使用iTextSharp5.3.3和USB令牌对PDF进行签名我正在尝试使用外部USB令牌在C#中签署PDF。我尝试使用从互联网上挖出的以下代码。Org.BouncyCastle.X509.X509CertificateParsercp=newOrg.BouncyCastle.X509.X509CertificateParser();//获取证书X509Certificate2certClient=null;X509Storest=newX509Store(StoreName.My,StoreLocation.CurrentUser);st.Open(OpenFlags.MaxAllowed);X509Certificate2Collectioncollection=X509Certificate2UI.SelectFromCollection(st.Certificates,"请选择证书:","",X509SelectionFlag.SingleSelection);如果(collection.Count>0){certClient=collection[0];}st.Close();//获取证书链IListchain=newList();X509Chainx509chain=newX509Chain();x509chain.Build(certClient);foreach(x509chain.ChainElements中的X509ChainElementx509ChainElement){chain.Add(DotNetUtilities.FromX509Certificate(x509ChainElement.Certificate));}PdfReader阅读器=newPdfReader(sourceDocument);FileStreamresStream=newFileStream(resultDocument,FileMode.Create,FileAccess.ReadWrite);PdfStamper压模=PdfStamper.CreateSignature(阅读器,resStream,'',空,真);PdfSignatureAppearance外观=stamper.SignatureAppearance;appearance.Reason=原因;appearance.Location=位置;appearance.SetVisibleSignature(newiTextSharp.text.Rectangle(20,10,170,60),1,"Signed");X509Certificate2Signaturees=newX509Certificate2Signature(certClient,"SHA-1");MakeSignature.SignDetached(外观,es,链,null,null,null,0,CryptoStandard.CMS);问题是我收到了一个例子:System.Security.Cryptography.CryptographicException未处理Message=Invalidtypespecified.来源=mscorlibStackTrace:在System.Security.Cryptography.CryptographicException.ThrowCryptographicException(Int32小时)在System.Security.Cryptography.Utils._GetKeyParameter(SafeKeyHandlehKey,UInt32paramID)在System.Security.Cryptography.Utils.GetKeyPairHelper(CspAlgorithmTypekeyType,CspParameters参数,BooleanrandomKeyContainer,Int32dwKeySize,SafeProvHandle&safeProvHandle,SafeKeyHandle&safeKey句柄)在System.Security.Cryptography.RSACryptoServiceProvider.GetKeyPair()在System.Security.Cryptography.RSACryptoServiceProvider..ctor(Int32dwKeySize,CspParameters参数,布尔值useDefaultKeySize)在System.Security.Cryptography.X509Certificates.X509Certificate2.get_PrivateKey()在iTextSharp.text.pdf.security.X509Certificate2Signature..ctor(X509Certificate2certificate,StringhashAlgorithm)atWindowsFormsApplication1.PDFSignerHelper.signPdfFile(StringsourceDocument,StringresultDocument,X509Certificate2certClient,Stringreason,Stringlocation)InnerException:这种方法对我们来说很好(iTextSharp5.3.3)我们使用智能卡和USB指令牌(供应商–http://www.author.kiev.ua):X509Storestore=newX509Store(StoreLocation.CurrentUser);store.Open(OpenFlags.ReadOnly);X509Certificate2Collectionsel=X509Certificate2UI.SelectFromCollection(store.Certificates,null,null,X509SelectionFlag.SingleSelection);X509Certificate2cert=sel[0];Org.BouncyCastle.X509.X509CertificateParsercp=newOrg.BouncyCastle.X509.X509CertificateParser();Org.BouncyCastle.X509.X509Certificate[]chain=newOrg.BouncyCastle.X509.X509Certificate[]{cp.ReadCertificate(cert.RawData)};IExternalSignatureexternalSignature=newX509Certificate2Signature(cert,"SHA-1");PdfReaderpdfReader=newPdfReader(pathToBasePdf);signedPdf=newFileStream(pathToBasePdf,FileMode.Create);pdfStamper=PdfStamper.CreateSignature(pdfReader,signedPdf,'');PdfSignatureAppearancesignatureAppearance=pdfStamper.SignatureAppearance;signatureAppearance.SignatureGraphic=Image.GetInstance(pathToSign自然图像);signatureAppearance.SetVisibleSignature(newRectangle(100,100,250,150),pdfReader.NumberOfPages,"签名");signatureAppearance.SignatureRenderingMode=PdfSignatureAppearance.RenderingMode.GRAPHIC_AND_DESCRIPTION;MakeSignature.SignDetached(signatureAppearance,externalSignature,chain,null,null,null,0,CryptoStandard.CMS);我已经制作了可以从Windows应用商店、智能卡或Pfx/P12文件签署PDF的c#项目,这对您使用System的四个人可能很有用;使用System.Windows.Forms;使用System.IO;使用系统安全;使用System.Security.Cryptography;使用System.Security.Cryptography.X509Certificates;使用iTextSharp.text.pdf;使用iTextSharp.text.pdf.security;表单{公共Form1(){InitializeComponent();}privateSecureStringGetSecurePin(stringPinCode){SecureStringpwd=newSecureString();foreach(varcinPinCode.ToCharArray())pwd.AppendChar(c);返回密码;}privatevoidbutton1_Click(objectsender,EventArgse){//从智能卡签名//注意:ProviderName和KeyContainerName可以使用dos命令找到:CertUtil-ScInfostringProviderName=textBox2.Text;字符串KeyContainerName=textBox3.Text;字符串PinCode=textBox4.Text;if(PinCode!=""){//如果设置了pin码,则不会弹出窗口窗体询问它SecureStringpwd=GetSecurePin(PinCode);CspParameterscsp=newCspParameters(1,ProviderName,KeyContainerName,newSystem.Security.AccessControl.CryptoKeySecurity(),pwd);尝试{RSACryptoServiceProviderrsaCsp=newRSACryptoServiceProvider(csp);//将缓存pin码以供下次访问智能卡时使用}catch(Exceptionex){MessageBox.Show("Cryptoerror:"+ex.Message);返回;}}X509Storestore=newX509Store(StoreLocation.CurrentUser);store.Open(OpenFlags.ReadOnly);X509Certificate2证书=空;if((ProviderName=="")||(KeyContainerName=="")){MessageBox.Show("YoumustsetProviderNameandKeyContainerName");返回;}foreach(X509Certificate2cert2instore.Certificates){if(cert2.HasPrivateKey){RSACryptoServiceProviderrsa=(RSACryptoServiceProvider)cert2.PrivateKey;如果(rsa==null)继续;//不是智能卡证书if(rsa.CspKeyContainerInfo.HardwareDevice)//sure-smartcard{if((rsa.CspKeyContainerInfo.KeyContainerName==KeyContainerName)&&(rsa.CspKeyContainerInfo.ProviderName==ProviderName)){//我们发现它证书=证书2;休息;}}}}if(cert==null){MessageBox.Show("未找到证书");返回;}SignWithThisCert(证书);}privatevoidbutton2_Click(objectsender,EventArgse){//用windows证书库中的证书选择签名X509Storestore=newX509Store(StoreLocation.CurrentUser);store.Open(OpenFlags.ReadOnly);X509Certificate2证书=空;//手动选择商店中的证书X509Certificate2Collectionsel=X509Certificate2UI.SelectFromCollection(store.Certificates,null,null,X509SelectionFlag.SingleSelection);如果(sel.Count>0)cert=sel[0];else{MessageBox.Show("未找到证书");返回;}SignWithThisCert(证书);}privatevoidbutton3_Click(objectsender,EventArgse){//从pfx或p12文件中的证书签名stringPfxFileName=textBox5.Text;字符串PfxPassword=textBox6.Text;X509Certificate2cert=newX509Certificate2(PfxFileName,PfxPassword);SignWithThisCert(证书);}privatevoidSignWithThisCert(X509Certificate2cert){stringSourcePdfFileName=textBox1.Text;stringDestPdfFileName=textBox1.Text+"-Signed.pdf";Org.BouncyCastle.X509.X509CertificateParsercp=newOrg.BouncyCastle.X509.X509CertificateParser();Org.BouncyCastle.X509.X509Certificate[]chain=newOrg.BouncyCastle.X509.X509Certificate[]{cp.ReadCertificate(cert.RawData)};IExternalSignatureexternalSignature=newX509Certificate2Signature(cert,"SHA-1");PdfReaderpdfReader=newPdfReader(SourcePdfFileName);菲尔eStreamsignedPdf=newFileStream(DestPdfFileName,FileMode.Create);//输出pdf文件PdfStamperpdfStamper=PdfStamper.CreateSignature(pdfReader,signedPdf,'');PdfSignatureAppearancesignatureAppearance=pdfStamper.SignatureAppearanceatsignature;//这里出现在签名处。原因=“因为我可以”;signatureAppearance.Location="我的位置";signatureAppearance.SignatureRenderingMode=PdfSignatureAppearance.RenderingMode.DESCRIPTION;;//MakeSignature.SignDetached(signatureAppearance,externalSignature,chain,null,null,null,0,CryptoStandard.CADES);MessageBox.Show("完成");}}}与上面相同的代码,但在最后一页使用证书文件而不是存储来签署PDF文档X509Certificate2cert=newX509Certificate2("C:\mycert.p12");Org.BouncyCastle.X509.X509CertificateParsercp=newOrg.BouncyCastle.X509.X509CertificateParser();Org.BouncyCastle.X509.X509Certificate[]chain=newOrg.BouncyCastle.X509.X509Certificate[]{cp.ReadCertificate(cert.RawData)};IExternalSignatureexternalSignature=newX509Certificate2Signature(cert,"SHA-1");PdfReaderpdfReader=newPdfReader("C:\multi-page-pdf.pdf");varsignedPdf=newFileStream("C:\multi-page-pdf-signed.pdf",FileMode.Create);varpdfStamper=PdfStamper.CreateSignature(pdfReader,signedPdf,'');PdfSignatureAppearancesignatureAppearance=pdfStamper.SignatureAppearance;signatureAppearance.SignatureGraphic=Image.GetInstance("C:\logo.png");signatureAppearance.Reason="因为我可以";signatureAppearance.Location="我的位置";signatureAppearance.SetVisibleSignature(newRectangle(100,100,250,150),pdfReader.NumberOfPages,"签名");签名AAppearance.SignatureRenderingMode=PdfSignatureAppearance.RenderingMode.GRAPHIC_AND_DESCRIPTION;MakeSignature.SignDetached(signatureAppearance,externalSignature,chain,null,null,null,0,CryptoStandard.CMS);复制、粘贴、导入需要的库,剩下的继续以上是C#学习教程:使用iTextSharp5.3.3和USBtoken对PDF分享的所有内容进行签名。如果对你有用,需要进一步了解C#学习教程,希望大家多多关注。本文收集自网络,不代表立场。涉及侵权,请点击维权联系管理员删除。如需转载请注明出处:
