使用iTextSharp将数字签名添加到PDF-智能卡证书（受PIN保护）

Question

我使用以下代码对PDF文档进行签名，但是我总是得到无效的证书。

private void SignWithThisCert(X509Certificate2 cert)
        {
string SourcePdfFileName = Application.StartupPath + @"\Document.pdf";
string DestPdfFileName = Application.StartupPath + @"\Document.Signed.pdf";
Org.BouncyCastle.X509.X509CertificateParser cp = new Org.BouncyCastle.X509.X509CertificateParser();
Org.BouncyCastle.X509.X509Certificate[] chain = new Org.BouncyCastle.X509.X509Certificate[] { cp.ReadCertificate(cert.RawData) };

IExternalSignature externalSignature = new X509Certificate2Signature(cert, "SHA256");
PdfReader pdfReader = new PdfReader(SourcePdfFileName);
FileStream signedPdf = new FileStream(DestPdfFileName, FileMode.Create);  //the output pdf file
PdfStamper pdfStamper = PdfStamper.CreateSignature(pdfReader, signedPdf, '\0');
PdfSignatureAppearance signatureAppearance = pdfStamper.SignatureAppearance;

signatureAppearance.Reason = "Safe Document";
signatureAppearance.Location = "My place";            

signatureAppearance.SignatureRenderingMode = PdfSignatureAppearance.RenderingMode.GRAPHIC_AND_DESCRIPTION;
MakeSignature.SignDetached(signatureAppearance, externalSignature, chain, null, null, null, 0, CryptoStandard.CMS);
//MakeSignature.SignDetached(signatureAppearance, externalSignature, chain, null, null, null, 0, CryptoStandard.CADES);
pdfStamper.Close();
MessageBox.Show("Done");

}

然后我只调用此方法：

//Sign from SmartCard
//note : ProviderName and KeyContainerName can be found with the dos command : CertUtil -ScInfo
string ProviderName = "cv act sc/interface CSP";
string KeyContainerName = "12345e02a1dcb12ece12345f0e203c093eb2f0ef";
string PinCode = "MYPINCODE";
if (PinCode != "")
{
    //if pin code is set then no windows form will popup to ask it
    SecureString pwd = GetSecurePin(PinCode);
    CspParameters csp = new CspParameters(1,
                    ProviderName,
            KeyContainerName,
            new System.Security.AccessControl.CryptoKeySecurity(),
            pwd);
    try
    {
        RSACryptoServiceProvider rsaCsp = new RSACryptoServiceProvider(csp);
                // the pin code will be cached for next access to the smart card
    }
    catch (Exception ex)
    {
            MessageBox.Show("Crypto error: " + ex.Message);
                return;
    }
}
var cert = Helper.GetCertBySubject("cert subject here");
SignWithThisCert(cert);

它在PDF文档上签名，但是当我在阅读器中打开它时，表明证书无效。

我正在使用具有不可导出私钥-PKCS＃12的受PIN保护的智能卡

也许我需要利用PK吗？

非常感谢您