电子签章实现(源码分享:在pdf上加盖电子签章)
如何在word文档上盖电子章? 源码分享在pdf上加盖电子签章
在pdf上加盖电子签章,并不是只是加个印章图片,。而是要使用一对密钥中的私钥对文件进行签字。为啥要用私钥呢?很简单,因为公钥是公开的,其他人才可以用公钥为你证明,这个文件是你签的。这就是我们常说的私钥签字,公钥加密。用公钥进行加密,才只有有对应私钥的人能解开。
下面给出具体代码。
,这对密钥应该去官方申请,我这里只是测试,所以就自己生成了。
数字证书常见标准
符合PKI ITU-T X509标准,传统标准(.DER .PEM .CER .CRT)符合PKCS#7 加密消息语法标准(.P7B .P7C .SPC .P7R)符合PKCS#10 证书请求标准(.p10)符合PKCS#12 个人信息交换标准(.pfx .p12)X509是数字证书的基本规范,而P7和P12则是两个实现规范,P7用于数字信封,P12则是带有私钥的证书实现规范。生成p12数字证书文件
使用JDK的keytool工具
keytool在jdk的bin目录下生成数字文件keytool -genkeypair -alias serverkey -keypass 111111 -storepass 111111 -dname #34C=CN,ST=SD,L=QD,O=haier,OU=dev,CN=haier.com#34 nbsp -keyalg RSA -keysize 2048 -validity 3650 -keystore D:\keystore\server.keystore
storepass keystore 文件存储密码
keypass 私钥加解密密码
alias 实体别名(包括证书私钥)
dname 证书个人信息
keyalt 采用公钥算法,默认是DSA keysize 密钥长度(DSA算法对应的默认算法是sha1withDSA,不支持2048长度,此时需指定RSA)
validity 有效期
keystore 指定keystore文件
3,转换为p12格式
keytool -importkeystore -srckeystore D:\keystore\server.keystore -destkeystore D:\keystore\server.p12 -srcalias serverkey -destalias serverkey -srcstoretype jks -deststoretype pkcs12 -srcstorepass 111111 -deststorepass 111111 -noprompt
使用IText对pdf文件进行数字签名
nbsp nbsp nbsp nbsppublicnbspstaticnbspfinalnbspStringnbspsourceFoldernbsp=nbsp#34./src/test/resources/com/itextpdf/signatures/sign/SigningTest/#34nbsp nbsppublicnbspstaticnbspfinalnbspStringnbspdestinationFoldernbsp=nbsp#34./target/test/com/itextpdf/signatures/sign/SigningTest/#34nbsp nbsppublicnbspstaticnbspfinalnbspStringnbspkeystorePathnbsp=nbsp#34D:\keystore\server.p12#34nbsp nbsppublicnbspstaticnbspfinalnbspchar[]nbsppasswordnbsp=nbsp#34111111#34.toCharArray()nbsp nbsppublicnbspstaticnbspfinalnbspStringnbspsterSrcnbsp=nbsp#34./src/test/resources/seal.png#34//印章路径nbsp nbspprivatenbspCertificate[]nbspchainnbsp// 证书链nbsp nbspprivatenbspPrivateKeynbsppk@BeforeClassnbsp nbsppublicnbspstaticnbspvoidnbspbefore() {nbsp nbsp nbsp nbspSecurity.addProvider(newnbspBouncyCastleProvider())nbsp nbsp nbsp nbspcreateOrClearDestinationFolder(destinationFolder)nbsp }nbsp nbsp@Beforenbsp nbsppublicnbspvoidnbspinit()nbspthrowsnbspKeyStoreException,nbspIOException,nbspCertificateException,nbspNoSuchAlgorithmException,nbspUnrecoverableKeyExceptionnbsp{nbsp nbsp nbsp nbsppknbsp=nbspPkcs12FileHelper.readFirstKey(keystorePath,nbsppassword,nbsppassword)nbsp nbsp nbsp nbspchainnbsp=nbspPkcs12FileHelper.readFirstChain(keystorePath,nbsppassword)nbsp }@Testnbsp nbsppublicnbspvoidnbsptestSign() {nbsp nbsp nbsp nbspStringnbspsrcnbsp=nbspsourceFoldernbsp+nbsp#34simpleDocument.pdf#34nbsp nbsp nbsp nbspStringnbspfileNamenbsp=nbsp#34dest.pdf#34nbsp nbsp nbsp nbspStringnbspdestnbsp=nbspdestinationFoldernbsp+nbspfileNamenbsp nbsp nbsp nbsptrynbsp{nbsp nbsp nbsp nbsp nbsp nbspImageDatanbspimgnbsp=nbspImageDataFactory.create(sterSrc)nbsp nbsp nbsp nbsp nbsp nbsp//读取图章图片,这个image是itext包的imagenbsp nbsp nbsp nbsp nbsp nbspImagenbspimagenbsp=nbspnewnbspImage(img)nbsp nbsp nbsp nbsp nbsp nbspfloatnbspheightnbsp=nbspimage.getImageHeight()nbsp nbsp nbsp nbsp nbsp nbspfloatnbspwidthnbsp=nbspimage.getImageWidth()nbsp nbsp nbsp nbsp nbsp nbspRectanglenbsprectanglenbsp=nbspnewnbspRectangle(150,nbsp200,nbspwidth,nbspheight)nbsp nbsp nbsp nbsp nbsp nbspintnbsppageNumnbsp=nbsp1nbsp nbsp nbsp nbsp nbsp nbspsign(src,nbspString.format(dest,nbsp1),nbspimg,nbsppageNum,nbsprectangle,nbspchain,nbsppk,nbspDigestAlgorithms.SHA256,nbspnull,nbspPdfSigner.CryptoStandard.CADES,nbsp#34测试#34,nbsp nbsp nbsp nbsp nbsp nbsp nbsp nbsp nbsp nbsp#34青岛#34)nbsp nbsp nbsp }nbspcatchnbsp(Exceptionnbspe) {nbsp nbsp nbsp nbsp nbsp nbspJOptionPane.showMessageDialog(null,nbspe.getMessage())nbsp nbsp nbsp nbsp nbsp nbspe.printStackTrace()nbsp nbsp nbsp }nbsp }
publicnbspvoidnbspsign(Stringnbspsrcnbspnbsp//需要签章的pdf文件路径nbsp nbsp nbsp nbsp nbsp ,nbspStringnbspdestnbspnbsp// 签完章的pdf文件路径nbsp nbsp nbsp nbsp nbsp ,nbspImageDatanbspimgnbsp// 印章图片nbsp nbsp nbsp nbsp nbsp ,nbspintnbsppageNumnbsp// 印在第几页nbsp nbsp nbsp nbsp nbsp ,nbspRectanglenbsprectanglenbsp// 印章显示的位置nbsp nbsp nbsp nbsp nbsp ,nbspCertificate[]nbspchainnbsp//证书链nbsp nbsp nbsp nbsp nbsp ,nbspPrivateKeynbsppknbsp//签名私钥nbsp nbsp nbsp nbsp nbsp ,nbspStringnbspdigestAlgorithmnbspnbsp//摘要算法名称,例如SHA-1nbsp nbsp nbsp nbsp nbsp ,nbspStringnbspprovidernbspnbsp// 密钥算法提供者,可以为nullnbsp nbsp nbsp nbsp nbsp ,nbspPdfSigner.CryptoStandardnbspsubfilternbsp//数字签名格式,itext有2种nbsp nbsp nbsp nbsp nbsp ,nbspStringnbspreasonnbspnbsp//签名的原因,显示在pdf签名属性中,随便填nbsp nbsp nbsp nbsp nbsp ,nbspStringnbsplocation)nbsp//签名的地点,显示在pdf签名属性中,随便填nbsp nbsp nbsp nbsp nbsp nbspthrowsnbspGeneralSecurityException,nbspIOExceptionnbsp{nbsp nbsp nbsp nbsp//下边的步骤都是固定的,照着写就行了,没啥要解释的nbsp nbsp nbsp nbspPdfReadernbspreadernbsp=nbspnewnbspPdfReader(src)nbsp nbsp nbsp nbspPdfDocumentnbspdocumentnbsp=nbspnewnbspPdfDocument(reader)nbsp nbsp nbsp nbspdocument.setDefaultPageSize(PageSize.TABLOID)nbsp nbsp nbsp nbsp//目标文件输出流nbsp nbsp nbsp nbspFileOutputStreamnbsposnbsp=nbspnewnbspFileOutputStream(dest)nbsp nbsp nbsp nbsp//创建签章工具PdfSigner ,一个boolean参数nbsp nbsp nbsp nbsp//false的话,pdf文件只允许被签名一次,多次签名,一次有效nbsp nbsp nbsp nbsp//true的话,pdf可以被追加签名,验签工具可以识别出每次签名之后文档是否被修改nbsp nbsp nbsp nbspPdfReadernbspreader2nbsp=nbspnewnbspPdfReader(src)// nbsp nbsp nbsp PdfSigner ster = new PdfSigner(reader2, os, true)nbsp nbsp nbsp nbspStingPropertiesnbspstingPropertiesnbsp=nbspnewnbspStingProperties()nbsp nbsp nbsp nbspstingProperties.useAppendMode()nbsp nbsp nbsp nbspPdfSignernbspsternbsp=nbspnewnbspPdfSigner(reader2,nbspos,nbspstingProperties)nbsp nbsp nbsp nbsp// 获取数字签章属性对象,设定数字签章的属性nbsp nbsp nbsp nbspPdfSignatureAppearancenbspappearancenbsp=nbspster.getSignatureAppearance()nbsp nbsp nbsp nbspappearance.setReason(reason)nbsp nbsp nbsp nbspappearance.setLocation(location)nbsp nbsp nbsp nbsp//设置签名的位置,页码,签名域名称,多次追加签名的时候,签名与名称不能一样nbsp nbsp nbsp nbsp//签名的位置,是图章相对于pdf页面的位置坐标,原点为pdf页面左下角nbsp nbsp nbsp nbsp//四个参数的分别是,图章左下角x,图章左下角y,图章宽度,图章高度nbsp nbsp nbsp nbspappearance.setPageNumber(pageNum)nbsp nbsp nbsp nbspappearance.setPageRect(rectangle)nbsp nbsp nbsp nbsp//插入盖章图片nbsp nbsp nbsp nbspappearance.setSignatureGraphic(img)nbsp nbsp nbsp nbsp//设置图章的显示方式,如下选择的是只显示图章(还有其他的模式,可以图章和签名描述一同显示)nbsp nbsp nbsp nbspappearance.setRenderingMode(PdfSignatureAppearance.RenderingMode.GRAPHIC)nbsp nbsp nbsp nbsp// 这里的itext提供了2个用于签名的接口,可以自己实现,后边着重说这个实现nbsp nbsp nbsp nbsp// 摘要算法nbsp nbsp nbsp nbspIExternalDigestnbspdigestnbsp=nbspnewnbspBouncyCastleDigest()nbsp nbsp nbsp nbsp// 签名算法nbsp nbsp nbsp nbspIExternalSignaturenbspsignaturenbsp=nbspnewnbspPrivateKeySignature(pk,nbspdigestAlgorithm,nbspBouncyCastleProvider.PROVIDER_NAME)nbsp nbsp nbsp nbsp// 调用itext签名 完成pdf签章nbsp nbsp nbsp nbspster.setCertificationLevel(1)nbsp nbsp nbsp nbspster.signDetached(digest,nbspsignature,nbspchain,nbspnull,nbspnull,nbspnull,nbsp0,nbspPdfSigner.CryptoStandard.CADES)nbsp }
效果如下
可以查看下证书,会看到我们生成数字证书时的信息
需要源码请关注公-众-号 技术笔记与开源分享
自动加盖水印获电子签章 前后端实现电子签章的流程