How do i sign a pdf using iText ? I'am going through this LINK but didn't understand about my_private_key.pfx. Do i really need a certificate for digital signature ? Please clarify me. Thanks in advance.
可以将文章内容翻译成中文,广告屏蔽插件可能会导致该功能失效(如失效,请关闭广告屏蔽插件后再试):
问题:
回答1:
The document you mentioned in the question is good. You have to create digital signature files.
This link has a tool that uses PKCS files and sign PDF documents. It claims to use iText, so you should able to understand the steps. source code here
回答2:
hope this ll help you
public class JPdfSign {
private static PrivateKey privateKey;
private static Certificate[] certificateChain;
private static ResourceBundle bundle = ResourceBundle.getBundle("strings");
private static String PRODUCTNAME = bundle.getString("productname");
private static String VERSION = bundle.getString("version");
private static String JAR_FILENAME = bundle.getString("jar-filename");
public static void main(String[] args) {
// for (int i = 0; i < args.length; i++) {
// System.out.println("arg[" + i + "] :" + args[i]);
// }
if (args.length < 2)
showUsage();
try {
String pkcs12FileName = args[0].trim();
String pdfInputFileName = args[1];
String pdfOutputFileName = args[2];
boolean usePKCS12 = !(pkcs12FileName.equals("-PKCS11"));
System.out.println("");
System.out.println("pdfInputFileName : " + pdfInputFileName);
System.out.println("pdfOutputFileName: " + pdfOutputFileName);
if (usePKCS12)
readPrivateKeyFromPKCS12(pkcs12FileName);
else
readPrivateKeyFromPKCS11();
PdfReader reader = null;
try {
reader = new PdfReader(pdfInputFileName);
} catch (IOException e) {
System.err
.println("An unknown error accoured while opening the input PDF file: \""
+ pdfInputFileName + "\"");
e.printStackTrace();
System.exit(-1);
}
FileOutputStream fout = null;
try {
fout = new FileOutputStream(pdfOutputFileName);
} catch (FileNotFoundException e) {
System.err
.println("An unknown error accoured while opening the output PDF file: \""
+ pdfOutputFileName + "\"");
e.printStackTrace();
System.exit(-1);
}
PdfStamper stp = null;
try {
stp = PdfStamper.createSignature(reader, fout, '\0');
PdfSignatureAppearance sap = stp.getSignatureAppearance();
sap.setCrypto(privateKey, certificateChain, null,
PdfSignatureAppearance.WINCER_SIGNED);
// sap.setReason("I'm the author");
// sap.setLocation("Lisbon");
// sap.setVisibleSignature(new Rectangle(100, 100, 200, 200), 1,
// null);
stp.close();
} catch (Exception e) {
System.err
.println("An unknown error accoured while signing the PDF file:");
e.printStackTrace();
System.exit(-1);
}
} catch (KeyStoreException kse) {
System.err
.println("An unknown error accoured while initializing the KeyStore instance:");
kse.printStackTrace();
System.exit(-1);
}
}
private static void readPrivateKeyFromPKCS11() throws KeyStoreException {
// Initialize PKCS#11 provider from config file
String configFileName = getConfigFilePath("pkcs11.cfg");
Provider p = null;
try {
p = new SunPKCS11(configFileName);
Security.addProvider(p);
} catch (ProviderException e) {
System.err
.println("Unable to load PKCS#11 provider with config file: "
+ configFileName);
e.printStackTrace();
System.exit(-1);
}
String pkcs11PIN = "000000";
System.out.print("Please enter the smartcard pin: ");
try {
BufferedReader in = new BufferedReader(new InputStreamReader(
System.in));
pkcs11PIN = in.readLine();
// System.out.println(pkcs11PIN);
// System.out.println(pkcs11PIN.length());
} catch (Exception e) {
System.err
.println("An unknown error accoured while reading the PIN:");
e.printStackTrace();
System.exit(-1);
}
KeyStore ks = null;
try {
ks = KeyStore.getInstance("pkcs11", p);
ks.load(null, pkcs11PIN.toCharArray());
} catch (NoSuchAlgorithmException e) {
System.err
.println("An unknown error accoured while reading the PKCS#11 smartcard:");
e.printStackTrace();
System.exit(-1);
} catch (CertificateException e) {
System.err
.println("An unknown error accoured while reading the PKCS#11 smartcard:");
e.printStackTrace();
System.exit(-1);
} catch (IOException e) {
System.err
.println("An unknown error accoured while reading the PKCS#11 smartcard:");
e.printStackTrace();
System.exit(-1);
}
String alias = "";
try {
alias = (String) ks.aliases().nextElement();
privateKey = (PrivateKey) ks.getKey(alias, pkcs11PIN.toCharArray());
} catch (NoSuchElementException e) {
System.err
.println("An unknown error accoured while retrieving the private key:");
System.err
.println("The selected PKCS#12 file does not contain any private keys.");
e.printStackTrace();
System.exit(-1);
} catch (NoSuchAlgorithmException e) {
System.err
.println("An unknown error accoured while retrieving the private key:");
e.printStackTrace();
System.exit(-1);
} catch (UnrecoverableKeyException e) {
System.err
.println("An unknown error accoured while retrieving the private key:");
e.printStackTrace();
System.exit(-1);
}
certificateChain = ks.getCertificateChain(alias);
}
protected static void readPrivateKeyFromPKCS12(String pkcs12FileName)
throws KeyStoreException {
String pkcs12Password = "";
KeyStore ks = null;
System.out.print("Please enter the password for \"" + pkcs12FileName
+ "\": ");
try {
BufferedReader in = new BufferedReader(new InputStreamReader(
System.in));
pkcs12Password = in.readLine();
} catch (Exception e) {
System.err
.println("An unknown error accoured while reading the password:");
e.printStackTrace();
System.exit(-1);
}
try {
ks = KeyStore.getInstance("pkcs12");
ks.load(new FileInputStream(pkcs12FileName), pkcs12Password
.toCharArray());
} catch (NoSuchAlgorithmException e) {
System.err
.println("An unknown error accoured while reading the PKCS#12 file:");
e.printStackTrace();
System.exit(-1);
} catch (CertificateException e) {
System.err
.println("An unknown error accoured while reading the PKCS#12 file:");
e.printStackTrace();
System.exit(-1);
} catch (FileNotFoundException e) {
System.err.println("Unable to open the PKCS#12 keystore file \""
+ pkcs12FileName + "\":");
System.err
.println("The file does not exists or missing read permission.");
System.exit(-1);
} catch (IOException e) {
System.err
.println("An unknown error accoured while reading the PKCS#12 file:");
e.printStackTrace();
System.exit(-1);
}
String alias = "";
try {
alias = (String) ks.aliases().nextElement();
privateKey = (PrivateKey) ks.getKey(alias, pkcs12Password
.toCharArray());
} catch (NoSuchElementException e) {
System.err
.println("An unknown error accoured while retrieving the private key:");
System.err
.println("The selected PKCS#12 file does not contain any private keys.");
e.printStackTrace();
System.exit(-1);
} catch (NoSuchAlgorithmException e) {
System.err
.println("An unknown error accoured while retrieving the private key:");
e.printStackTrace();
System.exit(-1);
} catch (UnrecoverableKeyException e) {
System.err
.println("An unknown error accoured while retrieving the private key:");
e.printStackTrace();
System.exit(-1);
}
certificateChain = ks.getCertificateChain(alias);
}
protected static String getConfigFilePath(String configFilename) {
CodeSource source = JPdfSign.class.getProtectionDomain()
.getCodeSource();
URL url = source.getLocation();
String jarPath = URLDecoder.decode(url.getFile());
File f = new File(jarPath);
try {
jarPath = f.getCanonicalPath();
} catch (IOException e) {
}
if (!f.isDirectory()) {
f = new File(jarPath);
jarPath = f.getParent();
}
System.out.println(jarPath);
if (jarPath.length() > 0) {
return jarPath + File.separator + configFilename;
} else
return configFilename;
}
public static void showUsage() {
System.out.println("jPdfSign v" + VERSION
+ " by Jan Peter Stotz - jpstotz@gmx.de\n");
System.out.println(PRODUCTNAME + " usage:");
System.out
.println("\nFor using a PKCS#12 (.p12) file as signature certificate and private key source:");
System.out.print("\tjava -jar " + JAR_FILENAME);
System.out
.println(" pkcs12FileName pdfInputFileName pdfOutputFileName");
System.out
.println("\nFor using a PKCS#11 smartcard as signature certificate and private key source:");
System.out.print("\tjava -jar" + JAR_FILENAME);
System.out.println(" -PKCS11 pdfInputFileName pdfOutputFileName");
System.exit(0);
}
}