如何使用iText对pdf进行数字签名?

时间:2012-03-12 11:33:46

标签: java pdf certificate itext digital-signature

如何使用iText签署pdf?我正在经历这个LINK,但我不了解my_private_key.pfx。我真的需要数字签名证书吗?请澄清我。提前谢谢。

2 个答案:

答案 0 :(得分:5)

希望这会帮助你

public class JPdfSign {

private static PrivateKey privateKey;

private static Certificate[] certificateChain;

private static ResourceBundle bundle = ResourceBundle.getBundle("strings");

private static String PRODUCTNAME = bundle.getString("productname");

private static String VERSION = bundle.getString("version");

private static String JAR_FILENAME = bundle.getString("jar-filename");

public static void main(String[] args) {
    // for (int i = 0; i < args.length; i++) {
    // System.out.println("arg[" + i + "] :" + args[i]);
    // }
    if (args.length < 2)
        showUsage();

    try {

        String pkcs12FileName = args[0].trim();
        String pdfInputFileName = args[1];
        String pdfOutputFileName = args[2];
        boolean usePKCS12 = !(pkcs12FileName.equals("-PKCS11"));

        System.out.println("");
        System.out.println("pdfInputFileName : " + pdfInputFileName);
        System.out.println("pdfOutputFileName: " + pdfOutputFileName);

        if (usePKCS12)
            readPrivateKeyFromPKCS12(pkcs12FileName);
        else
            readPrivateKeyFromPKCS11();

        PdfReader reader = null;
        try {
            reader = new PdfReader(pdfInputFileName);
        } catch (IOException e) {
            System.err
                    .println("An unknown error accoured while opening the input PDF file: \""
                            + pdfInputFileName + "\"");
            e.printStackTrace();
            System.exit(-1);
        }
        FileOutputStream fout = null;
        try {
            fout = new FileOutputStream(pdfOutputFileName);
        } catch (FileNotFoundException e) {
            System.err
                    .println("An unknown error accoured while opening the output PDF file: \""
                            + pdfOutputFileName + "\"");
            e.printStackTrace();
            System.exit(-1);
        }
        PdfStamper stp = null;
        try {
            stp = PdfStamper.createSignature(reader, fout, '\0');
            PdfSignatureAppearance sap = stp.getSignatureAppearance();
            sap.setCrypto(privateKey, certificateChain, null,
                    PdfSignatureAppearance.WINCER_SIGNED);
            // sap.setReason("I'm the author");
            // sap.setLocation("Lisbon");
            // sap.setVisibleSignature(new Rectangle(100, 100, 200, 200), 1,
            // null);
            stp.close();
        } catch (Exception e) {
            System.err
                    .println("An unknown error accoured while signing the PDF file:");
            e.printStackTrace();
            System.exit(-1);
        }
    } catch (KeyStoreException kse) {
        System.err
                .println("An unknown error accoured while initializing the KeyStore instance:");
        kse.printStackTrace();
        System.exit(-1);
    }
}

private static void readPrivateKeyFromPKCS11() throws KeyStoreException {
    // Initialize PKCS#11 provider from config file
    String configFileName = getConfigFilePath("pkcs11.cfg");

    Provider p = null;
    try {
        p = new SunPKCS11(configFileName);
        Security.addProvider(p);
    } catch (ProviderException e) {
        System.err
                .println("Unable to load PKCS#11 provider with config file: "
                        + configFileName);
        e.printStackTrace();
        System.exit(-1);
    }
    String pkcs11PIN = "000000";
    System.out.print("Please enter the smartcard pin: ");
    try {
        BufferedReader in = new BufferedReader(new InputStreamReader(
                System.in));
        pkcs11PIN = in.readLine();
        // System.out.println(pkcs11PIN);
        // System.out.println(pkcs11PIN.length());
    } catch (Exception e) {
        System.err
                .println("An unknown error accoured while reading the PIN:");
        e.printStackTrace();
        System.exit(-1);
    }
    KeyStore ks = null;
    try {
        ks = KeyStore.getInstance("pkcs11", p);
        ks.load(null, pkcs11PIN.toCharArray());
    } catch (NoSuchAlgorithmException e) {
        System.err
                .println("An unknown error accoured while reading the PKCS#11 smartcard:");
        e.printStackTrace();
        System.exit(-1);
    } catch (CertificateException e) {
        System.err
                .println("An unknown error accoured while reading the PKCS#11 smartcard:");
        e.printStackTrace();
        System.exit(-1);
    } catch (IOException e) {
        System.err
                .println("An unknown error accoured while reading the PKCS#11 smartcard:");
        e.printStackTrace();
        System.exit(-1);
    }

    String alias = "";
    try {
        alias = (String) ks.aliases().nextElement();
        privateKey = (PrivateKey) ks.getKey(alias, pkcs11PIN.toCharArray());
    } catch (NoSuchElementException e) {
        System.err
                .println("An unknown error accoured while retrieving the private key:");
        System.err
                .println("The selected PKCS#12 file does not contain any private keys.");
        e.printStackTrace();
        System.exit(-1);
    } catch (NoSuchAlgorithmException e) {
        System.err
                .println("An unknown error accoured while retrieving the private key:");
        e.printStackTrace();
        System.exit(-1);
    } catch (UnrecoverableKeyException e) {
        System.err
                .println("An unknown error accoured while retrieving the private key:");
        e.printStackTrace();
        System.exit(-1);
    }
    certificateChain = ks.getCertificateChain(alias);
}

protected static void readPrivateKeyFromPKCS12(String pkcs12FileName)
        throws KeyStoreException {
    String pkcs12Password = "";
    KeyStore ks = null;
    System.out.print("Please enter the password for \"" + pkcs12FileName
            + "\": ");
    try {
        BufferedReader in = new BufferedReader(new InputStreamReader(
                System.in));
        pkcs12Password = in.readLine();
    } catch (Exception e) {
        System.err
                .println("An unknown error accoured while reading the password:");
        e.printStackTrace();
        System.exit(-1);
    }

    try {
        ks = KeyStore.getInstance("pkcs12");
        ks.load(new FileInputStream(pkcs12FileName), pkcs12Password
                .toCharArray());
    } catch (NoSuchAlgorithmException e) {
        System.err
                .println("An unknown error accoured while reading the PKCS#12 file:");
        e.printStackTrace();
        System.exit(-1);
    } catch (CertificateException e) {
        System.err
                .println("An unknown error accoured while reading the PKCS#12 file:");
        e.printStackTrace();
        System.exit(-1);
    } catch (FileNotFoundException e) {
        System.err.println("Unable to open the PKCS#12 keystore file \""
                + pkcs12FileName + "\":");
        System.err
                .println("The file does not exists or missing read permission.");
        System.exit(-1);
    } catch (IOException e) {
        System.err
                .println("An unknown error accoured while reading the PKCS#12 file:");
        e.printStackTrace();
        System.exit(-1);
    }
    String alias = "";
    try {
        alias = (String) ks.aliases().nextElement();
        privateKey = (PrivateKey) ks.getKey(alias, pkcs12Password
                .toCharArray());
    } catch (NoSuchElementException e) {
        System.err
                .println("An unknown error accoured while retrieving the private key:");
        System.err
                .println("The selected PKCS#12 file does not contain any private keys.");
        e.printStackTrace();
        System.exit(-1);
    } catch (NoSuchAlgorithmException e) {
        System.err
                .println("An unknown error accoured while retrieving the private key:");
        e.printStackTrace();
        System.exit(-1);
    } catch (UnrecoverableKeyException e) {
        System.err
                .println("An unknown error accoured while retrieving the private key:");
        e.printStackTrace();
        System.exit(-1);
    }
    certificateChain = ks.getCertificateChain(alias);
}

protected static String getConfigFilePath(String configFilename) {
    CodeSource source = JPdfSign.class.getProtectionDomain()
            .getCodeSource();
    URL url = source.getLocation();

    String jarPath = URLDecoder.decode(url.getFile());
    File f = new File(jarPath);
    try {
        jarPath = f.getCanonicalPath();
    } catch (IOException e) {
    }
    if (!f.isDirectory()) {
        f = new File(jarPath);
        jarPath = f.getParent();
    }
    System.out.println(jarPath);
    if (jarPath.length() > 0) {
        return jarPath + File.separator + configFilename;
    } else
        return configFilename;
}

public static void showUsage() {
    System.out.println("jPdfSign v" + VERSION
            + " by Jan Peter Stotz - jpstotz@gmx.de\n");
    System.out.println(PRODUCTNAME + " usage:");
    System.out
            .println("\nFor using a PKCS#12 (.p12) file as signature certificate and private key source:");
    System.out.print("\tjava -jar " + JAR_FILENAME);
    System.out
            .println(" pkcs12FileName pdfInputFileName pdfOutputFileName");
    System.out
            .println("\nFor using a PKCS#11 smartcard as signature certificate and private key source:");
    System.out.print("\tjava -jar" + JAR_FILENAME);
    System.out.println(" -PKCS11 pdfInputFileName pdfOutputFileName");
    System.exit(0);
}
}

答案 1 :(得分:3)

您在问题中提到的文件很好。您必须创建数字签名文件。

link有一个使用PKCS文件和签署PDF文档的工具。它声称使用iText,因此您应该能够理解这些步骤。 source code here