Docusignapi 如何验证已签名的PDF文件

Docusignapi 如何验证已签名的PDF文件,docusignapi,Docusignapi,我想用java代码验证Docusign签名的PDF。我需要验证PDF在签名后没有被修改,并且是由正确的用户签名的。怎么做 下面是我使用JSignPdf库验证它的代码。这项工作一直持续到今年3月7日,但现在失败了。不明白问题是什么。如果在已签名PDF中的Docusign签名证书有任何更改,请指导我 import java.io.File; import java.io.InputStream; import net.sf.jsignpdf.verify.SignatureVerification;

我想用java代码验证Docusign签名的PDF。我需要验证PDF在签名后没有被修改,并且是由正确的用户签名的。怎么做

下面是我使用JSignPdf库验证它的代码。这项工作一直持续到今年3月7日,但现在失败了。不明白问题是什么。如果在已签名PDF中的Docusign签名证书有任何更改,请指导我

import java.io.File;
import java.io.InputStream;
import net.sf.jsignpdf.verify.SignatureVerification;
import net.sf.jsignpdf.verify.VerificationResult;
import net.sf.jsignpdf.verify.VerifierLogic;
import org.apache.log4j.Logger;
import com.vit.common.signing.VerificationOutput;
public class PdfVerifier{
    private static Logger logger = Logger.getLogger(PdfVerifier.class);    
    public VerificationOutput verify(String signedFileName) throws Exception {        
        return verify(signedFileName, null);
    }
    public VerificationOutput verify(String pdfFileName, String[] certFileNames) throws Exception {
        VerificationOutput ret = new VerificationOutput();
        logger.info("starting checking ... " + pdfFileName);
        try {
            boolean failFast = true;
            final VerifierLogic tmpLogic = new VerifierLogic("", "", "");
            tmpLogic.setFailFast(failFast);
            if (certFileNames==null || certFileNames.length==0) {
                //TODO: we may just do this once per jvm launching
                ClassLoader classLoader = getClass().getClassLoader();
                InputStream ins = null; 
                try {
                    ins = classLoader.getResourceAsStream("docusign.cer");
                    tmpLogic.addX509CertFile(ins);
                    ins = classLoader.getResourceAsStream("docusign_entrust.cer");
                    tmpLogic.addX509CertFile(ins);
                }  finally {
                    try {
                        if (ins!=null) ins.close();
                    } catch(Exception err) {}
                }
            } else {
                for (String tmpCFile : certFileNames) {
                    tmpLogic.addX509CertFile(tmpCFile);
                }
            }
            int exitCode = 0;
            String tmpFilePath = pdfFileName;
            int exitCodeForFile = 0;
            logger.info("Verifying " + tmpFilePath);
            final File tmpFile = new File(tmpFilePath);
            if (!tmpFile.canRead()) {
                exitCodeForFile = SignatureVerification.SIG_STAT_CODE_ERROR_FILE_NOT_READABLE;
                logger.error("Couln't read the file " + tmpFile + ". Check the path and permissions.");
                exitCode = Math.max(exitCode, exitCodeForFile);
                ret.setPass(false);
                ret.setMessage("Couln't read the file " + tmpFile);
            }
            final VerificationResult tmpResult = tmpLogic.verify(tmpFilePath, null);
            if (tmpResult.getException() != null) {
                Exception e = tmpResult.getException();
                exitCodeForFile = SignatureVerification.SIG_STAT_CODE_ERROR_UNEXPECTED_PROBLEM;
                exitCode = Math.max(exitCode, exitCodeForFile);
                ret.setPass(false);
                ret.setMessage(e.getMessage());
                ret.setException(e);
                logger.error("failed digital signature verification due to " + e.getMessage(), e);
            } else {
                logger.info("Total revisions: " + tmpResult.getTotalRevisions());
                exitCodeForFile = tmpResult.getVerificationResultCode();
                boolean modified = false;
                boolean signatureVerified = false;
                for (SignatureVerification verification: tmpResult.getVerifications()) {
                    if (verification.isModified()) modified = true;
                    if (verification.getFails()==null) {
                        signatureVerified = true;
                        //System.out.println(verification.getSubject());
                        String subject = verification.getSubject();
                        String[] firstSplit = subject.split(",");
                        String email = firstSplit[0].substring(4, firstSplit[0].length()-1);
                        //System.out.println(email);
                        ret.setSignerEmail(email);
                    } else if (verification.isSignCertTrustedAndValid()) {
                        signatureVerified = true;
                    }
                }
                if (modified) {
                    ret.setPass(false);
                    ret.setMessage("pdf has been modified");
                } else {
                    if (signatureVerified) {
                        ret.setPass(true);
                        ret.setMessage("Both content and signing cert have been verified");
                    } else {
                        ret.setPass(false);
                        ret.setMessage("signature not verified");
                    }
                }
                logger.info("verification passed? " + ret.isPass());
                if (!ret.isPass()) {
                    logger.info("reason failed is " + ret.getMessage());
                }
            }
            exitCode = Math.max(exitCode, exitCodeForFile);
        } catch(Exception e) {
            throw e;
        }
        return ret;
    }
}

你的问题很模糊,你能提供一个更详细的问题吗?谢谢你的回答。我们有一个客户服务应用程序。此应用程序为每个客户请求创建docusign信封。客户需要填写此信封并签名才能下单。一旦信封由客户签名,我们的服务器就会下载签名的PDF,解析签名的PDF并处理客户请求。但在处理客户端请求之前,我们希望检查此签名PDF是否未被任何其他人篡改/修改。我不确定您是否在正确的部分,因为您的问题不是针对DocuSign,而是针对您自己的应用程序,因为您需要在应用程序中实施“PDF检查”。您的应用程序使用的是什么编程语言?我们使用的是JSignPdf。这是一个免费的开源库,用于验证PDF文件的签名。它一直工作到3月7日,但现在由于显示以下错误而失败java.lang.ClassCastException:org.bouncycastle.asn1.BertaggeObject无法在com.lowagie.text.pdf.PdfPKCS7(未知源代码)com.lowagie.text.pdf.AcroFields.verifySignature(未知源代码)上转换到org.bouncycastle.asn1.DERTaggedObject在com.lowagie.text.pdf.AcroFields.verifySignature上,该验证代码在过去几年中一直有效。但现在它正在失败。不明白问题出在哪里。我发布了供参考的代码。