我最近使用apache POI库实现了办公文档的数字签名和验证。我现在希望为此添加验证,以便我可以证明该文档是由受信任的用户签名的。我已经尝试了以下代码但没有成功我认为因为对“getSigningCertificateChain”的调用是空的但我不确定如何正确加载这样的签名将存在?这是我目前的代码:
pkg = OPCPackage.open(Dir, PackageAccess.READ);
sic = new SignatureConfig();
sic.setOpcPackage(pkg);
SignatureInfo si = new SignatureInfo();
si.setSignatureConfig(sic);
isValid = si.verifySignature();
X509Certificate x509a = (X509Certificate) sic.getSigningCertificateChain().get(0);
FileInputStream fin = new FileInputStream("C:\myCer.cer");
CertificateFactory f = CertificateFactory.getInstance("X.509");
X509Certificate certificate = (X509Certificate)f.generateCertificate(fin);
PublicKey pk = certificate.getPublicKey();
x509a.verify(pk);
任何人都有幸实现这一点。
答案 0 :(得分:0)
您必须根据发行人Common Name = {myCer.cer} Common Name从链中选择证书,然后尝试验证
PublicKey pk = selectedIssuedCertificate.getPublicKey();
x509a.verify(pk);
我希望这可以帮助