用例如下:
我已经陷入了第4步。我已经设法从网站和PDF中获取客户端证书公钥,但不一样。公钥是2048位的SHA256 RSA。另外,我使用iTextSharp处理PDF文档。
这是我的代码:
HttpRequest request = context.Request;
HttpClientCertificate cert = request.ClientCertificate;
//get public key from client certificate
string certKey = BitConverter.ToString(cert.PublicKey).Replace("-", " ")
//now gets PDF and retrieves public key
PdfReader pdfreader = new PdfReader("path_to_pdf");
AcroFields fields = pdfreader.AcroFields;
AcroFields.Item item = fields.GetFieldItem("Signature1");
List<string> names = fields.GetSignatureNames();
foreach (string name in names){
PdfDictionary dict = fields.GetSignatureDictionary(name);
PdfPKCS7 pkcs7 = fields.VerifySignature(name);
Org.BouncyCastle.X509.X509Certificate cert = pkcs7.SigningCertificate;
//get public key from PDF cert
SubjectPublicKeyInfo publicKeyInfo = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(cert.GetPublicKey());
byte[] serializedPublicBytes = publicKeyInfo.ToAsn1Object().GetDerEncoded();
string serializedPublic = BitConverter.ToString(serializedPublicBytes).Replace("-", " ");
}
使用此代码,certKey和serializedPublic不一样。