C1_02_DigestBC(String password, String algorithm, Provider provider) throws GeneralSecurityException,
            UnsupportedEncodingException {
        if (provider == null) {
            messageDigest = MessageDigest.getInstance(algorithm);
        } else {
 
            // BouncyCastle provider can be initialized in another way
            // by using Security.addProvider(Provider provider) method
            messageDigest = MessageDigest.getInstance(algorithm, provider);
        }
        digest = messageDigest.digest(password.getBytes("UTF-8"));
    }
 
    public static C1_02_DigestBC getInstance(String password, String algorithm) throws GeneralSecurityException,
            UnsupportedEncodingException {
        return new C1_02_DigestBC(password, algorithm, PROVIDER);
    }
 
    public static void main(String[] args) throws Exception {
        File file = new File(DEST);
        file.mkdirs();
 
        testAll();
    }
 
    public static void testAll() throws Exception {
        showTest("MD5");
        showTest("SHA-1");
        showTest("SHA-224");
        showTest("SHA-256");
        showTest("SHA-384");
        showTest("SHA-512");
        showTest("RIPEMD128");
        showTest("RIPEMD160");
        showTest("RIPEMD256");
 
    }
 
    public static void showTest(String algorithm) throws Exception {
        C1_02_DigestBC app = getInstance("password", algorithm);
        System.out.println("Digest using " + algorithm + ": " + app.getDigestSize());
        System.out.println("Digest: " + app.getDigestAsHexString());
        System.out.println("Is the password 'password'? " + app.checkPassword("password"));
        System.out.println("Is the password 'secret'? " + app.checkPassword("secret"));
    }
 
    public int getDigestSize() {
        return digest.length;
    }
 
    public String getDigestAsHexString() {
        return new BigInteger(1, digest).toString(16);
    }
 
    /* This method checks if the digest of the password is equal
     * to the digest of the text line which is passed as argument
     */
    public boolean checkPassword(String password) {
        return Arrays.equals(digest, messageDigest.digest(password.getBytes()));
    }
}
C1_03_EncryptDecrypt.java
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
/*
    This file is part of the iText (R) project.
    Copyright (c) 1998-2020 iText Group NV
    Authors: iText Software.
 
    For more information, please contact iText Software at this address:
    sales@itextpdf.com
 */
/*
 * This class is part of the white paper entitled
 * "Digital Signatures for PDF documents"
 * written by Bruno Lowagie
 *
 * For more info, go to: http://itextpdf.com/learn
 */
package com.itextpdf.samples.signatures.chapter01;
 
import javax.crypto.Cipher;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.cert.X509Certificate;
 
public class C1_03_EncryptDecrypt {
    public static final String DEST = "./target/test/resources/signatures/chapter01/";
 
    protected static final String KEYSTORE = "./src/test/resources/encryption/ks";
 
    protected static final String PASSWORD = "password";
    protected KeyStore ks;
 
    public static void main(String[] args) throws Exception {
        File file = new File(DEST);
        file.mkdirs();
 
        encryptDecrypt();
    }
 
    public static void encryptDecrypt() throws GeneralSecurityException, IOException {
        C1_03_EncryptDecrypt app = new C1_03_EncryptDecrypt();
        app.initKeyStore(KEYSTORE, PASSWORD);
        Key publicKey = app.getPublicKey("demo");
        Key privateKey = app.getPrivateKey("demo", "password");
 
        // Encrypt the message with the public key and then decrypt it with the private key
        System.out.println("Let's encrypt 'secret message' with a public key");
        byte[] encrypted = app.encrypt(publicKey, "secret message");
        System.out.println("Encrypted message: " + app.getDigestAsHexString(encrypted));
        System.out.println("Let's decrypt it with the corresponding private key");
        String decrypted = app.decrypt(privateKey, encrypted);
        System.out.println(decrypted);
 
        // Encrypt the message with the private key and then decrypt it with the public key
        System.out.println("You can also encrypt the message with a private key");
        encrypted = app.encrypt(privateKey, "secret message");
        System.out.println("Encrypted message: " + app.getDigestAsHexString(encrypted));
        System.out.println("Now you need the public key to decrypt it");
        decrypted = app.decrypt(publicKey, encrypted);
        System.out.println(decrypted);
    }
 
    private void initKeyStore(String keystore, String ks_pass) throws GeneralSecurityException, IOException {
        ks = KeyStore.getInstance(KeyStore.getDefaultType());
        ks.load(new FileInputStream(keystore), ks_pass.toCharArray());
    }
 
    private String getDigestAsHexString(byte[] digest) {
        return new BigInteger(1, digest).toString(16);
    }
 
    private X509Certificate getCertificate(String alias) throws KeyStoreException {
        return (X509Certificate) ks.getCertificate(alias);
    }
 
    private Key getPublicKey(String alias) throws GeneralSecurityException, IOException {
        return getCertificate(alias).getPublicKey();
    }
 
    private Key getPrivateKey(String alias, String pk_pass) throws GeneralSecurityException, IOException {
        return ks.getKey(alias, pk_pass.toCharArray());
    }
 
    // This method encrypts the message (using RSA algorithm) with the key, got as the 1st argument
    public byte[] encrypt(Key key, String message) throws GeneralSecurityException {
        Cipher cipher = Cipher.getInstance("RSA");
        cipher.init(Cipher.ENCRYPT_MODE, key);
        byte[] cipherData = cipher.doFinal(message.getBytes());
        return cipherData;
    }
 
    // This method decrypts the message (using RSA algorithm) with the key, got as the 1st argument
    public String decrypt(Key key, byte[] message) throws GeneralSecurityException {
        Cipher cipher = Cipher.getInstance("RSA");
        cipher.init(Cipher.DECRYPT_MODE, key);
        byte[] cipherData = cipher.doFinal(message);
        return new String(cipherData);
    }
}
C1_01_DigestDefault.cs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
/*
    This file is part of the iText (R) project.
    Copyright (c) 1998-2020 iText Group NV
    Authors: iText Software.
 
    For more information, please contact iText Software at this address:
    sales@itextpdf.com
 */
/*
* This class is part of the white paper entitled
* "Digital Signatures for PDF documents"
* written by Bruno Lowagie
*
* For more info, go to: http://itextpdf.com/learn
*/
 
using System;
using System.IO;
using System.Linq;
using System.Security.Cryptography;
using System.Text;
using Org.BouncyCastle.Math;
 
namespace iText.Samples.Signatures.Chapter01
{
    public class C1_01_DigestDefault
    {
        public static readonly String DEST = "results/signatures/chapter01/";
 
        public static readonly String EXPECTED_OUTPUT = "Digest using MD5: 16\n" +
                                                        "Digest: 5f4dcc3b5aa765d61d8327deb882cf99\n" +
                                                        "Is the password 'password'? True\n" +
                                                        "Is the password 'secret'? False\n" +
                                                        "SHA-1 digest is not available\n" +
                                                        "SHA-224 digest is not available\n" +
                                                        "Digest using SHA-256: 32\n" +
                                                        "Digest: 5e884898da28047151d0e56f8dc6292773603d0d6aabbdd62a11ef721d1542d8\n" +
                                                        "Is the password 'password'? True\n" +
                                                        "Is the password 'secret'? False\n" +
                                                        "Digest using SHA-384: 48\n" +
                                                        "Digest: a8b64babd0aca91a59bdbb7761b421d4f2bb38280d3a75ba0f21f" +
                                                        "2bebc45583d446c598660c94ce680c47d19c30783a7\n" +
                                                        "Is the password 'password'? True\n" +
                                                        "Is the password 'secret'? False\n" +
                                                        "Digest using SHA-512: 64\n" +
                                                        "Digest: b109f3bbbc244eb82441917ed06d618b9008dd09b3befd1b5e07394" +
                                                        "c706a8bb980b1d7785e5976ec049b46df5f1326af5a2ea6d103fd07c95385ffab0cacbc86\n" +
                                                        "Is the password 'password'? True\n" +
                                                        "Is the password 'secret'? False\n" +
                                                        "RIPEMD128 digest is not available\n" +
                                                        "Digest using RIPEMD160: 20\n" +
                                                        "Digest: 2c08e8f5884750a7b99f6f2f342fc638db25ff31\n" +
                                                        "Is the password 'password'? True\n" +
                                                        "Is the password 'secret'? False\n" +
                                                        "RIPEMD256 digest is not available\n";
 
        protected byte[] digest;
        protected HashAlgorithm messageDigest;
 
        protected C1_01_DigestDefault(String password, String algorithm)
        {
            messageDigest = HashAlgorithm.Create(algorithm);
            if (null == messageDigest)
            {
                throw new ArgumentException(algorithm + " digest is not available\n");
            }
 
            digest = messageDigest.ComputeHash(Encoding.UTF8.GetBytes(password));
        }
 
        public static C1_01_DigestDefault GetInstance(String password, String algorithm)
        {
            return new C1_01_DigestDefault(password, algorithm);
        }
 
        public static void Main(String[] args)
        {
            DirectoryInfo directory = new DirectoryInfo(DEST);
            directory.Create();
 
            TestAll();
        }
 
        public static void TestAll()
        {
            ShowTest("MD5");
            ShowTest("SHA-1");
            ShowTest("SHA-224");
            ShowTest("SHA-256");
            ShowTest("SHA-384");
            ShowTest("SHA-512");
            ShowTest("RIPEMD128");
            ShowTest("RIPEMD160");
            ShowTest("RIPEMD256");
        }
 
        public static void ShowTest(String algorithm)
        {
            try
            {
                C1_01_DigestDefault app = GetInstance("password", algorithm);
                Console.WriteLine("Digest using " + algorithm + ": " + app.GetDigestSize());
                Console.WriteLine("Digest: " + app.GetDigestAsHexString());
                Console.WriteLine("Is the password 'password'? " + app.CheckPassword("password"));
                Console.WriteLine("Is the password 'secret'? " + app.CheckPassword("secret"));
            }
            catch (ArgumentException exc)
            {
                Console.WriteLine(exc.Message);
            }
        }
 
        public int GetDigestSize()
        {
            return digest.Length;
        }
 
        public String GetDigestAsHexString()
        {
            return new BigInteger(1, digest).ToString(16);
        }
 
        // This method checks if the digest of the password is equal
        // to the digest of the text line which is passed as argument
        public bool CheckPassword(String password)
        {
            return digest.SequenceEqual(messageDigest.ComputeHash(Encoding.UTF8.GetBytes(password)));
        }
    }
}
C1_02_DigestBC.cs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
/*
    This file is part of the iText (R) project.
    Copyright (c) 1998-2020 iText Group NV
    Authors: iText Software.
 
    For more information, please contact iText Software at this address:
    sales@itextpdf.com
 */
 
using System;
using System.IO;
using System.Linq;
using System.Text;
using iText.Signatures;
using Org.BouncyCastle.Crypto;
using Org.BouncyCastle.Math;
 
namespace iText.Samples.Signatures.Chapter01
{
    public class C1_02_DigestBC
    {
        public static readonly String DEST = "results/signatures/chapter01/";
 
        public static readonly String EXPECTED_OUTPUT = "Digest using MD5: 16\n" +
                                                        "Digest: 5f4dcc3b5aa765d61d8327deb882cf99\n" +
                                                        "Is the password 'password'? True\n" +
                                                        "Is the password 'secret'? False\n" +
                                                        "Digest using SHA-1: 20\n" +
                                                        "Digest: 5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8\n" +
                                                        "Is the password 'password'? True\n" +
                                                        "Is the password 'secret'? False\n" +
                                                        "Digest using SHA-224: 28\n" +
                                                        "Digest: d63dc919e201d7bc4c825630d2cf25fdc93d4b2f0d46706d29038d01\n" +
                                                        "Is the password 'password'? True\n" +
                                                        "Is the password 'secret'? False\n" +
                                                        "Digest using SHA-256: 32\n" +
                                                        "Digest: 5e884898da28047151d0e56f8dc6292773603d0d6aabbdd62a11ef721d1542d8\n" +
                                                        "Is the password 'password'? True\n" +
                                                        "Is the password 'secret'? False\n" +
                                                        "Digest using SHA-384: 48\n" +
                                                        "Digest: a8b64babd0aca91a59bdbb7761b421d4f2bb38280d3a75ba0f21f2" +
                                                        "bebc45583d446c598660c94ce680c47d19c30783a7\n" +
                                                        "Is the password 'password'? True\n" +
                                                        "Is the password 'secret'? False\n" +
                                                        "Digest using SHA-512: 64\n" +
                                                        "Digest: b109f3bbbc244eb82441917ed06d618b9008dd09b3befd1b5e07394" +
                                                        "c706a8bb980b1d7785e5976ec049b46df5f1326af5a2ea6d103fd07c95385ffab0cacbc86\n" +
                                                        "Is the password 'password'? True\n" +
                                                        "Is the password 'secret'? False\n" +
                                                        "Digest using RIPEMD128: 16\n" +
                                                        "Digest: c9c6d316d6dc4d952a789fd4b8858ed7\n" +
                                                        "Is the password 'password'? True\n" +
                                                        "Is the password 'secret'? False\n" +
                                                        "Digest using RIPEMD160: 20\n" +
                                                        "Digest: 2c08e8f5884750a7b99f6f2f342fc638db25ff31\n" +
                                                        "Is the password 'password'? True\n" +
                                                        "Is the password 'secret'? False\n" +
                                                        "Digest using RIPEMD256: 32\n" +
                                                        "Digest: f94cf96c79103c3ccad10d308c02a1db73b986e2c48962e96ecd305e0b80ef1b\n" +
                                                        "Is the password 'password'? True\n" +
                                                        "Is the password 'secret'? False\n";
 
        protected byte[] digest;
        protected IDigest messageDigest;
 
        protected C1_02_DigestBC(String password, String algorithm)
        {
            messageDigest = DigestAlgorithms.GetMessageDigest(algorithm);
            digest = DigestAlgorithms.Digest(new MemoryStream(Encoding.UTF8.GetBytes(password)), messageDigest);
        }
 
        public static C1_02_DigestBC GetInstance(String password, String algorithm)
        {
            return new C1_02_DigestBC(password, algorithm);
        }
 
        public static void Main(String[] args)
        {
            DirectoryInfo directory = new DirectoryInfo(DEST);
            directory.Create();
 
            TestAll();
        }
 
        public static void TestAll()
        {
            ShowTest("MD5");
            ShowTest("SHA-1");
            ShowTest("SHA-224");
            ShowTest("SHA-256");
            ShowTest("SHA-384");
            ShowTest("SHA-512");
            ShowTest("RIPEMD128");
            ShowTest("RIPEMD160");
            ShowTest("RIPEMD256");
        }
 
        public static void ShowTest(String algorithm)
        {
            C1_02_DigestBC app = GetInstance("password", algorithm);
            Console.WriteLine("Digest using " + algorithm + ": " + app.GetDigestSize());
            Console.WriteLine("Digest: " + app.GetDigestAsHexString());
            Console.WriteLine("Is the password 'password'? " + app.CheckPassword("password"));
            Console.WriteLine("Is the password 'secret'? " + app.CheckPassword("secret"));
        }
 
        public int GetDigestSize()
        {
            return digest.Length;
        }
 
        public String GetDigestAsHexString()
        {
            return new BigInteger(1, digest).ToString(16);
        }
 
        // This method checks if the digest of the password is equal
        // to the digest of the text line which is passed as argument
        public bool CheckPassword(String password)
        {
            return digest.SequenceEqual(DigestAlgorithms
                .Digest(new MemoryStream(Encoding.UTF8.GetBytes(password)), messageDigest));
        }
    }
}
C1_03_EncryptDecrypt.cs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
/*
    This file is part of the iText (R) project.
    Copyright (c) 1998-2020 iText Group NV
    Authors: iText Software.
 
    For more information, please contact iText Software at this address:
    sales@itextpdf.com
 */
/*
* This class is part of the white paper entitled
* "Digital Signatures for PDF documents"
* written by Bruno Lowagie
*
* For more info, go to: http://itextpdf.com/learn
*/
 
using System;
using System.IO;
using System.Text;
using Org.BouncyCastle.Crypto;
using Org.BouncyCastle.Crypto.Encodings;
using Org.BouncyCastle.Crypto.Engines;
using Org.BouncyCastle.Math;
using Org.BouncyCastle.Pkcs;
using Org.BouncyCastle.X509;
 
namespace iText.Samples.Signatures.Chapter01
{
    public class C1_03_EncryptDecrypt
    {
        public static readonly String DEST = "results/signatures/chapter01/";
 
        protected static readonly String KEYSTORE = "../../resources/encryption/ks";
 
        protected static readonly String PASSWORD = "password";
        protected Pkcs12Store ks;
 
        public static void Main(String[] args)
        {
            DirectoryInfo directory = new DirectoryInfo(DEST);
            directory.Create();
 
            EncryptDecrypt();
        }
 
        public static void EncryptDecrypt()
        {
            C1_03_EncryptDecrypt app = new C1_03_EncryptDecrypt();
            app.InitKeyStore(KEYSTORE, PASSWORD);
            AsymmetricKeyParameter publicKey = app.getPublicKey("demo");
            AsymmetricKeyParameter privateKey = app.getPrivateKey("demo");
 
            // Encrypt the message with the public key and then decrypt it with the private key
            Console.WriteLine("Let's encrypt 'secret message' with a public key");
            byte[] encrypted = app.Encrypt(publicKey, "secret message");
            Console.WriteLine("Encrypted message: " + app.GetDigestAsHexString(encrypted));
            Console.WriteLine("Let's decrypt it with the corresponding private key");
            String decrypted = app.Decrypt(privateKey, encrypted);
            Console.WriteLine(decrypted);
 
            // Encrypt the message with the private key and then decrypt it with the public key
            Console.WriteLine("You can also encrypt the message with a private key");
            encrypted = app.Encrypt(privateKey, "secret message");
            Console.WriteLine("Encrypted message: " + app.GetDigestAsHexString(encrypted));
            Console.WriteLine("Now you need the public key to decrypt it");
            decrypted = app.Decrypt(publicKey, encrypted);
            Console.WriteLine(decrypted);
        }
 
        private void InitKeyStore(String keystore, String ks_pass)
        {
            ks = new Pkcs12Store(new FileStream(keystore, FileMode.Open, FileAccess.Read),
                ks_pass.ToCharArray());
        }
 
        private String GetDigestAsHexString(byte[] digest)
        {
            return new BigInteger(1, digest).ToString(16);
        }
 
        private X509Certificate GetCertificate(String alias)
        {
            return ks.GetCertificate(alias).Certificate;
        }
 
        private AsymmetricKeyParameter getPublicKey(String alias)
        {
            return GetCertificate(alias).GetPublicKey();
        }
 
        private AsymmetricKeyParameter getPrivateKey(String alias)
        {
            return ks.GetKey(alias).Key;
        }
 
        // This method encrypts the message (using RSA algorithm) with the key, got as the 1st argument
        public byte[] Encrypt(AsymmetricKeyParameter key, String message)
        {
            byte[] messageBytes = Encoding.UTF8.GetBytes(message);
            Pkcs1Encoding encryptEngine = new Pkcs1Encoding(new RsaEngine());
 
            // The first parameter defines whether to encrypt or decrypt
            encryptEngine.Init(true, key);
 
            return encryptEngine.ProcessBlock(messageBytes, 0, messageBytes.Length);
        }
 
        // This method decrypts the message (using RSA algorithm) with the key, got as the 1st argument
        public String Decrypt(AsymmetricKeyParameter key, byte[] message)
        {
            Pkcs1Encoding decryptEngine = new Pkcs1Encoding(new RsaEngine());
 
            // The first parameter defines whether to encrypt or decrypt
            decryptEngine.Init(false, key);
 
            return Encoding.UTF8.GetString(decryptEngine.ProcessBlock(message, 0, message.Length));
        }
    }
}

Click the following link to see the legacy example for iText 5. Except for security fixes, iText 5 is no longer being developed.



Contact

Still have questions? 

We're happy to answer your questions. Reach out to us and we'll get back to you shortly.

Contact us
Stay updated

Join 11,000+ subscribers and become an iText PDF expert by staying up to date with our new products, updates, tips, technical solutions and happenings.

Subscribe Now