I am able to create a valid signature using PDFBox. I'm using an external API to let my hash sign with a given Certificate this is valid.
However when using https://ec.europa.eu/digital-building-blocks/DSS/webapp-demo/validation there is a warning about a missing attribute.
Validation Reposrt using EC-Europa Validation Tool
The current code is at: https://gist.github.com/wgnrd/e6fcb6155795014db10fd482bdb40133, but here is an excerpt of the code-snippet:
PDSignature signature = createSignature(signatureAppearance.getSignerName());
SignatureOptions options = createSignatureOptions(document, signature, signatureAppearance);
document.addSignature(signature, null, options);
ContentSigner contentSigner = createContentSigner();
CMSSignedDataGenerator cmsSignedDataGenerator = createCMSSignedDataGenerator(chain, contentSigner);
ExternalSigningSupport preSignDocument = document.saveIncrementalForExternalSigning(output);
CMSTypedData msg = new CMSProcessableByteArray(preSignDocument.getContent().readAllBytes());
CMSSignedData signedData = cmsSignedDataGenerator.generate(msg, false);
byte[] cmsSignature = signedData.getEncoded();
preSignDocument.setSignature(cmsSignature);
Is it possible to create a signature using PDFBox which passes through the validator without a warning?
The question is a continue from PDFBox - Signing a PDF using an external service (document has been altered or corrupted). As the answerer agreed to help me. But I would like to split this into another question so people can more easily reference to two seperate problems.