签名PADES-BES标准ETSI TS 102 778-3与iText

时间:2016-10-11 07:55:18

标签: c# pdf itext digital-signature pades

我用iText实现了PADES-BES签名,但这个签名并不完全遵循标准的ETSI TS 102778-3。 我不明白代码(下面)签名中缺少的是“标准ETSI”。

这是我的代码(C#.NET):

int contentsSize = 8192;
FileStream streamsigned = new FileStream(filetosign, FileMode.Create, FileAccess.Write);
PdfReader reader = new PdfReader(filetosign);
PdfStamper stp = PdfStamper.CreateSignature(reader, streamsigned, '\0',                    null, true);

sap = stp.SignatureAppearance;
dic = new PdfSignature(PdfName.ADOBE_PPKLITE, PdfName.ETSI_CADES_DETACHED);

sap.CryptoDictionary = dic;
System.Collections.Generic.Dictionary<PdfName, int> exc = new System.Collections.Generic.Dictionary<PdfName, int>();
                exc.Add(PdfName.CONTENTS, contentSize * 2 + 2);
sap.PreClose(exc);

Stream data = sap.GetRangeStream();
System.Security.Cryptography.SHA256Managed sha = new System.Security.Cryptography.SHA256Managed();
byte[] hashToSign = sha.ComputeHash(data);

//here sign hash with an external device 
byte[] hashSigned = signservice.pkcs7signhash(hashToSign, ...);

byte[] paddedSig = new byte[contentsSize];

System.Array.Copy(hashSigned, 0, paddedSig, 0, hashSigned.Length);
PdfDictionary pdfDictionary = new PdfDictionary();
pdfDictionary.Put(PdfName.CONTENTS, new PdfString(paddedSig).SetHexWriting(true));

sap.Close(pdfDictionary);

0 个答案:

没有答案