c# - 使用 iTextSharp 向 PDF 添加数字签名 - 智能卡证书(PIN 保护)
问题描述
我使用以下代码签署 PDF 文档,但我总是得到一个无效的证书。
private void SignWithThisCert(X509Certificate2 cert)
{
string SourcePdfFileName = Application.StartupPath + @"\Document.pdf";
string DestPdfFileName = Application.StartupPath + @"\Document.Signed.pdf";
Org.BouncyCastle.X509.X509CertificateParser cp = new Org.BouncyCastle.X509.X509CertificateParser();
Org.BouncyCastle.X509.X509Certificate[] chain = new Org.BouncyCastle.X509.X509Certificate[] { cp.ReadCertificate(cert.RawData) };
IExternalSignature externalSignature = new X509Certificate2Signature(cert, "SHA256");
PdfReader pdfReader = new PdfReader(SourcePdfFileName);
FileStream signedPdf = new FileStream(DestPdfFileName, FileMode.Create); //the output pdf file
PdfStamper pdfStamper = PdfStamper.CreateSignature(pdfReader, signedPdf, '\0');
PdfSignatureAppearance signatureAppearance = pdfStamper.SignatureAppearance;
signatureAppearance.Reason = "Safe Document";
signatureAppearance.Location = "My place";
signatureAppearance.SignatureRenderingMode = PdfSignatureAppearance.RenderingMode.GRAPHIC_AND_DESCRIPTION;
MakeSignature.SignDetached(signatureAppearance, externalSignature, chain, null, null, null, 0, CryptoStandard.CMS);
//MakeSignature.SignDetached(signatureAppearance, externalSignature, chain, null, null, null, 0, CryptoStandard.CADES);
pdfStamper.Close();
MessageBox.Show("Done");
}
然后我就调用这个方法:
//Sign from SmartCard
//note : ProviderName and KeyContainerName can be found with the dos command : CertUtil -ScInfo
string ProviderName = "cv act sc/interface CSP";
string KeyContainerName = "12345e02a1dcb12ece12345f0e203c093eb2f0ef";
string PinCode = "MYPINCODE";
if (PinCode != "")
{
//if pin code is set then no windows form will popup to ask it
SecureString pwd = GetSecurePin(PinCode);
CspParameters csp = new CspParameters(1,
ProviderName,
KeyContainerName,
new System.Security.AccessControl.CryptoKeySecurity(),
pwd);
try
{
RSACryptoServiceProvider rsaCsp = new RSACryptoServiceProvider(csp);
// the pin code will be cached for next access to the smart card
}
catch (Exception ex)
{
MessageBox.Show("Crypto error: " + ex.Message);
return;
}
}
var cert = Helper.GetCertBySubject("cert subject here");
SignWithThisCert(cert);
它在 PDF 文档上签名,但是当我在阅读器中打开它时,它说证书无效。
我正在使用带有不可导出私钥的 PIN 保护智能卡 - PKCS#12
我可能需要使用PK吗?
太感谢了
解决方案
推荐阅读
- java - 将属性中的值注入接口字段
- windows - 突然,NPM 脚本变量不再起作用
- javascript - React - 修复,取消 useEffect 清理函数中的所有订阅和异步任务
- jquery - 在codeigniter中显示来自数据库ajax json的选择选项
- asp.net - 我想在数据表中显示来自动作的 json 数据
- javascript - 冒泡排序算法
- spring-boot - 什么类型的证书 spring-boot 应用程序需要 HTTPS 连接?
- asp.net-core - 如何将 [Authorize(Roles = "RoleName")] 转换为变量?
- r - R闪亮的日期范围显示数据中不存在的日期
- python - 查找列表中大于当前元素的所有元素