0

I'm trying to sign a PDF using iText7 the way I did with iText5:

  • I took the Cert from Windows Personal Store.
  • I create an IExternalSignature based on the Cert.

I found that X509Certificate2Signature class is not present in iText7.

Because of that I've ported it, however when the Signer method SignDetached is invoked I get that nasty error telling that the classic RSA algorithm is not available because now it is a bit different (RSAcng).

Is there a workaround?

For sure, there must be a reason why the class was not ported to iText7 that I can't understand.

Thanks.

Martín Masella
  • 41
  • 5
  • If you showed your `X509Certificate2Signature` port, we might help pointing out problems. – mkl May 21 '21 at 17:19
  • Thanks. Here is the part that raises the error: – Martín Masella May 21 '21 at 18:43
  • public X509Certificate2Signature(X509Certificate2 certificate, String hashAlgorithm) { if (certificate.PrivateKey is System.Security.Cryptography.RSACryptoServiceProvider) encryptionAlgorithm = "RSA"; else if (certificate.PrivateKey is System.Security.Cryptography.DSACryptoServiceProvider) encryptionAlgorithm = "DSA"; else throw new ArgumentException("Unknown encryption algorithm " + certificate.PrivateKey); } – Martín Masella May 21 '21 at 18:44
  • X509Certificate2 class encryption algorithm is RSACng instead of RSA. – Martín Masella May 21 '21 at 18:45
  • So, there is no RSACng Crypto Service Provider class to get things done in System.Security.Cryptography. – Martín Masella May 21 '21 at 18:50
  • 2
    Does this help? https://stackoverflow.com/q/50627483/1520650 – rhens May 26 '21 at 12:08

0 Answers0