我正在尝试检查PDF文件的给定签名是否存在时间戳。 到目前为止,我来到了这段代码:
RandomAccessFileOrArray random =
new RandomAccessFileOrArray(new File("temp.pdf").getAbsolutePath());
PdfReader reader = new PdfReader(random, null);
AcroFields af = reader.getAcroFields();
ArrayList<?> names = af.getSignatureNames();
//this are the signatures?
for (Object o : names){
AcroFields.Item item = (Item) af.getFields().get((String)o);
//this is the class for verifying the signature,
//how do I get it from the item?
PdfPKCS7 pdfPKCS7 = null; //XYZ ???
Calendar signingDate = pdfPKCS7.getTimeStampDate();
}
我显然可以访问签名,但我应该到PdfPKCS7类来验证签名。有谁知道我怎么去那里?
答案 0 :(得分:1)
您应该使用AcroFields方法verifySignature(String name)返回PdfPKCS7对象以继续验证。
该方法的JavaDocs显示了它的一个使用示例:
KeyStore kall = PdfPKCS7.loadCacertsKeyStore();
PdfReader reader = new PdfReader("my_signed_doc.pdf");
AcroFields af = reader.getAcroFields();
ArrayList names = af.getSignatureNames();
for (int k = 0; k < names.size(); ++k) {
String name = (String)names.get(k);
System.out.println("Signature name: " + name);
System.out.println("Signature covers whole document: " + af.signatureCoversWholeDocument(name));
PdfPKCS7 pk = af.verifySignature(name);
Calendar cal = pk.getSignDate();
Certificate pkc[] = pk.getCertificates();
System.out.println("Subject: " + PdfPKCS7.getSubjectFields(pk.getSigningCertificate()));
System.out.println("Document modified: " + !pk.verify());
Object fails[] = PdfPKCS7.verifyCertificates(pkc, kall, null, cal);
if (fails == null)
System.out.println("Certificates verified against the KeyStore");
else
System.out.println("Certificate failed: " + fails[1]);
}
您可以使用PdfPKCS7实例轻松添加其他代码。
Ceterum censeo ...除非您受到古老的iText版本的约束(例如由于兼容性或许可证问题),否则您应该考虑更新到当前版本。