如何解决延迟的签名itext temporaire文件无效签名
我目前正在使用Web应用程序,该应用程序允许将哈希发送到返回签名哈希的服务。我必须分两个步骤执行此操作(通过一个临时文件)。我已经阅读了很多有关此主题的文章,pdf文件显示了有效的签名,但是如果我在签名服务中验证了pdf,则密码验证失败了
主要
static void Main(string[] args)
{
string unsignedPdf = "c:/temp/spec.pdf";
string tempPdf = "c:/temp/temp.pdf";
string signedPdf = "c:/temp/Signed.pdf";
string signatureFieldName = "test";
Org.BouncyCastle.X509.X509Certificate[] chain = new Org.BouncyCastle.X509.X509Certificate[1];
byte[] bytes = Convert.FromBase64String("certificate here");
var cert = new X509Certificate2(bytes);
chain[0] = new Org.BouncyCastle.X509.X509CertificateParser().ReadCertificate(cert.GetRawCertData());
string hash = GetBytesToSign(unsignedPdf,tempPdf,signatureFieldName,chain[0]);
string signature = getHashSigned(hash); // suppose to get hashSigned here
SignFile(tempPdf,signedPdf,signature);
}
GetByteToSign
public static string GetBytesToSign(string unsignedPdf,string tempPdf,string signatureFieldName,Org.BouncyCastle.X509.X509Certificate chain)
{
if (File.Exists(tempPdf))
File.Delete(tempPdf);
using (PdfReader reader = new PdfReader(unsignedPdf))
{
using (FileStream os = File.OpenWrite(tempPdf))
{
PdfStamper stamper = PdfStamper.CreateSignature(reader,os,'\0');
PdfSignatureAppearance appearance = stamper.SignatureAppearance;
appearance.SetVisibleSignature(new Rectangle(36,748,250,400),1,signatureFieldName);
appearance.Reason = "Reason";
appearance.Location = "Location";
appearance.SignDate = DateTime.Now;
appearance.Certificate = chain;
IExternalSignatureContainer external = new ExternalBlankSignatureContainer(PdfName.ADOBE_PPKLITE,PdfName.ADBE_PKCS7_DETACHED);
MakeSignature.SignExternalContainer(appearance,external,8192);
byte[] hash = DigestAlgorithms.Digest(appearance.GetRangeStream(),"SHA256");
return Convert.ToBase64String(hash);
}
}
}
SignFile
public static void SignFile(string tempPdf,string signedPdf,string signature)
{
byte[] signedBytes = Convert.FromBase64String(signature);
using (PdfReader reader = new PdfReader(tempPdf))
{
using (FileStream os = File.OpenWrite(signedPdf))
{
IExternalSignatureContainer external = new MyExternalSignatureContainer(signedBytes,chain);
MakeSignature.SignDeferred(reader,external);
}
}
}
private class MyExternalSignatureContainer : IExternalSignatureContainer
{
private readonly byte[] signedBytes;
protected Org.BouncyCastle.X509.X509Certificate[] chain;
public MyExternalSignatureContainer(byte[] signedBytes,Org.BouncyCastle.X509.X509Certificate[] chain)
{
this.signedBytes = signedBytes;
this.chain = chain;
}
public void ModifySigningDictionary(PdfDictionary signDic)
{
}
public byte[] Sign(Stream data)
{
PdfPKCS7 sgn = new PdfPKCS7(null,chain,"SHA-256",false);
IDigest messageDigest = DigestUtilities.GetDigest("SHA-256");
byte[] messageHash = DigestAlgorithms.Digest(data,messageDigest);
byte[] extsignature = signedBytes;
sgn.SetExternalDigest(extsignature,null,"RSA");
return sgn.GetEncodedPKCS7(messageHash,CryptoStandard.CADES);
}
}
**生成的哈希值:** rEFfyAMqVv9OeR3FRFozBynL6niNyMHLyOMBtwt4q0g =
签名服务的回应
{
"algorithm": "RSA_SHA256","value": "fJWzdUtJtJd8KcQkOhnyT3SJfC4rjd3BhfLmGcMyxAuCQDF6hsnDGEDwbl2+oSl1FvL/tBrbEp+NUY9dgASToSjSkgHDpbVBNOHFIsvGjz858s1+TnFc0sMFPdSwPe7Us88SakprDvcsU1rK2nMOMfNYQSAjjumLxdK2MwdnR/Q/QU9P/qzgMmDBC+E44c4kJRpCuJRp/RNy4ny4zDI4PGlv1dAqCU3Ms3dJtzI7kj1tWqe9TzCRC0Ta6cjsXEdG2vBiK8hRXQ4usBrFvxDmYY+5A5dRT5fobPb91jj14kR7dyAynPRKjuM0XGwqj0MjUV2/ldsqiGZhyxbyfPw74Q=="
}
感谢帮助!
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。