Java iText 2.1.7中的数字签名
我需要使用Java将数字签名放入PDF文件中。有人能提供一个将数字签名写入PDF的示例代码吗Java iText 2.1.7中的数字签名,java,itext,Java,Itext,我需要使用Java将数字签名放入PDF文件中。有人能提供一个将数字签名写入PDF的示例代码吗 我正在使用iText 2.1.7,不允许我将Jar升级到iText 7您可以找到用于签名的旧文档。还有一些关于如何完成PKCS7签名的代码片段: PdfStamper stamper = PdfStamper.createSignature(super.reader, this.os, '\0',null,true); PdfSignatureAppearance sigApp = stamper.ge
我正在使用
iText 2.1.7iText 7PdfStamper stamper = PdfStamper.createSignature(super.reader, this.os, '\0',null,true);
PdfSignatureAppearance sigApp = stamper.getSignatureAppearance();
if(signatureFieldName==null){
//for new signatures
sigApp.setVisibleSignature(new Rectangle(lowerLeftX, lowerLeftY, upperRightX, upperRightY),pageNumber, signatureFieldName);
}
else{
//existing signatures
sigApp.setVisibleSignature(signatureFieldName);
}
sigApp.setAcro6Layers(true);
sigApp.setLayer4Text("");
//signer name
sigApp.setLayer2Text("");
//No question mark should appear -> overwrite layer 1
PdfTemplate t = sigApp.getLayer(1);
t.setBoundingBox(new Rectangle(100, 100));
t.setLiteral("% DSBlank\n");
sigApp.setReason("I agree");
sigApp.setLocation("Your location");
sigApp.setImage(Image.getInstance(yourImageOfASignature));
sigApp.setImageScale(0f);
sigApp.setSignDate(signingTime);
PdfSignature dic = new PdfSignature(PdfName.ADOBE_PPKLITE,PdfName.ADBE_PKCS7_DETACHED);
dic.setDate(new PdfDate(signingTime));
dic.setName(PdfPKCS7.getSubjectFields((X509Certificate)this.chain[0]).getField("CN"));
sigApp.setCryptoDictionary(dic);
int estimatedSize=8192;
HashMap<PdfName, Integer> exclusions = new HashMap<>();
exclusions.put(PdfName.CONTENTS, Integer.valueOf(estimatedSize*2+2));
sigApp.preClose(exclusions);
//hash pdfSigApp.getRangeStream() and create a PKCS#7 signature container in a byte[] signatureContent
PdfPKCS7 pk7 = new PdfPKCS7(this.privateKey, this.chain, null, "SHA-256", null, false);
MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
byte[] buf = new byte[estimatedSize];
int n;
InputStream inp = sigApp.getRangeStream();
while ((n = inp.read(buf)) > 0) {
messageDigest.update(buf, 0, n);
}
inp.close();
byte[] hash = messageDigest.digest();
byte[] sh = pk7.getAuthenticatedAttributeBytes(hash, signTime, null);
pk7.update(sh, 0, sh.length);
PdfDictionary dic2 = new PdfDictionary();
byte[] encodedSig = pk7.getEncodedPKCS7(hash, signTime);
byte[] paddedSig = new byte[estimatedSize];
//insert pkcs7 container
if(encodedSig.length>paddedSig.length){
throw new SigningException("Internal signing error - signature size constraints must be increased.");
}
System.arraycopy(encodedSig, 0, paddedSig, 0, encodedSig.length);
dic2.put(PdfName.CONTENTS, new PdfString(paddedSig).setHexWriting(true));
sigApp.close(dic2);
PdfStamper stamper=PdfStamper.createSignature(super.reader,this.os,'\0',null,true);
PdfSignatureAppearance sigApp=stamper.getSignatureAppearance();
如果(signatureFieldName==null){
//新签名
sigApp.setVisibleSignature(新矩形(lowerLeftX、lowerLeftY、upperRightX、upperRightY)、页码、signatureFieldName);
}
否则{
//现有签名
sigApp.setVisibleSignature(signatureFieldName);
}
sigApp.setAcro6Layers(真);
sigApp.setLayer4Text(“”);
//签名人姓名
sigApp.setLayer2Text(“”);
//不应出现问号->覆盖层1
PdfTemplate t=sigApp.getLayer(1);
t、 setBoundingBox(新矩形(100100));
t、 setLiteral(“%DSBlank\n”);
sigApp.setReason(“我同意”);
sigApp.setLocation(“您的位置”);
setImage(Image.getInstance(yourImageOfASignature));
sigApp.setImageScale(0f);
sigApp.setSignDate(签名时间);
PdfSignature dic=新的PdfSignature(PdfName.ADOBE_PPKLITE,PdfName.ADBE_PKCS7_);
dic.设置日期(新PdfDate(签名时间));
dic.setName(PdfPKCS7.getSubjectFields((X509Certificate)this.chain[0]).getField(“CN”);
sigApp.setCryptoDictionary(dic);
int estimatedSize=8192;
HashMap排除=新HashMap();
排除项.put(PdfName.CONTENTS,Integer.valueOf(estimatedSize*2+2));
信号预关闭(除外);
//散列pdfSigApp.getRangeStream()并在byte[]signatureContent中创建PKCS#7签名容器
PdfPKCS7 pk7=新的PdfPKCS7(this.privateKey,this.chain,null,“SHA-256”,null,false);
MessageDigest=MessageDigest.getInstance(“SHA-256”);
字节[]buf=新字节[estimatedSize];
int n;
InputStream inp=sigApp.getRangeStream();
而((n=inp.read(buf))>0){
messageDigest.update(buf,0,n);
}
inp.close();
字节[]哈希=messageDigest.digest();
字节[]sh=pk7.getAuthenticatedAttributeBytes(散列,签名时间,null);
pk7.update(sh,0,sh.length);
PdfDictionary dic2=新的PdfDictionary();
字节[]encodedSig=pk7.getEncodedPKCS7(散列,签名时间);
byte[]paddedSig=新字节[estimatedSize];
//插入pkcs7容器
if(编码符号长度>填充符号长度){
抛出新的SigningException(“内部签名错误-必须增加签名大小限制”);
}
System.arraycopy(encodedSig,0,paddedSig,0,encodedSig.length);
dic2.put(PdfName.CONTENTS,新的PdfString(paddedSig.setHexWriting(true));
sigApp.close(dic2);
PdfStamper stamper = PdfStamper.createSignature(super.reader, this.os, '\0',null,true);
PdfSignatureAppearance sigApp = stamper.getSignatureAppearance();
if(signatureFieldName==null){
//for new signatures
sigApp.setVisibleSignature(new Rectangle(lowerLeftX, lowerLeftY, upperRightX, upperRightY),pageNumber, signatureFieldName);
}
else{
//existing signatures
sigApp.setVisibleSignature(signatureFieldName);
}
sigApp.setAcro6Layers(true);
sigApp.setLayer4Text("");
//signer name
sigApp.setLayer2Text("");
//No question mark should appear -> overwrite layer 1
PdfTemplate t = sigApp.getLayer(1);
t.setBoundingBox(new Rectangle(100, 100));
t.setLiteral("% DSBlank\n");
sigApp.setReason("I agree");
sigApp.setLocation("Your location");
sigApp.setImage(Image.getInstance(yourImageOfASignature));
sigApp.setImageScale(0f);
sigApp.setSignDate(signingTime);
PdfSignature dic = new PdfSignature(PdfName.ADOBE_PPKLITE,PdfName.ADBE_PKCS7_DETACHED);
dic.setDate(new PdfDate(signingTime));
dic.setName(PdfPKCS7.getSubjectFields((X509Certificate)this.chain[0]).getField("CN"));
sigApp.setCryptoDictionary(dic);
int estimatedSize=8192;
HashMap<PdfName, Integer> exclusions = new HashMap<>();
exclusions.put(PdfName.CONTENTS, Integer.valueOf(estimatedSize*2+2));
sigApp.preClose(exclusions);
//hash pdfSigApp.getRangeStream() and create a PKCS#7 signature container in a byte[] signatureContent
PdfPKCS7 pk7 = new PdfPKCS7(this.privateKey, this.chain, null, "SHA-256", null, false);
MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
byte[] buf = new byte[estimatedSize];
int n;
InputStream inp = sigApp.getRangeStream();
while ((n = inp.read(buf)) > 0) {
messageDigest.update(buf, 0, n);
}
inp.close();
byte[] hash = messageDigest.digest();
byte[] sh = pk7.getAuthenticatedAttributeBytes(hash, signTime, null);
pk7.update(sh, 0, sh.length);
PdfDictionary dic2 = new PdfDictionary();
byte[] encodedSig = pk7.getEncodedPKCS7(hash, signTime);
byte[] paddedSig = new byte[estimatedSize];
//insert pkcs7 container
if(encodedSig.length>paddedSig.length){
throw new SigningException("Internal signing error - signature size constraints must be increased.");
}
System.arraycopy(encodedSig, 0, paddedSig, 0, encodedSig.length);
dic2.put(PdfName.CONTENTS, new PdfString(paddedSig).setHexWriting(true));
sigApp.close(dic2);
PdfStamper stamper=PdfStamper.createSignature(super.reader,this.os,'\0',null,true);
PdfSignatureAppearance sigApp=stamper.getSignatureAppearance();
如果(signatureFieldName==null){
//新签名
sigApp.setVisibleSignature(新矩形(lowerLeftX、lowerLeftY、upperRightX、upperRightY)、页码、signatureFieldName);
}
否则{
//现有签名
sigApp.setVisibleSignature(signatureFieldName);
}
sigApp.setAcro6Layers(真);
sigApp.setLayer4Text(“”);
//签名人姓名
sigApp.setLayer2Text(“”);
//不应出现问号->覆盖层1
PdfTemplate t=sigApp.getLayer(1);
t、 setBoundingBox(新矩形(100100));
t、 setLiteral(“%DSBlank\n”);
sigApp.setReason(“我同意”);
sigApp.setLocation(“您的位置”);
setImage(Image.getInstance(yourImageOfASignature));
sigApp.setImageScale(0f);
sigApp.setSignDate(签名时间);
PdfSignature dic=新的PdfSignature(PdfName.ADOBE_PPKLITE,PdfName.ADBE_PKCS7_);
dic.设置日期(新PdfDate(签名时间));
dic.setName(PdfPKCS7.getSubjectFields((X509Certificate)this.chain[0]).getField(“CN”);
sigApp.setCryptoDictionary(dic);
int estimatedSize=8192;
HashMap排除=新HashMap();
排除项.put(PdfName.CONTENTS,Integer.valueOf(estimatedSize*2+2));
信号预关闭(除外);
//散列pdfSigApp.getRangeStream()并在byte[]signatureContent中创建PKCS#7签名容器
PdfPKCS7 pk7=新的PdfPKCS7(this.privateKey,this.chain,null,“SHA-256”,null,false);
MessageDigest=MessageDigest.getInstance(“SHA-256”);
字节[]buf=新字节[estimatedSize];
int n;
InputStream inp=sigApp.getRangeStream();
而((n=inp.read(buf))>0){
messageDigest.update(buf,0,n);
}
inp.close();
字节[]哈希=messageDigest.digest();
字节[]sh=pk7.getAuthenticatedAttributeBytes(散列,签名时间,null);
pk7.update(sh,0,sh.length);
PdfDictionary dic2=新的PdfDictionary();
字节[]encodedSig=pk7.getEncodedPKCS7(散列,签名时间);
byte[]paddedSig=新字节[estimatedSize];
//插入pkcs7容器
if(编码符号长度>填充符号长度){
抛出新的SigningException(“内部签名错误-必须增加签名大小限制”);
}
System.arraycopy(encodedSig,0,paddedSig,0,encodedSig.length);
dic2.put(PdfName.CONTENTS,新的PdfString(paddedSig.setHexWriting(true));
sigApp.close(dic2);
setAcro6Layers(true)setAcro6Layers(true)