如何使用 Java 对具有可见签名和文本的 PDF 文档进行数字签名
How to digitally sign a PDF document with visible signature and text using Java
我正在尝试使用 PDFBox Library 使用 Java 对 PDF 文件进行数字签名,其中可见文本显示在签名字段(如附件图像)中。我尝试了以下代码并收到以下警告,
WARN org.apache.pdfbox.pdmodel.interactive.form.PDSignatureField -
Appearance generation for signature fields not yet implemented - you
need to generate/update that manually
代码如下,
PDDocument pDDocument = PDDocument.load(new File("input.pdf"));
PDDocumentCatalog pDDocumentCatalog = pDDocument.getDocumentCatalog();
PDAcroForm pDAcroForm = pDDocumentCatalog.getAcroForm();
PDSignatureField pDSignatureField = (PDSignatureField) pDAcroForm.getField("signatureField");
PDSignature pDSignature = new PDSignature();
KeyStore keyStore = KeyStore.getInstance("PKCS12");
keyStore.load(new FileInputStream("pfxfile.pfx"), "password".toCharArray());
byte[] bytes = IOUtils.toByteArray(new FileInputStream("pfxfile.pfx"));
pDSignature.setContents(bytes);
pDSignatureField.setValue(pDSignature);
FileOutputStream fileOutputStream = new FileOutputStream("output.pdf");
pDDocument.saveIncremental(fileOutputStream);
那么我做错了什么?或者除了 PDFBox 之外还有其他解决方案吗?
您可以使用 iText 轻松完成此操作。这是一个使用 iText 7 的有效解决方案。您可以从他们的 examples.
查看更多信息
public static void digitalSignature(String sourceFile, String signatureFieldName, String outputFile, Certificate[] certificateChain, PrivateKey privateKey, String digestAlgorithm,
String bouncyCastleProvider, PdfSigner.CryptoStandard cryptoStandardSubFilter, String reason, String location)
throws GeneralSecurityException, IOException {
PdfReader pdfReader = new PdfReader(sourceFile);
PdfSigner pdfSigner = new PdfSigner(pdfReader, new FileOutputStream(outputFile), new StampingProperties());
// Create the signature appearance
PdfSignatureAppearance pdfSignatureAppearance = pdfSigner.getSignatureAppearance()
.setReason(reason)
.setLocation(location);
// This name corresponds to the name of the field that already exists in the document.
pdfSigner.setFieldName(signatureFieldName);
pdfSignatureAppearance.setRenderingMode(PdfSignatureAppearance.RenderingMode.NAME_AND_DESCRIPTION);
IExternalSignature iExternalSignature = new PrivateKeySignature(privateKey, digestAlgorithm, bouncyCastleProvider);
IExternalDigest iExternalDigest = new BouncyCastleDigest();
// Sign the document using the detached mode, CMS, or CAdES equivalent.
pdfSigner.signDetached(iExternalDigest, iExternalSignature, certificateChain, null, null, null, 0, cryptoStandardSubFilter);
}
public static void main(String[] args) throws IOException, GeneralSecurityException {
BouncyCastleProvider bouncyCastleProvider = new BouncyCastleProvider();
Security.addProvider(bouncyCastleProvider);
KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
keyStore.load(new FileInputStream("path/to/keystore/file"), "password".toCharArray());
String alias = keyStore.aliases().nextElement();
PrivateKey privateKey = (PrivateKey) keyStore.getKey(alias, "password".toCharArray());
Certificate[] certificateChain = keyStore.getCertificateChain(alias);
digitalSignature("path/to/input.pdf", "Signature Field Name", "path/to/output.pdf", certificateChain, privateKey,
DigestAlgorithms.SHA256, bouncyCastleProvider.getName(), PdfSigner.CryptoStandard.CMS,
"Reason", "Location");
}
我正在尝试使用 PDFBox Library 使用 Java 对 PDF 文件进行数字签名,其中可见文本显示在签名字段(如附件图像)中。我尝试了以下代码并收到以下警告,
WARN org.apache.pdfbox.pdmodel.interactive.form.PDSignatureField - Appearance generation for signature fields not yet implemented - you need to generate/update that manually
代码如下,
PDDocument pDDocument = PDDocument.load(new File("input.pdf"));
PDDocumentCatalog pDDocumentCatalog = pDDocument.getDocumentCatalog();
PDAcroForm pDAcroForm = pDDocumentCatalog.getAcroForm();
PDSignatureField pDSignatureField = (PDSignatureField) pDAcroForm.getField("signatureField");
PDSignature pDSignature = new PDSignature();
KeyStore keyStore = KeyStore.getInstance("PKCS12");
keyStore.load(new FileInputStream("pfxfile.pfx"), "password".toCharArray());
byte[] bytes = IOUtils.toByteArray(new FileInputStream("pfxfile.pfx"));
pDSignature.setContents(bytes);
pDSignatureField.setValue(pDSignature);
FileOutputStream fileOutputStream = new FileOutputStream("output.pdf");
pDDocument.saveIncremental(fileOutputStream);
那么我做错了什么?或者除了 PDFBox 之外还有其他解决方案吗?
您可以使用 iText 轻松完成此操作。这是一个使用 iText 7 的有效解决方案。您可以从他们的 examples.
public static void digitalSignature(String sourceFile, String signatureFieldName, String outputFile, Certificate[] certificateChain, PrivateKey privateKey, String digestAlgorithm,
String bouncyCastleProvider, PdfSigner.CryptoStandard cryptoStandardSubFilter, String reason, String location)
throws GeneralSecurityException, IOException {
PdfReader pdfReader = new PdfReader(sourceFile);
PdfSigner pdfSigner = new PdfSigner(pdfReader, new FileOutputStream(outputFile), new StampingProperties());
// Create the signature appearance
PdfSignatureAppearance pdfSignatureAppearance = pdfSigner.getSignatureAppearance()
.setReason(reason)
.setLocation(location);
// This name corresponds to the name of the field that already exists in the document.
pdfSigner.setFieldName(signatureFieldName);
pdfSignatureAppearance.setRenderingMode(PdfSignatureAppearance.RenderingMode.NAME_AND_DESCRIPTION);
IExternalSignature iExternalSignature = new PrivateKeySignature(privateKey, digestAlgorithm, bouncyCastleProvider);
IExternalDigest iExternalDigest = new BouncyCastleDigest();
// Sign the document using the detached mode, CMS, or CAdES equivalent.
pdfSigner.signDetached(iExternalDigest, iExternalSignature, certificateChain, null, null, null, 0, cryptoStandardSubFilter);
}
public static void main(String[] args) throws IOException, GeneralSecurityException {
BouncyCastleProvider bouncyCastleProvider = new BouncyCastleProvider();
Security.addProvider(bouncyCastleProvider);
KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
keyStore.load(new FileInputStream("path/to/keystore/file"), "password".toCharArray());
String alias = keyStore.aliases().nextElement();
PrivateKey privateKey = (PrivateKey) keyStore.getKey(alias, "password".toCharArray());
Certificate[] certificateChain = keyStore.getCertificateChain(alias);
digitalSignature("path/to/input.pdf", "Signature Field Name", "path/to/output.pdf", certificateChain, privateKey,
DigestAlgorithms.SHA256, bouncyCastleProvider.getName(), PdfSigner.CryptoStandard.CMS,
"Reason", "Location");
}