Docusignapi 如何验证已签名的PDF文件
我想用java代码验证Docusign签名的PDF。我需要验证PDF在签名后没有被修改,并且是由正确的用户签名的。怎么做 下面是我使用JSignPdf库验证它的代码。这项工作一直持续到今年3月7日,但现在失败了。不明白问题是什么。如果在已签名PDF中的Docusign签名证书有任何更改,请指导我Docusignapi 如何验证已签名的PDF文件,docusignapi,Docusignapi,我想用java代码验证Docusign签名的PDF。我需要验证PDF在签名后没有被修改,并且是由正确的用户签名的。怎么做 下面是我使用JSignPdf库验证它的代码。这项工作一直持续到今年3月7日,但现在失败了。不明白问题是什么。如果在已签名PDF中的Docusign签名证书有任何更改,请指导我 import java.io.File; import java.io.InputStream; import net.sf.jsignpdf.verify.SignatureVerification;
import java.io.File;
import java.io.InputStream;
import net.sf.jsignpdf.verify.SignatureVerification;
import net.sf.jsignpdf.verify.VerificationResult;
import net.sf.jsignpdf.verify.VerifierLogic;
import org.apache.log4j.Logger;
import com.vit.common.signing.VerificationOutput;
public class PdfVerifier{
private static Logger logger = Logger.getLogger(PdfVerifier.class);
public VerificationOutput verify(String signedFileName) throws Exception {
return verify(signedFileName, null);
}
public VerificationOutput verify(String pdfFileName, String[] certFileNames) throws Exception {
VerificationOutput ret = new VerificationOutput();
logger.info("starting checking ... " + pdfFileName);
try {
boolean failFast = true;
final VerifierLogic tmpLogic = new VerifierLogic("", "", "");
tmpLogic.setFailFast(failFast);
if (certFileNames==null || certFileNames.length==0) {
//TODO: we may just do this once per jvm launching
ClassLoader classLoader = getClass().getClassLoader();
InputStream ins = null;
try {
ins = classLoader.getResourceAsStream("docusign.cer");
tmpLogic.addX509CertFile(ins);
ins = classLoader.getResourceAsStream("docusign_entrust.cer");
tmpLogic.addX509CertFile(ins);
} finally {
try {
if (ins!=null) ins.close();
} catch(Exception err) {}
}
} else {
for (String tmpCFile : certFileNames) {
tmpLogic.addX509CertFile(tmpCFile);
}
}
int exitCode = 0;
String tmpFilePath = pdfFileName;
int exitCodeForFile = 0;
logger.info("Verifying " + tmpFilePath);
final File tmpFile = new File(tmpFilePath);
if (!tmpFile.canRead()) {
exitCodeForFile = SignatureVerification.SIG_STAT_CODE_ERROR_FILE_NOT_READABLE;
logger.error("Couln't read the file " + tmpFile + ". Check the path and permissions.");
exitCode = Math.max(exitCode, exitCodeForFile);
ret.setPass(false);
ret.setMessage("Couln't read the file " + tmpFile);
}
final VerificationResult tmpResult = tmpLogic.verify(tmpFilePath, null);
if (tmpResult.getException() != null) {
Exception e = tmpResult.getException();
exitCodeForFile = SignatureVerification.SIG_STAT_CODE_ERROR_UNEXPECTED_PROBLEM;
exitCode = Math.max(exitCode, exitCodeForFile);
ret.setPass(false);
ret.setMessage(e.getMessage());
ret.setException(e);
logger.error("failed digital signature verification due to " + e.getMessage(), e);
} else {
logger.info("Total revisions: " + tmpResult.getTotalRevisions());
exitCodeForFile = tmpResult.getVerificationResultCode();
boolean modified = false;
boolean signatureVerified = false;
for (SignatureVerification verification: tmpResult.getVerifications()) {
if (verification.isModified()) modified = true;
if (verification.getFails()==null) {
signatureVerified = true;
//System.out.println(verification.getSubject());
String subject = verification.getSubject();
String[] firstSplit = subject.split(",");
String email = firstSplit[0].substring(4, firstSplit[0].length()-1);
//System.out.println(email);
ret.setSignerEmail(email);
} else if (verification.isSignCertTrustedAndValid()) {
signatureVerified = true;
}
}
if (modified) {
ret.setPass(false);
ret.setMessage("pdf has been modified");
} else {
if (signatureVerified) {
ret.setPass(true);
ret.setMessage("Both content and signing cert have been verified");
} else {
ret.setPass(false);
ret.setMessage("signature not verified");
}
}
logger.info("verification passed? " + ret.isPass());
if (!ret.isPass()) {
logger.info("reason failed is " + ret.getMessage());
}
}
exitCode = Math.max(exitCode, exitCodeForFile);
} catch(Exception e) {
throw e;
}
return ret;
}
}
你的问题很模糊,你能提供一个更详细的问题吗?谢谢你的回答。我们有一个客户服务应用程序。此应用程序为每个客户请求创建docusign信封。客户需要填写此信封并签名才能下单。一旦信封由客户签名,我们的服务器就会下载签名的PDF,解析签名的PDF并处理客户请求。但在处理客户端请求之前,我们希望检查此签名PDF是否未被任何其他人篡改/修改。我不确定您是否在正确的部分,因为您的问题不是针对DocuSign,而是针对您自己的应用程序,因为您需要在应用程序中实施“PDF检查”。您的应用程序使用的是什么编程语言?我们使用的是JSignPdf。这是一个免费的开源库,用于验证PDF文件的签名。它一直工作到3月7日,但现在由于显示以下错误而失败java.lang.ClassCastException:org.bouncycastle.asn1.BertaggeObject无法在com.lowagie.text.pdf.PdfPKCS7(未知源代码)com.lowagie.text.pdf.AcroFields.verifySignature(未知源代码)上转换到org.bouncycastle.asn1.DERTaggedObject在com.lowagie.text.pdf.AcroFields.verifySignature上,该验证代码在过去几年中一直有效。但现在它正在失败。不明白问题出在哪里。我发布了供参考的代码。