noTS LTV轉PDF文檔。錯誤簽名定義。必須在PdfSignatureAppearance中關閉

Question

我想簽署並將LTV添加到尚未簽名的PDF中。

 Security.addProvider(new BouncyCastleProvider()); 
    EncryptPDF pdf = new EncryptPDF(); 

    OCSPVerifier ocspVerifier = new OCSPVerifier(null, null); 
    OcspClient ocsp = new OcspClientBouncyCastle(ocspVerifier); 

    pdf.signPDF(file_src, file_temp, ocsp); 
    pdf.addLtvNoTS(file_temp, file_dest, ocsp); 

方法signPDF有簽名（或現在評論加密）沒有問題：

我從iText的例子和qustions http://developers.itextpdf.com/question/how-enable-ltv-timestamp-signature

主要方法的基本組成部分複製編碼。臨時文件是確定的。

private void signPDF(String src, String dest, OcspClient ocsp) { 
    try { 
    PdfReader reader = new PdfReader(src); 

    KeyStore ks = KeyStore.getInstance("pkcs12", "BC"); 
    ks.load(new FileInputStream(cert2_src), keystore_password.toCharArray()); 
    String alias = null; 
    Enumeration<String> en = ks.aliases(); 
    while(en.hasMoreElements()) { 
     alias = en.nextElement(); 
     System.out.println("alias name: " + alias); 
    } 

    PrivateKey pk = (PrivateKey) ks.getKey(alias, key_password.toCharArray()); 
    Certificate[] chain = ks.getCertificateChain(alias); 

    PdfStamper stamper = PdfStamper.createSignature(reader, new FileOutputStream(dest), '\0', null, true); 

    // appearance 
    PdfSignatureAppearance appearance = stamper.getSignatureAppearance(); 
    appearance.setImage(Image.getInstance(res_src)); 
    appearance.setVisibleSignature(new Rectangle(172, 132, 572, 232), 1, "SignatureField"); 

    //   Certificate cert = getPublicCertificate(cert_src); 
    //   stamper.setEncryption(new Certificate[]{cert}, 
    //   new int[]{PdfWriter.ALLOW_PRINTING}, PdfWriter.ENCRYPTION_AES_128); //| PdfWriter.DO_NOT_ENCRYPT_METADATA 


    // digital signature 
    ExternalSignature es = new PrivateKeySignature(pk, "SHA-256", "BC"); 
    ExternalDigest digest = new BouncyCastleDigest(); 
    MakeSignature.signDetached(appearance, digest, es, chain, null, ocsp, null, 0, CryptoStandard.CMS); 

    } catch (FileNotFoundException e){ 
    e.printStackTrace(); 
    } catch (Exception e) { 
    e.printStackTrace(); 
    } 
} 

在方法addLtvNoTS我收到錯誤「Signature defined。必須在PdfSignatureAppearance中關閉」。在最後一行stamper.close（）。我無法弄清楚。請幫忙。

private void addLtvNoTS(String src, String dest, OcspClient ocsp) 
    throws IOException, DocumentException, GeneralSecurityException { 
    PdfReader r = new PdfReader(src); 
    FileOutputStream fos = new FileOutputStream(dest); 
    PdfStamper stamper = PdfStamper.createSignature(r, fos, '\0', null, true); 
    LtvVerification v = stamper.getLtvVerification(); 
    AcroFields fields = stamper.getAcroFields(); 
    ArrayList<String> names = fields.getSignatureNames(); 
    String sigName = names.get(names.size() - 1); 

    PdfPKCS7 pkcs7 = fields.verifySignature(sigName); 
    v.addVerification(sigName, ocsp, null, 
     LtvVerification.CertificateOption.WHOLE_CHAIN, 
     LtvVerification.Level.OCSP, 
     LtvVerification.CertificateInclusion.NO); 
    stamper.close(); 
} 

Answer 1

你addLtvNoTS方法似乎是第一一直是addLtv方法，你再完全編輯成爲addLtvNoTS方法有副本的文章中的副本。

特別是你的addLtvNoTS方法仍包含從文章addLtv方法這一行

PdfStamper stamper = PdfStamper.createSignature(r, fos, '\0', null, true); 

而在文章addLtvNoTS方法的相應行是這樣的：

PdfStamper stp = new PdfStamper(r, fos, '\0', true); 

因此，您創建一個PdfStamper簽署或加蓋時間（所以iText最終會抱怨你沒有這樣做），而你應該創建一個不是。