PDFBox+充气城堡 - 签名 PDF
我正在尝试使用 PdfBox (和 BouncyCastle)对 PDF 进行数字签名(加密?)
我已经创建了密钥库和证书:
%java_home%\bin\keytool -genkey -alias razor -keypass testkeypass -storepass teststorepass -keystore test-keystore.jks -validity 360 -dname "CN=razor, OU=myorg, O=my.org, L=Mycity, C=PL"
%java_home%\bin\keytool -export -alias razor -keypass testkeypass -storepass teststorepass -keystore test-keystore.jks -file test-cert.cer
现在我正在尝试使用 PdfBox
org.apache.pdfbox.PDFBox Encrypt -certFile test-cert.cer -canModify false -canPrint false test.pdf test-signed-out.pdf
,但我得到了:
Encrypt failed with the following exception:
org.apache.pdfbox.exceptions.COSVisitorException: Cannot find any provider supporting 1.2.840.10040.4.1
at org.apache.pdfbox.pdfwriter.COSWriter.write(COSWriter.java:1025)
at org.apache.pdfbox.pdmodel.PDDocument.save(PDDocument.java:914)
at org.apache.pdfbox.pdmodel.PDDocument.save(PDDocument.java:895)
at org.apache.pdfbox.Encrypt.encrypt(Encrypt.java:189)
at org.apache.pdfbox.Encrypt.main(Encrypt.java:53)
at org.apache.pdfbox.PDFBox.main(PDFBox.java:40)
org.apache.pdfbox.exceptions.CryptographyException: Cannot find any provider supporting 1.2.840.10040.4.1
at org.apache.pdfbox.pdmodel.encryption.PublicKeySecurityHandler.prepareDocumentForEncryption(PublicKeySecurityHandler.java:344)
at org.apache.pdfbox.pdfwriter.COSWriter.write(COSWriter.java:1016)
有什么问题吗?我做错了什么?
我可以在已经签名(由 iText)的 PDF 上使用 PDFBox ShowCertificate: 签名算法:SHA1withDSA,OID = 1.2.840.10040.4.3
I'm trying to digitally sign (encrypt?) PDF using PdfBox (and BouncyCastle)
i've created keystore and cert:
%java_home%\bin\keytool -genkey -alias razor -keypass testkeypass -storepass teststorepass -keystore test-keystore.jks -validity 360 -dname "CN=razor, OU=myorg, O=my.org, L=Mycity, C=PL"
%java_home%\bin\keytool -export -alias razor -keypass testkeypass -storepass teststorepass -keystore test-keystore.jks -file test-cert.cer
Now i'm trying to use PdfBox
org.apache.pdfbox.PDFBox Encrypt -certFile test-cert.cer -canModify false -canPrint false test.pdf test-signed-out.pdf
and i've got:
Encrypt failed with the following exception:
org.apache.pdfbox.exceptions.COSVisitorException: Cannot find any provider supporting 1.2.840.10040.4.1
at org.apache.pdfbox.pdfwriter.COSWriter.write(COSWriter.java:1025)
at org.apache.pdfbox.pdmodel.PDDocument.save(PDDocument.java:914)
at org.apache.pdfbox.pdmodel.PDDocument.save(PDDocument.java:895)
at org.apache.pdfbox.Encrypt.encrypt(Encrypt.java:189)
at org.apache.pdfbox.Encrypt.main(Encrypt.java:53)
at org.apache.pdfbox.PDFBox.main(PDFBox.java:40)
org.apache.pdfbox.exceptions.CryptographyException: Cannot find any provider supporting 1.2.840.10040.4.1
at org.apache.pdfbox.pdmodel.encryption.PublicKeySecurityHandler.prepareDocumentForEncryption(PublicKeySecurityHandler.java:344)
at org.apache.pdfbox.pdfwriter.COSWriter.write(COSWriter.java:1016)
Whats the problem ? what i'm doing wrong ?
I can use PDFBox ShowCertificate on already signed (by iText) PDF:
Signature Algorithm: SHA1withDSA, OID = 1.2.840.10040.4.3
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
我不熟悉 PDFBox,但我认为你的问题是“加密”命令行工具不进行签名。您似乎已创建 DSA 证书/密钥。 DSA 用于数字签名。该例外反映了 DSA 不是有效的加密算法这一事实。
我看到一些关于使用 PDFBox 签名的参考,但我不认为这是正确的方法。
I am not familiar with PDFBox, but I think your problem is that the "Encrypt" command line tool doesn't do signing. You appear to have created a DSA certificate/key. DSA is for digital signatures. The exception reflects the fact that DSA is not a valid algorithm for encryption.
I saw some references to signing with PDFBox, but I don't think this is the way.
您将需要添加提供商。
您可以使用一行代码来完成此操作。
Security.addProvider(new BouncyCastleProvider());
安全性 - 来自 java.security.Security
显然,您需要首先导入 BouncyCastleProviderStuff。
哎呀 - 我刚刚注意到您正在使用一些 PDFBox 工具从命令行执行此操作。
不确定如何在那里添加提供者。
You will need to add provider.
You can do this with single line of code.
Security.addProvider(new BouncyCastleProvider());
Security - from java.security.Security
Obviously you will need to import BouncyCastleProviderStuff first.
Whoops - I just noticed you are doing it from command line with some PDFBox tools.
Not sure how you can add provider there.