如何使用令牌 RFC3161 使用 itext 和 BouncyCastle 签署 PDF?
提前致谢!!
String token = "my jeton ";
ASN1InputStream in = new ASN1InputStream(Base64.getDecoder().decode(token));
ASN1Sequence seq = (ASN1Sequence)in.readObject();
将令牌转换为 TimeStampToken
TimeStampToken stp = new TimeStampToken(new ContentInfo((ASN1Sequence) seq.getObjectAt(seq.getObjectAt(0) instanceof DERTaggedObject ? 3 : 1)));
CollectionStore store = (CollectionStore) stp.getCertificates();
Iterator itCert = store.iterator();
JcaX509CertificateConverter jcaConvertor = new JcaX509CertificateConverter();
X509Certificate[] cert = new X509Certificate[1] ;
while(itCert.hasNext()){
X509CertificateHolder certH = (X509CertificateHolder)itCert.next();
cert[0] = jcaConvertor.getCertificate((certH));
System.err.println(cert);
}
要签名的文件
String SRC = "original.pdf";
String DEST = "signed.pdf";
BouncyCastleProvider provider = new BouncyCastleProvider();
Security.addProvider(provider);
生成私钥
KeyStore ks = KeyStore.getInstance("pkcs12", provider.getName());
KeyPairGenerator generator = KeyPairGenerator.getInstance("RSA", "BC");
Base64Encoder b64 = new Base64Encoder();
generator.initialize(1024);
KeyPair pair = generator.generateKeyPair();
PrivateKey pk = (PrivateKey)pair.getPrivate();
带有令牌的 itext 签名方法
sign(SRC, DEST, cert, pk, DigestAlgorithms.SHA1, provider.getName(), CryptoStandard.CMS, "", "", null, null, null, 0);