如何在没有数字签名的情况下添加时间戳

时间:2013-06-24 11:05:39

标签: java itext bouncycastle pdfbox

我想在我的PDF文档中添加时间戳(没有数字签名)。我怎么能这样做?

我可以使用Itext进行数字签名(我这里有TSAClient):

MakeSignature.signDetached(appearance, digest, signature, chain, null, null, tsa, 0, subfilter);

但没有数字签名怎么做类似的事情?使用Bouncy Castle或Itext或Pdfbox ......或使用其他库..

3 个答案:

答案 0 :(得分:3)

在iText中,您正在寻找

LtvTimestamp.timestamp(appearance, tsa, signatureName);

另见JavaDoc文档:

/**
 * Signs a document with a PAdES-LTV Timestamp. The document is closed at the end.
 * @param sap the signature appearance
 * @param tsa the timestamp generator
 * @param signatureName the signature name or null to have a name generated
 * automatically
 * @throws DocumentException 
 * @throws IOException 
 * @throws GeneralSecurityException
 */

您可能需要阅读Digital Signatures for PDF documents中的第5.4.1节添加文档安全存储(DSS)和文档级时间戳以供在上下文中使用。

请注意,旧PDF查看器无法正确识别文档级时间戳,因为它们最近才进入PDF世界,即使用PAdES-4

答案 1 :(得分:1)

要使用PDFBox,您需要一些简单的SignatureInterface实现,如下所示:

public class TimestampSignatureImpl implements SignatureInterface {
    private TSAClient tsaClient;
    public TimestampSignatureImpl(TSAClient tsaClient) {
        super();
        this.tsaClient = tsaClient;
    }
    @Override
    public byte[] sign(InputStream paramInputStream) throws IOException {
        return tsaClient.getTimeStampToken(IOUtils.toByteArray(paramInputStream));
    }
}

和一些像这样的PDSignature:

PDSignature signature = new PDSignature();
signature.setFilter(PDSignature.FILTER_ADOBE_PPKLITE); 
signature.setSubFilter(COSName.getPDFName("ETSI.RFC3161"));
signature.setSignDate(Calendar.getInstance());

然后像这样签署你的pdf:

PDDocument pdf = PDDocument.load(inputFile);
MessageDigest digest = MessageDigest.getInstance("SHA-256");
TSAClient tsaClient = new TSAClient(new URL("your time stamp authority"), null, null, digest);
pdf.addSignature(signature, new TimestampSignatureImpl(tsaClient));
pdf.saveIncremental(new FileOutputStream(outputFile));
pdf.close();

P.S:TSAClient取自PDFBox示例。

答案 2 :(得分:0)

使用 iText7,您可以通过调用 DTS 类的以下方法添加 PdfSigner (文档时间戳)。 > 

ITSAClient tsa = new TSAClientBouncyCastle(tsaUrl, tsaUser, tsaPass);
pdfSigner.timestamp(tsa, "SignatureTimeStamp");


ITSAClient tsa = new TSAClientBouncyCastle(tsaUrl, tsaUser, tsaPass, 8192, "SHA-256"); 
pdfSigner.timestamp(tsa, "SignatureTimeStamp");

还有,java 文档

/**
 * Signs a document with a PAdES-LTV Timestamp. The document is closed at the end.
 * NOTE: This method closes the underlying pdf document. This means, that current instance
 * of PdfSigner cannot be used after this method call.
 *
 * @param tsa           the timestamp generator
 * @param signatureName the signature name or null to have a name generated
 *                      automatically
 * @throws IOException
 * @throws GeneralSecurityException
 */
相关问题
最新问题