在CodeProject上看到一篇不錯的文章,是以在這裡還是向大家推薦一下。
You'll need Visual Studio 2005 to be able to open and build the project
iTextSharp provides a lot of interesting features to create and manipulate PDF documents, but in this article we will only use digital signature functions.
I will also use some function to manipulate pkcs#12 certificates, the only thing you need to know here is that our digital signature will use a private key extracted from a pkcs#12 certificate.
Then extract the pkcs#12 certificate as described bellow :
Open Internet explorer and click on tools then internet options
Go to 'content' tab and click 'certificats'
Choose a certificate from the list and click Export
Follow the wizard and when asked choos to <b>include private key</b> with extracted certificate
Enter a password when prompted (dont give an empty one!!!)
You are now ready to use the code provided in this article.
Using the signature example:
1 – compile and run the example
2 – browse to the PDF source file you want to sign
3 – browse and choose a destination pdf file
4 – add/modify the PDF meta data if you want
5 – browse to the certificate (the .pfx file) you just extracted and choose it
6 – give the password you used to extract the certificate
5 – add signature information if needed (reason, contact and location)
6 – click sign button
In the debug box you’ll see operaion’s progress
If everything goes well open your explorer and browse to location you entered for Target file, open this file with Adobe Acrobat reader, your document is signed! =)
In the source code provided with this article, I wrote library called PDFSigner, it’s a helper package that use iTextSharp and do everything you need for digital signatures.
It contains three classes
<b>Cert class:</b> this class is used to hold a certificate and extract needed information for signature, the most important methode in this class is processCert (will be explained bellow)
<b>MetaData class : </b>holds PDF meta data
<b>PDFSigner class :</b> the construction of this class takes a Cert object and if needed a MetaData object, the most important methode here is the sign methode (will be explained bellow)
private void processCert()
{
string alias = null;
PKCS12Store pk12;
//First we'll read the certificate file
pk12 = new PKCS12Store(new FileStream(this.Path, FileMode.Open, FileAccess.Read), this.password.ToCharArray());
//then Iterate throught certificate entries to find the private key entry
IEnumerator i = pk12.aliases();
while (i.MoveNext())
alias = ((string)i.Current);
if (pk12.isKeyEntry(alias))
break;
}
this.akp = pk12.getKey(alias).getKey();
X509CertificateEntry[] ce = pk12.getCertificateChain(alias);
this.chain = new org.bouncycastle.x509.X509Certificate[ce.Length];
for (int k = 0; k < ce.Length; ++k)
chain[k] = ce[k].getCertificate();
}
This methode reads the certificate and iterate throught its entries to find the private key entry then extract it.
it also construct the certificate's chain if available
public void Sign(string SigReason, string SigContact, string SigLocation, bool visible)
PdfReader reader = new PdfReader(this.inputPDF);
//Activate MultiSignatures
PdfStamper st = PdfStamper.CreateSignature(reader, new FileStream(this.outputPDF, FileMode.Create, FileAccess.Write), '\0', null, true);
//To disable Multi signatures uncomment this line : every new signature will invalidate older ones !
//PdfStamper st = PdfStamper.CreateSignature(reader, new FileStream(this.outputPDF, FileMode.Create, FileAccess.Write), '\0');
st.MoreInfo = this.metadata.getMetaData();
st.XmpMetadata = this.metadata.getStreamedMetaData();
PdfSignatureAppearance sap = st.SignatureAppearance;
sap.SetCrypto(this.myCert.Akp, this.myCert.Chain, null, PdfSignatureAppearance.WINCER_SIGNED);
sap.Reason = SigReason;
sap.Contact = SigContact;
sap.Location = SigLocation;
if (visible)
sap.SetVisibleSignature(new iTextSharp.text.Rectangle(100, 100, 250, 150), 1, null);
st.Close();
}
this function reads the content of a given pdf , then it use the read data to create a new PDF using PDFStamper.
PDFStamper is a PDF Writer that can sign PDF documents, the signature appearence can be configured so you can add a reason, a contact and a location attributes to the signature.
SetCrypto methode allows us to sign the document using the private key and chain certificate we extracted from the certificate file.
And finally, the SetVisibleSignature is used if you need to add a visible signature to the document
PDFReader, PDFStamper and PdfSignatureAppearance are provided by iTextSharp library
From http://www.codeproject.com/useritems/Esignature.asp