数字签名和时间戳java中的PDF

时间:2013-07-26 04:39:55

标签: java pdf digital-signature trusted-timestamp

我想将数字签名附加到Java中的PDF文件中,然后使用受信任的时间戳权限为此文件添加时间戳。

我该怎么做?

3 个答案:

答案 0 :(得分:2)

使用私钥将您的数字证书导出到pfx文件。

将iText与BouncyCastle一起使用:

Document document = new Document();
ByteArrayOutputStream baos = new ByteArrayOutputStream();
PdfWriter.getInstance(document, baos);
document.open();
document.add(new Paragraph("Hello World!"));
document.close();


    PdfReader reader = new PdfReader(baos.toByteArray());
    OutputStream os = new FileOutputStream("c:\\temp\\sign\\test.pdf");
    PdfStamper stamper = PdfStamper.createSignature(reader, os, '\0');

    // Creating the appearance
    PdfSignatureAppearance appearance = stamper.getSignatureAppearance();
    appearance.setReason("REASON");
    appearance.setLocation("LOCATION");

    appearance.setVisibleSignature(new Rectangle(36, 748, 144, 780), 1, "sig");

    Security.addProvider(new BouncyCastleProvider());

    FileInputStream fis = new FileInputStream("c:\\ssl\\test.pfx");
    String password = "myPassword";

    KeyStore ks = KeyStore.getInstance("pkcs12");
    ks.load(fis, password.toCharArray());
    String alias = ks.aliases().nextElement();

    PrivateKey pk = (PrivateKey) ks.getKey(alias, password.toCharArray());
    X509Certificate cert = (X509Certificate) ks.getCertificate(alias);

    TSAClient tsc = new TSAClientBouncyCastle("http://timestampserverURL/");
    ExternalDigest digest = new BouncyCastleDigest();
    ExternalSignature signature = new PrivateKeySignature(pk, "SHA-1", "BC");
    MakeSignature.signDetached(appearance, digest, signature, new Certificate[] { cert }, null, null, tsc, 0,
            CryptoStandard.CMS);

Maven依赖:

<dependency>
    <groupId>org.bouncycastle</groupId>
    <artifactId>bcprov-jdk15on</artifactId>
    <version>1.49</version>
</dependency>

<dependency>
    <groupId>org.bouncycastle</groupId>
    <artifactId>bcmail-jdk15on</artifactId>
    <version>1.49</version>
</dependency>
<dependency>
    <groupId>org.bouncycastle</groupId>
    <artifactId>bctsp-jdk15on</artifactId>
    <version>1.46</version>
</dependency>


<dependency>
    <groupId>com.itextpdf</groupId>
    <artifactId>itextpdf</artifactId>
    <version>5.4.2</version>
</dependency>

答案 1 :(得分:0)

您可以通过其HTTP RESTful界面使用Securo API

应用的时间戳采用RFC3161分离格式,所有时间戳均由欧盟认可的合格证书颁发机构颁发。

免责声明:securo的共同创始人

答案 2 :(得分:0)

DigiStamp在SecureTime API工具包中提供PDF签名和时间戳功能,当您create a free test account(并获得对测试服务器的访问权限)时,您将获得指向它的链接。该工具包使用了BouncyCastle和旧的免费版iText。

Qoppa has a newer toolkit具有各种PDF功能,但会对其使用收费。

免责声明:我在DigiStamp工作