Question

用例如下：

用户进入需要出示证书的网站
如果有效，用户可以下载PDF并使用相同的证书进行签名
上传PDF
服务器验证PDF由提供给网站的相同证书签名。

我已经陷入了第4步。我已经设法从网站和PDF中获取客户端证书公钥，但不一样。公钥是2048位的SHA256 RSA。另外，我使用iTextSharp处理PDF文档。

这是我的代码：

 HttpRequest request = context.Request;

 HttpClientCertificate cert = request.ClientCertificate;

 //get public key from client certificate
 string certKey = BitConverter.ToString(cert.PublicKey).Replace("-", " ")

 //now gets PDF and retrieves public key
 PdfReader pdfreader = new PdfReader("path_to_pdf");


 AcroFields fields = pdfreader.AcroFields;
 AcroFields.Item item = fields.GetFieldItem("Signature1");
 List<string> names = fields.GetSignatureNames();

 foreach (string name in names){
     PdfDictionary dict = fields.GetSignatureDictionary(name);
     PdfPKCS7 pkcs7 = fields.VerifySignature(name);
     Org.BouncyCastle.X509.X509Certificate cert = pkcs7.SigningCertificate;

     //get public key from PDF cert
     SubjectPublicKeyInfo publicKeyInfo = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(cert.GetPublicKey());
     byte[] serializedPublicBytes = publicKeyInfo.ToAsn1Object().GetDerEncoded();
     string serializedPublic = BitConverter.ToString(serializedPublicBytes).Replace("-", " ");
 }

使用此代码，certKey和serializedPublic不一样。

C＃ - 从PDF签名中获取公钥

0 个答案: