PDF文档的数字签名

时间:2018-10-30 07:57:09

标签: java pdf itext digital-signature pdfstamper

是否可以为已经签名的PDF文档生成数字签名?我正在使用以下代码为PDF文档生成数字签名。

public void sign(String src, String dest, Certificate[] chain, PrivateKey 
   pk, String digestAlgorithm,String provider, CryptoStandard subfilter, 
   String reason, String location) {


        PdfReader reader;
        FileOutputStream os;
        PdfStamper stamper;

        try {
            reader = new PdfReader(src);
            File destFile = new File(dest);
            String destFilePath = destFile.getAbsolutePath();
            System.out.println("destFilePath=====" + destFilePath);
            os = new FileOutputStream(dest);
            System.out.println("File output " + os);
            stamper = PdfStamper.createSignature(reader, os, '\0');
            System.out.println("stamper " + stamper.getSignatureAppearance());
            // Creating the appearance
            PdfSignatureAppearance appearance = stamper.getSignatureAppearance();
            System.out.println("Appearance " + appearance);
            // appearance.setImage(Image.getInstance("F:/Unibrain/EbidUploadedFolder/" +
            // "/resources/55.png"));
            appearance.setImage(Image.getInstance("F:\\55.png"));
            // appearance.setReason(reason);
            // appearance.setLocation(location);
            appearance.setVisibleSignature(new Rectangle(800, 732, 512, 780), 1, "sig");
            appearance.setRenderingMode(PdfSignatureAppearance.RenderingMode.GRAPHIC_AND_DESCRIPTION);
            appearance.setRenderingMode(PdfSignatureAppearance.RenderingMode.NAME_AND_DESCRIPTION);
            Rectangle cropbox = reader.getCropBox(1);
            float width = 250;
            float height = 50;
            Rectangle rectangle = new Rectangle(cropbox.getRight(width), cropbox.getBottom(), cropbox.getRight(),
                    cropbox.getBottom(height));
            cropbox.setBorderWidth(5);
            appearance.setVisibleSignature(rectangle, 1, "sig");
            // Creating the signature
            ExternalDigest digest = new BouncyCastleDigest();
            System.out.println("digest " + digest);
            ExternalSignature signature = new PrivateKeySignature(pk, digestAlgorithm, provider);
            System.out.println("Signature " + signature);
            MakeSignature.signDetached(appearance, digest, signature, chain, null, null, null, 0, subfilter);

        } catch (Exception e) {
            e.printStackTrace();
        }
    }

1 个答案:

答案 0 :(得分:0)

  

是否可以为已经签名的PDF文档生成数字签名?

通常是,但是必须在增量更新中添加其他签名,以使先前存在的签名无效。有关某些背景,请参见this answer

对于您的代码,这意味着您必须替换该行

stamper = PdfStamper.createSignature(reader, os, '\0');

作者

stamper = PdfStamper.createSignature(reader, os, '\0', null, true);

true表示签名应以附加模式应用,这是iText术语,用于在增量更新中添加更改。

此外,您必须确保在不同的表单字段中创建了新签名。您的代码将签名添加到已编码的字段“ sig”中:

appearance.setVisibleSignature(new Rectangle(800, 732, 512, 780), 1, "sig");

如果您知道现有签名的字段名称不同,那么可以。否则,您可能希望用null替换“ sig”,这会使iText为新签名创建一个唯一的字段名称。


在上面我说“通常是”-例外,如果原始签名是带有“不允许更改”的认证签名,那么应用附加签名会破坏原始签名,因为应用它是更改。