Android证书类型问题

时间:2017-02-05 12:01:50

标签: android certificate

我需要证书才能在Android应用中签署PDF文件。好像我只能使用pfx或p12类型(在iText中)签名。 我到现在所拥有的:

  1. Android应用程序为服务器生成证书签名请求;
  2. 服务器以
    3. 的形式返回证书数据

    -----开始证书----- -----结束证书-----

    服务器返回X509证书,我不能用它来签署PDF。有没有办法从cer(由上面的数据构建)转换为p12?任何信息都将不胜感激。

2 个答案:

答案 0 :(得分:1)

通常,要对文档进行数字签名,您需要私钥和证书(可能还有证书链),并且您同时拥有:

  • 私钥用于签署发送给服务器的证书签名请求(包括某些证书数据,如CN和公钥)

  • 服务器返回证书(可能还有链)

我不是itext的专家,但您可以在this example中看到签名是使用私钥和链完成的。 pkcs12密钥库仅用于提取密钥和链。

public void signPdfFirstTime(String src, String dest)
    throws IOException, DocumentException, GeneralSecurityException {
    String path = properties.getProperty("PRIVATE");
    String keystore_password = properties.getProperty("PASSWORD");
    String key_password = properties.getProperty("PASSWORD");
    KeyStore ks = KeyStore.getInstance("pkcs12", "BC");
    ks.load(new FileInputStream(path), keystore_password.toCharArray());
    String alias = (String)ks.aliases().nextElement();
    PrivateKey pk = (PrivateKey) ks.getKey(alias, key_password.toCharArray());
    Certificate[] chain = ks.getCertificateChain(alias);
    // reader and stamper
    PdfReader reader = new PdfReader(src);
    FileOutputStream os = new FileOutputStream(dest);
    PdfStamper stamper = PdfStamper.createSignature(reader, os, '\0');
    // appearance
    PdfSignatureAppearance appearance = stamper .getSignatureAppearance();
    appearance.setImage(Image.getInstance(RESOURCE));
    appearance.setReason("I've written this.");
    appearance.setLocation("Foobar");
    appearance.setVisibleSignature(new Rectangle(72, 732, 144, 780), 1,    "first");
    // digital signature
    ExternalSignature es = new PrivateKeySignature(pk, "SHA-256", "BC");
    ExternalDigest digest = new BouncyCastleDigest();
    MakeSignature.signDetached(appearance, digest, es, chain, null, null, null, 0, CryptoStandard.CMS);
}

答案 1 :(得分:0)

我找到了this。希望它有所帮助

        String password = "password";
        String text = "545048";
        KeyStore keyStore = KeyStore.getInstance("pkcs12");
        InputStream inputStream = activity.getResources().openRawResource(R.raw.am_client);
        keyStore.load(inputStream, password.toCharArray());

        String alias = keyStore.aliases().nextElement();
        PrivateKey privateKey = (PrivateKey)keyStore.getKey(alias, password.toCharArray());
        X509Certificate certificate = (X509Certificate)keyStore.getCertificate(alias);

        //Sign Data
        byte[] dataToSign = text.getBytes("UTF-8"); //change to UTF-16 if needed
        Signature signature1 = Signature.getInstance("SHA1WithRSA");
        signature1.initSign(privateKey);
        signature1.update(dataToSign);
        byte[] signedData = signature1.sign();
        String signed = new String(signedData, "UTF-8"); //change to UTF-16 if needed
        Log.d("MESSAGE", "string = " + signed);
相关问题
最新问题