2013-07-26 187 views

回答

2

将私钥数字证书导出到pfx文件。

利用iText与BouncyCastle的:

Document document = new Document(); 
ByteArrayOutputStream baos = new ByteArrayOutputStream(); 
PdfWriter.getInstance(document, baos); 
document.open(); 
document.add(new Paragraph("Hello World!")); 
document.close(); 


    PdfReader reader = new PdfReader(baos.toByteArray()); 
    OutputStream os = new FileOutputStream("c:\\temp\\sign\\test.pdf"); 
    PdfStamper stamper = PdfStamper.createSignature(reader, os, '\0'); 

    // Creating the appearance 
    PdfSignatureAppearance appearance = stamper.getSignatureAppearance(); 
    appearance.setReason("REASON"); 
    appearance.setLocation("LOCATION"); 

    appearance.setVisibleSignature(new Rectangle(36, 748, 144, 780), 1, "sig"); 

    Security.addProvider(new BouncyCastleProvider()); 

    FileInputStream fis = new FileInputStream("c:\\ssl\\test.pfx"); 
    String password = "myPassword"; 

    KeyStore ks = KeyStore.getInstance("pkcs12"); 
    ks.load(fis, password.toCharArray()); 
    String alias = ks.aliases().nextElement(); 

    PrivateKey pk = (PrivateKey) ks.getKey(alias, password.toCharArray()); 
    X509Certificate cert = (X509Certificate) ks.getCertificate(alias); 

    TSAClient tsc = new TSAClientBouncyCastle("http://timestampserverURL/"); 
    ExternalDigest digest = new BouncyCastleDigest(); 
    ExternalSignature signature = new PrivateKeySignature(pk, "SHA-1", "BC"); 
    MakeSignature.signDetached(appearance, digest, signature, new Certificate[] { cert }, null, null, tsc, 0, 
      CryptoStandard.CMS); 

Maven依赖:

<dependency> 
    <groupId>org.bouncycastle</groupId> 
    <artifactId>bcprov-jdk15on</artifactId> 
    <version>1.49</version> 
</dependency> 

<dependency> 
    <groupId>org.bouncycastle</groupId> 
    <artifactId>bcmail-jdk15on</artifactId> 
    <version>1.49</version> 
</dependency> 
<dependency> 
    <groupId>org.bouncycastle</groupId> 
    <artifactId>bctsp-jdk15on</artifactId> 
    <version>1.46</version> 
</dependency> 


<dependency> 
    <groupId>com.itextpdf</groupId> 
    <artifactId>itextpdf</artifactId> 
    <version>5.4.2</version> 
</dependency> 
0

你可以使用Securo API,通过其HTTP RESTful接口。

应用的时间戳采用RFC3161分离格式,所有时间戳由欧盟认可的合格证书颁发机构颁发。

免责声明:securo

0

DigiStamp提供了SecureTime API工具包一个PDF签名和时间戳功能的联合创始人,你会得到一个链接时,你create a free test account(并访问测试服务器)。该工具包使用BouncyCastle和旧版免费版iText。

Qoppa has a newer toolkit具有一系列PDF功能,但收取使用费用。

声明:我在DigiStamp工作