签署 PDF 文件

发布于 2024-08-13 01:10:20 字数 2042 浏览 13 评论 0原文

我使用iTextSharp来签署PDF文件。但Adobe Reader无法验证我的签名。我使用由证书颁发机构生成的 SHA-2 测试证书(我也尝试过 SHA-1)。我已经安装了根证书用于该机构的测试证书。

public static void SignHashed(X509Certificate2 card, Stream input, Stream output) {
    Org.BouncyCastle.X509.X509CertificateParser cp = new Org.BouncyCastle.X509.X509CertificateParser();
    Org.BouncyCastle.X509.X509Certificate[] chain = new Org.BouncyCastle.X509.X509Certificate[] { cp.ReadCertificate(card.RawData) };

    PdfReader reader = new PdfReader(input);
    PdfStamper stp = PdfStamper.CreateSignature(reader, output, '\0');
    PdfSignatureAppearance sap = stp.SignatureAppearance;
    sap.SignDate = DateTime.Now;
    sap.SetCrypto(null, chain, null, PdfSignatureAppearance.WINCER_SIGNED);
    sap.Reason = "Testování";
    sap.Location = "Praha";
    sap.Acro6Layers = true;
    sap.Render = PdfSignatureAppearance.SignatureRender.GraphicAndDescription;
    PdfSignature dic = new PdfSignature(PdfName.ADOBE_PPKMS, PdfName.ADBE_PKCS7_SHA1);
    dic.Date = new PdfDate(sap.SignDate);
    dic.Name = PdfPKCS7.GetSubjectFields(chain[0]).GetField("CN");
    if (sap.Reason != null) dic.Reason = sap.Reason;
    if (sap.Location != null) dic.Location = sap.Location;
    sap.CryptoDictionary = dic;
    int csize = 4000;
    Hashtable exc = new Hashtable();
    exc[PdfName.CONTENTS] = csize * 2 + 2;
    sap.PreClose(exc);

    System.Security.Cryptography.HashAlgorithm sha = new System.Security.Cryptography.SHA1CryptoServiceProvider();

    Stream s = sap.RangeStream;
    int read = 0;
    byte[] buff = new byte[8192];
    while ((read = s.Read(buff, 0, 8192)) > 0) {
        sha.TransformBlock(buff, 0, read, buff, 0);
    }
    sha.TransformFinalBlock(buff, 0, 0);
    byte[] pk = SignMsg(sha.Hash, card, false);

    byte[] outc = new byte[csize];

    PdfDictionary dic2 = new PdfDictionary();

    Array.Copy(pk, 0, outc, 0, pk.Length);

    dic2.Put(PdfName.CONTENTS, new PdfString(outc).SetHexWriting(true));
    sap.Close(dic2);
}

有谁知道签署 PDF 的更好解决方案吗?

I use iTextSharp to sign a PDF file. But Adobe Reader cannot verify my signature. I use SHA-2 test certificate (I tried also SHA-1) generated by certification authority. I have installed root certificate for test certificates of this authority.

public static void SignHashed(X509Certificate2 card, Stream input, Stream output) {
    Org.BouncyCastle.X509.X509CertificateParser cp = new Org.BouncyCastle.X509.X509CertificateParser();
    Org.BouncyCastle.X509.X509Certificate[] chain = new Org.BouncyCastle.X509.X509Certificate[] { cp.ReadCertificate(card.RawData) };

    PdfReader reader = new PdfReader(input);
    PdfStamper stp = PdfStamper.CreateSignature(reader, output, '\0');
    PdfSignatureAppearance sap = stp.SignatureAppearance;
    sap.SignDate = DateTime.Now;
    sap.SetCrypto(null, chain, null, PdfSignatureAppearance.WINCER_SIGNED);
    sap.Reason = "Testování";
    sap.Location = "Praha";
    sap.Acro6Layers = true;
    sap.Render = PdfSignatureAppearance.SignatureRender.GraphicAndDescription;
    PdfSignature dic = new PdfSignature(PdfName.ADOBE_PPKMS, PdfName.ADBE_PKCS7_SHA1);
    dic.Date = new PdfDate(sap.SignDate);
    dic.Name = PdfPKCS7.GetSubjectFields(chain[0]).GetField("CN");
    if (sap.Reason != null) dic.Reason = sap.Reason;
    if (sap.Location != null) dic.Location = sap.Location;
    sap.CryptoDictionary = dic;
    int csize = 4000;
    Hashtable exc = new Hashtable();
    exc[PdfName.CONTENTS] = csize * 2 + 2;
    sap.PreClose(exc);

    System.Security.Cryptography.HashAlgorithm sha = new System.Security.Cryptography.SHA1CryptoServiceProvider();

    Stream s = sap.RangeStream;
    int read = 0;
    byte[] buff = new byte[8192];
    while ((read = s.Read(buff, 0, 8192)) > 0) {
        sha.TransformBlock(buff, 0, read, buff, 0);
    }
    sha.TransformFinalBlock(buff, 0, 0);
    byte[] pk = SignMsg(sha.Hash, card, false);

    byte[] outc = new byte[csize];

    PdfDictionary dic2 = new PdfDictionary();

    Array.Copy(pk, 0, outc, 0, pk.Length);

    dic2.Put(PdfName.CONTENTS, new PdfString(outc).SetHexWriting(true));
    sap.Close(dic2);
}

Does anyone knows better solution for sign a PDF?

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(1

↘人皮目录ツ 2024-08-20 01:10:20

Adobe Reader 无法验证签名,因为需要在“高级”菜单的“管理可信身份”选项中将 CA 链导入到 Adob​​e Reader。
祝你好运!

Adobe Reader can't verify the sign because need to import the CA chain to Adobe Reader in Advanced menú, option "Manage Trusted Identities".
Good luck!

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文