pdf 电子签章验签

pdf 电子签章验签

https://www.eolink.com/news/post/44504.html

 

https://blog.csdn.net/listeningsea/article/details/122547736

 

http://cn.voidcc.com/question/p-fsuljrmw-bmz.html

 

 

https://kb.itextpdf.com/home/it7kb/examples/digital-signatures-chapter-5

 

https://itextpdf.com/solutions/electronic-signatures-pdf

 

https://www.rfc-editor.org/rfc/rfc5652

 

https://www.jianshu.com/p/f324983d6efa

 

https://stackoverflow.com/questions/17446327/verify-if-a-pdf-is-digitally-signed-with-itext

 

https://stackoverflow.com/questions/49627832/verify-digital-signature-pdf-java-itext/54570181#54570181?newreg=23f518a48b1b48f9ba19661d9fa37468

 

static void digest(){
       // Security.addProvider(new BouncyCastleProvider());
        String fieldName = "E:\\everyDayFile\\20230621\\8.pdf";
      //  String fieldName = "E:\\everyDayFile\\20230621\\leave.pdf";
        CertificateFactory certificateFactory = CertificateFactory.getInstance("X509");
        boolean valid = false;
        // Read the PDF file and get the signature dictionary
        PdfReader reader = new PdfReader(fieldName);
        AcroFields acroFields = reader.getAcroFields();
        List<String> signatureNames = acroFields.getSignatureNames();
        if (!signatureNames.isEmpty()) {
            for (String name : signatureNames) {
                if (acroFields.signatureCoversWholeDocument(name)) {
                    PdfPKCS7 pkcs7 = acroFields.verifySignature(name);
                    valid = pkcs7.verify();
                    String reason = pkcs7.getReason();
                    Calendar signedAt = pkcs7.getSignDate();
                    X509Certificate signingCertificate = pkcs7.getSigningCertificate();
                    Principal issuerDN = signingCertificate.getIssuerDN();
                    Principal subjectDN = signingCertificate.getSubjectDN();
                    log.info("valid = {}, date = {}, reason = '{}', issuer = '{}', subject = '{}'",
                            valid, signedAt.getTime(), reason, issuerDN, subjectDN);
                    break;
                }
            }
        }
        //return valid;
    }

E:\software\dragonwell-8.10.11\bin\java.exe -javaagent:E:\software\ideaIU-2023.1.1.win\lib\idea_rt.jar=56336:E:\software\ideaIU-2023.1.1.win\bin -Dfile.encoding=UTF-8 -classpath E:\software\dragonwell-8.10.11\jre\lib\charsets.jar;E:\software\dragonwell-8.10.11\jre\lib\ext\access-bridge-64.jar;E:\software\dragonwell-8.10.11\jre\lib\ext\cldrdata.jar;E:\software\dragonwell-8.10.11\jre\lib\ext\dnsns.jar;E:\software\dragonwell-8.10.11\jre\lib\ext\jaccess.jar;E:\software\dragonwell-8.10.11\jre\lib\ext\localedata.jar;E:\software\dragonwell-8.10.11\jre\lib\ext\nashorn.jar;E:\software\dragonwell-8.10.11\jre\lib\ext\sunec.jar;E:\software\dragonwell-8.10.11\jre\lib\ext\sunjce_provider.jar;E:\software\dragonwell-8.10.11\jre\lib\ext\sunmscapi.jar;E:\software\dragonwell-8.10.11\jre\lib\ext\sunpkcs11.jar;E:\software\dragonwell-8.10.11\jre\lib\ext\zipfs.jar;E:\software\dragonwell-8.10.11\jre\lib\jce.jar;E:\software\dragonwell-8.10.11\jre\lib\jfr.jar;E:\software\dragonwell-8.10.11\jre\lib\jsse.jar;E:\software\dragonwell-8.10.11\jre\lib\management-agent.jar;E:\software\dragonwell-8.10.11\jre\lib\resources.jar;E:\software\dragonwell-8.10.11\jre\lib\rt.jar;D:\workplace\jiaying_workplace\gongxiang\ywgxpt\ywgxpt-cloud-business\ywgxpt-cloud-business-scip\target\classes;D:\workplace\jiaying_workplace\gongxiang\ywgxpt\ywgxpt-cloud-common\ywgxpt-cloud-common-datascope\target\classes;D:\workplace\jiaying_workplace\gongxiang\ywgxpt\ywgxpt-cloud-common\ywgxpt-cloud-common-tenant\target\classes;D:\repository\com\alibaba\druid-spring-boot-starter\1.2.16\druid-spring-boot-starter-1.2.16.jar;D:\repository\com\alibaba\druid\1.2.16\druid-1.2.16.jar;D:\repository\org\slf4j\slf4j-api\1.7.36\slf4j-api-1.7.36.jar;D:\repository\org\apache\axis\axis\1.4\axis-1.4.jar;D:\repository\org\apache\axis\axis-jaxrpc\1.4\axis-jaxrpc-1.4.jar;D:\repository\org\apache\axis\axis-saaj\1.4\axis-saaj-1.4.jar;D:\repository\commons-discovery\commons-discovery\0.2\commons-discovery-0.2.jar;D:\repository\commons-logging\commons-logging\1.0.3\commons-logging-1.0.3.jar;D:\workplace\jiaying_workplace\gongxiang\ywgxpt\ywgxpt-cloud-business\ywgxpt-cloud-business-scip\libs\jit-vstk-jdk15-new-2.0.308.23.4.jar;D:\workplace\jiaying_workplace\gongxiang\ywgxpt\ywgxpt-cloud-business\ywgxpt-cloud-business-sso\target\classes;D:\repository\com\baomidou\mybatis-plus-boot-starter\3.5.3\mybatis-plus-boot-starter-3.5.3.jar;D:\repository\com\baomidou\mybatis-plus\3.5.3\mybatis-plus-3.5.3.jar;D:\repository\com\baomidou\mybatis-plus-extension\3.5.3\mybatis-plus-extension-3.5.3.jar;D:\repository\com\baomidou\mybatis-plus-core\3.5.3\mybatis-plus-core-3.5.3.jar;D:\repository\com\baomidou\mybatis-plus-annotation\3.5.3\mybatis-plus-annotation-3.5.3.jar;D:\repository\org\mybatis\mybatis-spring\2.0.7\mybatis-spring-2.0.7.jar;D:\repository\org\springframework\boot\spring-boot-autoconfigure\2.7.7\spring-boot-autoconfigure-2.7.7.jar;D:\repository\org\springframework\boot\spring-boot\2.7.7\spring-boot-2.7.7.jar;D:\repository\org\springframework\boot\spring-boot-starter-jdbc\2.7.7\spring-boot-starter-jdbc-2.7.7.jar;D:\repository\org\springframework\boot\spring-boot-starter\2.7.7\spring-boot-starter-2.7.7.jar;D:\repository\org\springframework\boot\spring-boot-starter-logging\2.7.7\spring-boot-starter-logging-2.7.7.jar;D:\repository\org\apache\logging\log4j\log4j-to-slf4j\2.17.2\log4j-to-slf4j-2.17.2.jar;D:\repository\org\apache\logging\log4j\log4j-api\2.17.2\log4j-api-2.17.2.jar;D:\repository\org\slf4j\jul-to-slf4j\1.7.36\jul-to-slf4j-1.7.36.jar;D:\repository\jakarta\annotation\jakarta.annotation-api\1.3.5\jakarta.annotation-api-1.3.5.jar;D:\repository\org\yaml\snakeyaml\1.30\snakeyaml-1.30.jar;D:\repository\com\zaxxer\HikariCP\4.0.3\HikariCP-4.0.3.jar;D:\repository\org\springframework\spring-jdbc\5.3.24\spring-jdbc-5.3.24.jar;D:\repository\org\springframework\spring-tx\5.3.24\spring-tx-5.3.24.jar;D:\repository\net\lingala\zip4j\zip4j\2.9.0\zip4j-2.9.0.jar;D:\workplace\jiaying_workplace\gongxiang\ywgxpt\ywgxpt-cloud-business\ywgxpt-cloud-business-file\target\classes;D:\repository\io\minio\minio\8.2.2\minio-8.2.2.jar;D:\repository\com\carrotsearch\thirdparty\simple-xml-safe\2.7.1\simple-xml-safe-2.7.1.jar;D:\repository\com\google\guava\guava\30.0-jre\guava-30.0-jre.jar;D:\repository\com\google\guava\failureaccess\1.0.1\failureaccess-1.0.1.jar;D:\repository\com\google\guava\listenablefuture\9999.0-empty-to-avoid-conflict-with-guava\listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jar;D:\repository\com\google\code\findbugs\jsr305\3.0.2\jsr305-3.0.2.jar;D:\repository\org\checkerframework\checker-qual\3.5.0\checker-qual-3.5.0.jar;D:\repository\com\google\errorprone\error_prone_annotations\2.3.4\error_prone_annotations-2.3.4.jar;D:\repository\com\google\j2objc\j2objc-annotations\1.3\j2objc-annotations-1.3.jar;D:\repository\com\squareup\okhttp3\okhttp\4.9.3\okhttp-4.9.3.jar;D:\repository\com\squareup\okio\okio\2.8.0\okio-2.8.0.jar;D:\repository\org\jetbrains\kotlin\kotlin-stdlib-common\1.6.21\kotlin-stdlib-common-1.6.21.jar;D:\repository\org\jetbrains\kotlin\kotlin-stdlib\1.6.21\kotlin-stdlib-1.6.21.jar;D:\repository\org\jetbrains\annotations\13.0\annotations-13.0.jar;D:\repository\com\fasterxml\jackson\core\jackson-annotations\2.13.4\jackson-annotations-2.13.4.jar;D:\repository\com\fasterxml\jackson\core\jackson-core\2.13.4\jackson-core-2.13.4.jar;D:\repository\commons-beanutils\commons-beanutils\1.9.3\commons-beanutils-1.9.3.jar;D:\repository\commons-collections\commons-collections\3.2.2\commons-collections-3.2.2.jar;D:\repository\com\github\tobato\fastdfs-client\1.27.2\fastdfs-client-1.27.2.jar;D:\repository\org\slf4j\jcl-over-slf4j\1.7.36\jcl-over-slf4j-1.7.36.jar;D:\repository\ch\qos\logback\logback-classic\1.2.11\logback-classic-1.2.11.jar;D:\repository\ch\qos\logback\logback-core\1.2.11\logback-core-1.2.11.jar;D:\repository\org\apache\commons\commons-pool2\2.11.1\commons-pool2-2.11.1.jar;D:\repository\org\springframework\spring-core\5.3.24\spring-core-5.3.24.jar;D:\repository\org\springframework\spring-jcl\5.3.24\spring-jcl-5.3.24.jar;D:\repository\org\hibernate\validator\hibernate-validator\6.2.5.Final\hibernate-validator-6.2.5.Final.jar;D:\repository\jakarta\validation\jakarta.validation-api\2.0.2\jakarta.validation-api-2.0.2.jar;D:\repository\org\jboss\logging\jboss-logging\3.4.3.Final\jboss-logging-3.4.3.Final.jar;D:\repository\com\fasterxml\classmate\1.5.1\classmate-1.5.1.jar;D:\repository\org\springframework\spring-context\5.3.24\spring-context-5.3.24.jar;D:\repository\net\coobird\thumbnailator\0.4.8\thumbnailator-0.4.8.jar;D:\repository\org\apache\httpcomponents\httpclient\4.5.14\httpclient-4.5.14.jar;D:\repository\org\apache\httpcomponents\httpcore\4.4.16\httpcore-4.4.16.jar;D:\repository\commons-codec\commons-codec\1.15\commons-codec-1.15.jar;D:\repository\com\itextpdf\itextpdf\5.5.6\itextpdf-5.5.6.jar;D:\repository\com\itextpdf\itext-asian\5.2.0\itext-asian-5.2.0.jar;D:\repository\org\bouncycastle\bcprov-jdk15on\1.49\bcprov-jdk15on-1.49.jar;D:\repository\org\bouncycastle\bcmail-jdk15on\1.47\bcmail-jdk15on-1.47.jar;D:\repository\org\bouncycastle\bcpkix-jdk15on\1.47\bcpkix-jdk15on-1.47.jar;D:\repository\org\apache\pdfbox\pdfbox\2.0.9\pdfbox-2.0.9.jar;D:\repository\org\apache\pdfbox\fontbox\2.0.9\fontbox-2.0.9.jar;D:\workplace\jiaying_workplace\gongxiang\ywgxpt\ywgxpt-cloud-common\ywgxpt-cloud-common-core\target\classes;D:\repository\org\springframework\cloud\spring-cloud-starter-openfeign\3.1.5\spring-cloud-starter-openfeign-3.1.5.jar;D:\repository\org\springframework\cloud\spring-cloud-openfeign-core\3.1.5\spring-cloud-openfeign-core-3.1.5.jar;D:\repository\org\springframework\boot\spring-boot-starter-aop\2.7.7\spring-boot-starter-aop-2.7.7.jar;D:\repository\org\aspectj\aspectjweaver\1.9.7\aspectjweaver-1.9.7.jar;D:\repository\io\github\openfeign\form\feign-form-spring\3.8.0\feign-form-spring-3.8.0.jar;D:\repository\io\github\openfeign\form\feign-form\3.8.0\feign-form-3.8.0.jar;D:\repository\commons-fileupload\commons-fileupload\1.4\commons-fileupload-1.4.jar;D:\repository\org\springframework\cloud\spring-cloud-commons\3.1.5\spring-cloud-commons-3.1.5.jar;D:\repository\org\springframework\security\spring-security-crypto\5.7.6\spring-security-crypto-5.7.6.jar;D:\repository\io\github\openfeign\feign-core\11.10\feign-core-11.10.jar;D:\repository\io\github\openfeign\feign-slf4j\11.10\feign-slf4j-11.10.jar;D:\repository\org\springframework\cloud\spring-cloud-starter-loadbalancer\3.1.5\spring-cloud-starter-loadbalancer-3.1.5.jar;D:\repository\org\springframework\cloud\spring-cloud-loadbalancer\3.1.5\spring-cloud-loadbalancer-3.1.5.jar;D:\repository\io\projectreactor\reactor-core\3.4.26\reactor-core-3.4.26.jar;D:\repository\org\reactivestreams\reactive-streams\1.0.4\reactive-streams-1.0.4.jar;D:\repository\io\projectreactor\addons\reactor-extra\3.4.9\reactor-extra-3.4.9.jar;D:\repository\org\springframework\boot\spring-boot-starter-cache\2.7.7\spring-boot-starter-cache-2.7.7.jar;D:\repository\com\stoyanr\evictor\1.0.0\evictor-1.0.0.jar;D:\repository\org\springframework\spring-context-support\5.3.24\spring-context-support-5.3.24.jar;D:\repository\org\springframework\spring-beans\5.3.24\spring-beans-5.3.24.jar;D:\repository\org\springframework\spring-web\5.3.24\spring-web-5.3.24.jar;D:\repository\com\alibaba\transmittable-thread-local\2.14.2\transmittable-thread-local-2.14.2.jar;D:\repository\com\github\pagehelper\pagehelper-spring-boot-starter\1.4.6\pagehelper-spring-boot-starter-1.4.6.jar;D:\repository\org\mybatis\spring\boot\mybatis-spring-boot-starter\2.2.2\mybatis-spring-boot-starter-2.2.2.jar;D:\repository\org\mybatis\spring\boot\mybatis-spring-boot-autoconfigure\2.2.2\mybatis-spring-boot-autoconfigure-2.2.2.jar;D:\repository\org\mybatis\mybatis\3.5.9\mybatis-3.5.9.jar;D:\repository\com\github\pagehelper\pagehelper-spring-boot-autoconfigure\1.4.6\pagehelper-spring-boot-autoconfigure-1.4.6.jar;D:\repository\com\github\pagehelper\pagehelper\5.3.2\pagehelper-5.3.2.jar;D:\repository\com\github\jsqlparser\jsqlparser\4.5\jsqlparser-4.5.jar;D:\repository\org\springframework\boot\spring-boot-starter-validation\2.7.7\spring-boot-starter-validation-2.7.7.jar;D:\repository\org\apache\tomcat\embed\tomcat-embed-el\9.0.70\tomcat-embed-el-9.0.70.jar;D:\repository\com\fasterxml\jackson\core\jackson-databind\2.13.4.2\jackson-databind-2.13.4.2.jar;D:\repository\com\alibaba\fastjson2\fastjson2\2.0.25\fastjson2-2.0.25.jar;D:\repository\io\jsonwebtoken\jjwt\0.9.1\jjwt-0.9.1.jar;D:\repository\javax\xml\bind\jaxb-api\2.3.1\jaxb-api-2.3.1.jar;D:\repository\javax\activation\javax.activation-api\1.2.0\javax.activation-api-1.2.0.jar;D:\repository\org\apache\commons\commons-lang3\3.12.0\commons-lang3-3.12.0.jar;D:\repository\commons-io\commons-io\2.11.0\commons-io-2.11.0.jar;D:\repository\org\apache\poi\poi-ooxml\4.1.2\poi-ooxml-4.1.2.jar;D:\repository\org\apache\poi\poi\4.1.2\poi-4.1.2.jar;D:\repository\org\apache\commons\commons-collections4\4.4\commons-collections4-4.4.jar;D:\repository\org\apache\commons\commons-math3\3.6.1\commons-math3-3.6.1.jar;D:\repository\com\zaxxer\SparseBitSet\1.2\SparseBitSet-1.2.jar;D:\repository\org\apache\poi\poi-ooxml-schemas\4.1.2\poi-ooxml-schemas-4.1.2.jar;D:\repository\org\apache\xmlbeans\xmlbeans\3.1.0\xmlbeans-3.1.0.jar;D:\repository\org\apache\commons\commons-compress\1.19\commons-compress-1.19.jar;D:\repository\com\github\virtuald\curvesapi\1.06\curvesapi-1.06.jar;D:\repository\javax\servlet\javax.servlet-api\4.0.1\javax.servlet-api-4.0.1.jar;D:\repository\io\swagger\swagger-annotations\1.6.2\swagger-annotations-1.6.2.jar;D:\repository\org\eclipse\jgit\org.eclipse.jgit\5.13.1.202206130422-r\org.eclipse.jgit-5.13.1.202206130422-r.jar;D:\repository\com\googlecode\javaewah\JavaEWAH\1.1.13\JavaEWAH-1.1.13.jar;D:\workplace\jiaying_workplace\gongxiang\ywgxpt\ywgxpt-cloud-common\ywgxpt-cloud-common-security\target\classes;D:\repository\org\springframework\spring-webmvc\5.3.24\spring-webmvc-5.3.24.jar;D:\repository\org\springframework\spring-aop\5.3.24\spring-aop-5.3.24.jar;D:\repository\org\springframework\spring-expression\5.3.24\spring-expression-5.3.24.jar;D:\workplace\jiaying_workplace\gongxiang\ywgxpt\ywgxpt-cloud-api\ywgxpt-cloud-api-system\target\classes;D:\workplace\jiaying_workplace\gongxiang\ywgxpt\ywgxpt-cloud-common\ywgxpt-cloud-common-redis\target\classes;D:\repository\org\springframework\boot\spring-boot-starter-data-redis\2.7.7\spring-boot-starter-data-redis-2.7.7.jar;D:\repository\org\springframework\data\spring-data-redis\2.7.6\spring-data-redis-2.7.6.jar;D:\repository\org\springframework\data\spring-data-keyvalue\2.7.6\spring-data-keyvalue-2.7.6.jar;D:\repository\org\springframework\data\spring-data-commons\2.7.6\spring-data-commons-2.7.6.jar;D:\repository\org\springframework\spring-oxm\5.3.24\spring-oxm-5.3.24.jar;D:\repository\io\lettuce\lettuce-core\6.1.10.RELEASE\lettuce-core-6.1.10.RELEASE.jar;D:\repository\io\netty\netty-common\4.1.86.Final\netty-common-4.1.86.Final.jar;D:\repository\io\netty\netty-handler\4.1.86.Final\netty-handler-4.1.86.Final.jar;D:\repository\io\netty\netty-resolver\4.1.86.Final\netty-resolver-4.1.86.Final.jar;D:\repository\io\netty\netty-buffer\4.1.86.Final\netty-buffer-4.1.86.Final.jar;D:\repository\io\netty\netty-transport-native-unix-common\4.1.86.Final\netty-transport-native-unix-common-4.1.86.Final.jar;D:\repository\io\netty\netty-codec\4.1.86.Final\netty-codec-4.1.86.Final.jar;D:\repository\io\netty\netty-transport\4.1.86.Final\netty-transport-4.1.86.Final.jar;D:\workplace\jiaying_workplace\gongxiang\ywgxpt\ywgxpt-cloud-common\ywgxpt-cloud-common-log\target\classes;D:\repository\org\springframework\cloud\spring-cloud-starter-bootstrap\3.1.5\spring-cloud-starter-bootstrap-3.1.5.jar;D:\repository\org\springframework\cloud\spring-cloud-starter\3.1.5\spring-cloud-starter-3.1.5.jar;D:\repository\org\springframework\cloud\spring-cloud-context\3.1.5\spring-cloud-context-3.1.5.jar;D:\repository\org\springframework\security\spring-security-rsa\1.0.11.RELEASE\spring-security-rsa-1.0.11.RELEASE.jar;D:\repository\org\projectlombok\lombok\1.18.24\lombok-1.18.24.jar com.jiayingsoft.scip.web.test.TestSignatrueDigest
Exception in thread "main" ExceptionConverter: java.security.InvalidKeyException: Key must not be null
	at sun.security.rsa.RSAKeyFactory.toRSAKey(RSAKeyFactory.java:119)
	at sun.security.rsa.RSASignature.engineInitVerify(RSASignature.java:93)
	at java.security.Signature$Delegate.tryOperation(Signature.java:1280)
	at java.security.Signature$Delegate.chooseProvider(Signature.java:1234)
	at java.security.Signature$Delegate.engineInitVerify(Signature.java:1308)
	at java.security.Signature.initVerify(Signature.java:491)
	at com.itextpdf.text.pdf.security.PdfPKCS7.initSignature(PdfPKCS7.java:701)
	at com.itextpdf.text.pdf.security.PdfPKCS7.<init>(PdfPKCS7.java:459)
	at com.itextpdf.text.pdf.AcroFields.verifySignature(AcroFields.java:2371)
	at com.itextpdf.text.pdf.AcroFields.verifySignature(AcroFields.java:2324)
	at com.jiayingsoft.scip.web.test.TestSignatrueDigest.digest(TestSignatrueDigest.java:69)
	at com.jiayingsoft.scip.web.test.TestSignatrueDigest.main(TestSignatrueDigest.java:27)

Process finished with exit code 1

加上 

Security.addProvider(new BouncyCastleProvider());

异常解决。