pdf 签名中至少有一个签名无效
at least one signature is invalid in pdf signing
当我使用带有电子令牌的 IText 签署 PDF 时,签名的 pdf 在 Acrobat Adobe 中显示“至少一个签名无效”Reader.I 我正在使用有效的电子令牌。下面是签署 Pdf 的代码。
//path of destination file
String destFile = "D://sign_test.pdf";
// load key store
KeyStore ks = KeyStore.getInstance("Windows-MY");
ks.load(null, "password".toCharArray());
Enumeration enumeration = ks.aliases();
String alias = null;
while(enumeration.hasMoreElements()){
alias = (String)enumeration.nextElement();
if(alias.equalsIgnoreCase("alias of the certificate"))// to get specific certificate from keystore
break;
}
PrivateKey pk = (PrivateKey)ks.getKey(alias, "password".toCharArray()); Certificate[] chain = ks.getCertificateChain(alias);
PdfReader reader = new PdfReader(sourceFile);
FileOutputStream os = new FileOutputStream(destFile);
PdfStamper stamper = PdfStamper.createSignature(reader, os, '[=10=]');
PdfSignatureAppearance appearance = stamper .getSignatureAppearance();
appearance.setReason("I've written this.");
appearance.setLocation("Foobar");
appearance.setVisibleSignature(new Rectangle(72, 732, 144, 780),1,"first");
ExternalSignature es = new PrivateKeySignature(pk, "SHA-256", "SunMSCAPI");
ExternalDigest digest = new ProviderDigest("SunMSCAPI");
MakeSignature.signDetached(appearance, digest, es, chain, null, null, null, 0, CryptoStandard.CMS);
stamper.close();
原因是:您选择的证书无效
详情
如果您仔细查看 Acrobat Adobe Reader 所说的内容,您会在签名面板中找到:
因此,签名本身在数学上是正确的:
Document has not been modified since this signature was applied
但问题出在您的证书中:
Signer's certificate is invalid
如果您进一步单击证书视图,您将看到
所以签名者证书无效的原因是:
Not valid for usage.
的确,你看到了上面的预期用途:
Encrypt Keys
要创建签名,您需要签名或Non-Repudiation。
所以您只需要 select 一个用于签名的证书。
当我使用带有电子令牌的 IText 签署 PDF 时,签名的 pdf 在 Acrobat Adobe 中显示“至少一个签名无效”Reader.I 我正在使用有效的电子令牌。下面是签署 Pdf 的代码。
//path of destination file String destFile = "D://sign_test.pdf"; // load key store KeyStore ks = KeyStore.getInstance("Windows-MY"); ks.load(null, "password".toCharArray()); Enumeration enumeration = ks.aliases(); String alias = null; while(enumeration.hasMoreElements()){ alias = (String)enumeration.nextElement(); if(alias.equalsIgnoreCase("alias of the certificate"))// to get specific certificate from keystore break; } PrivateKey pk = (PrivateKey)ks.getKey(alias, "password".toCharArray()); Certificate[] chain = ks.getCertificateChain(alias); PdfReader reader = new PdfReader(sourceFile); FileOutputStream os = new FileOutputStream(destFile); PdfStamper stamper = PdfStamper.createSignature(reader, os, '[=10=]'); PdfSignatureAppearance appearance = stamper .getSignatureAppearance(); appearance.setReason("I've written this."); appearance.setLocation("Foobar"); appearance.setVisibleSignature(new Rectangle(72, 732, 144, 780),1,"first"); ExternalSignature es = new PrivateKeySignature(pk, "SHA-256", "SunMSCAPI"); ExternalDigest digest = new ProviderDigest("SunMSCAPI"); MakeSignature.signDetached(appearance, digest, es, chain, null, null, null, 0, CryptoStandard.CMS); stamper.close();
原因是:您选择的证书无效
详情
如果您仔细查看 Acrobat Adobe Reader 所说的内容,您会在签名面板中找到:
因此,签名本身在数学上是正确的:
Document has not been modified since this signature was applied
但问题出在您的证书中:
Signer's certificate is invalid
如果您进一步单击证书视图,您将看到
所以签名者证书无效的原因是:
Not valid for usage.
的确,你看到了上面的预期用途:
Encrypt Keys
要创建签名,您需要签名或Non-Repudiation。
所以您只需要 select 一个用于签名的证书。