为什么pdfbox成功地签署了pdf文件,但当在reader中打开时,它说文件在签署后被更改了?

iq0todco  于 2021-09-13  发布在  Java
关注(0)|答案(0)|浏览(430)

我正在使用pdfbox 2.0.22覆盖和签署文档。覆盖层工作正常,但签名表示文档自签名后已被更改。
我在macbook上通过smb访问pdf,并在linux上开发。
这是覆盖和签名的(剥离)功能:

  1. public MergePdfResponse MergePdfs(MergePdfRequest mergePdfRequest) throws IOException {
  2.     PdDocumentDetail basePdf = getPDFObject(getBasePdfBaseFileRequest());
  3.     PdDocumentDetail overlayPdf = getPDFObject(getSignatureBaseFileRequest());
  5.     PDDocument baseDocument = basePdf.pdDocument;
  6.     PDDocument overlayDocument = overlayPdf.pdDocument;
  8.     Iterator<PDPage> baseDocumentIterator = baseDocument.getPages().iterator();
  9.     Iterator<PDPage> signatureIterator = overlayDocument.getPages().iterator();
  11.     // code here to lock annotations per page
  13.     Overlay overlay = new Overlay();
  14.     overlay.setOverlayPosition(Overlay.Position.FOREGROUND);
  15.     overlay.setInputPDF(baseDocument);
  16.     overlay.setAllPagesOverlayPDF(overlayDocument);
  18.     Map<Integer, String> ovmap = new HashMap<Integer, String>();
  19.     overlay.overlay(ovmap);
  20.     if(baseDocument.getPages().getCount() < overlayDocument.getPages().getCount()) //missing audit trail pages, need to add.
  21.     {
  22.         for(int i=baseDocument.getPages().getCount();i<overlayDocument.getPages().getCount(); i++)
  23.         {
  24.             baseDocument.addPage(overlayDocument.getPages().get(i));
  25.         }
  26.     }
  28.     Config cfg = new Config();
  29.     String secret = "1234";
  30.     SetPermissions(baseDocument, secret, mergePdfRequest.canCopy);
  32.     PDDocument finalDocument;
  33.     try (ByteArrayOutputStream outputDocument = new ByteArrayOutputStream()) {
  34.         baseDocument.saveIncremental(outputDocument);
  35.         finalDocument = PDDocument.load(outputDocument.toByteArray(), secret);
  36.         baseDocument.close();
  37.     }
  39.     int accessPermissions = SigUtils.getMDPPermission(finalDocument);
  40.     if (accessPermissions == 1)
  41.     {
  42.         throw new IllegalStateException("No changes to the document are permitted due to DocMDP transform parameters dictionary");
  43.     }
  45.     PDSignature pdSignature = new PDSignature();
  46.     pdSignature.setName("QuicklySign");
  47.     pdSignature.setLocation("Cape Town, ZA");
  48.     pdSignature.setReason("Testing");
  49.     pdSignature.setFilter(PDSignature.FILTER_ADOBE_PPKLITE);
  50.     pdSignature.setSubFilter(PDSignature.SUBFILTER_ADBE_PKCS7_DETACHED);
  52.     SignatureOptions signatureOptions = new SignatureOptions();
  53.     signatureOptions.setPreferredSignatureSize(SignatureOptions.DEFAULT_SIGNATURE_SIZE * 2);
  54.     finalDocument.addSignature(pdSignature, new PdfSigningInterface(), signatureOptions);
  56.     String filename = "examples/merge_pdf_examples/debug_signed.pdf";
  57.     if(mergePdfRequest.isDebug) {
  58.         filename = basePdf.filename + new Date().getTime() + ".ignore.pdf";
  59.     }
  61.     try (FileOutputStream output = new FileOutputStream(filename)) {
  62.         finalDocument.saveIncremental(output);
  63.     }
  64.     finalDocument.close();
  65.     overlayDocument.close();
  67.     return new MergePdfResponse(mergePdfRequest.baseGcsBucket, filenameForCompleted);
  68. }

pdfsigninginterface的代码:

  1. public class PdfSigningInterface implements SignatureInterface {
  2.     @Override
  3.     public byte[] sign(InputStream inputStream) throws IOException {
  4.         try {
  5.             Certificate[] certificateChain = GoogleCertificateProvider.INSTANCE.buildCertificateChain();
  7.             CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
  8.             X509Certificate signingCertificate = (X509Certificate) certificateChain[0];
  10.             ContentSigner googleContentSigner = new GoogleContentSigner();
  12.             gen.addSignerInfoGenerator(
  13.                     new JcaSignerInfoGeneratorBuilder(
  14.                             new JcaDigestCalculatorProviderBuilder().build()
  15.                     ).build(googleContentSigner, signingCertificate)
  16.             );
  18.             gen.addCertificates(new JcaCertStore(Arrays.asList(certificateChain)));
  20.             CMSProcessableInputStream msg = new CMSProcessableInputStream(inputStream);
  21.             CMSSignedData signedData = gen.generate(msg, false);
  23.             return signedData.getEncoded();
  24.         } catch (CMSException | OperatorCreationException | CertificateException e) {
  25.             throw new IOException(e);
  26.         }
  27.     }
  28. }

googlecontentsigner:

  1. public class GoogleContentSigner implements ContentSigner {
  2.     private final ByteArrayOutputStream outputStream;
  3.     private final AlgorithmIdentifier sigAlgId;
  5.     public GoogleContentSigner(){
  6.         this.sigAlgId = new DefaultSignatureAlgorithmIdentifierFinder().find("SHA256WITHRSAANDMGF1");
  7.         this.outputStream = new ByteArrayOutputStream();
  8.     }
  10.     @Override
  11.     public AlgorithmIdentifier getAlgorithmIdentifier() {
  12.         return this.sigAlgId;
  13.     }
  15.     @Override
  16.     public OutputStream getOutputStream() {
  17.         return this.outputStream;
  18.     }
  20.     @Override
  21.     public byte[] getSignature() {
  22.         try {
  23.             GoogleCertificateProvider kms = GoogleCertificateProvider.INSTANCE;
  25.             byte[] signedAttributeSet = outputStream.toByteArray();
  26.             Digest digest = kms.digestMessage(signedAttributeSet);
  28.             return kms.signDigestedContent(digest);
  30.         } catch (NoSuchAlgorithmException e) {
  31.             e.printStackTrace();
  32.             throw new RuntimeException("Unable to sign with KMS");
  33.         }
  34.     }
  35. }

我的代码只是签名代码,而且我对pdfbox(或一般的pdf操作)非常陌生。我的目标是使用云kms生成签名pdf。
附有签名的pdf示例
为什么读者会这样说我的pdf签名是无效的?我直接登录到一个文件,并尝试在reader中打开它

Javapdfpdfboxsign

暂无答案!

目前还没有任何答案,快来回答吧!

我来回答

相关问题

    查看更多

    热门标签

    更多
    JavaquerypythonNode开发语言requestUtil数据库Table后端算法LoggerMessageElementParser

    最新问答

    更多
    • 蜀ICP备13028337号-1 大数据知识库 https://www.saoniuhuo.com © All rights reserved
    • 本站内容来源互联网,如果侵犯您的权益请联系我们删除, 联系方式:448109455@qq.com