1.实现IExternalSignature接口
public class UkeyExternalSignature: IExternalSignature
{ private string _keySerial; public UkeyExternalSignature(string keySerial) { this._keySerial = keySerial; } public string GetEncryptionAlgorithm() { //return "RSA";` return "RSA"; } public string GetHashAlgorithm() { //return "SHA1"; return DigestAlgorithms.SHA256; } public byte[] Sign(byte[] message) { topesa.topesa.CertSet certs = topesa.topesa.CertStore.listAllCerts(); if (certs.size() == 0) { return null; } else { //此处为厂家提供的签名方法 topesa.topesa.CertSet certs2 = certs.bySerialnumber(_keySerial); if (certs2.size() == 1) { topesa.topesa.Certificate cert = certs2.get(0); return cert.signP7(message); //Convert.ToBase64String(b); } else { return null; } } } }
public class UkeySign { //根据证书序列号查找证书 private static X509Certificate2 GetCertificateFromStore(string serialNum) { try { //subjectName = "CN=" + subjectName; X509Store store = new X509Store(StoreName.My, StoreLocation.CurrentUser); store.Open(OpenFlags.ReadWrite); X509Certificate2Collection storecollection = (X509Certificate2Collection)store.Certificates; foreach (X509Certificate2 x509 in storecollection) { if (x509.SerialNumber==serialNum) { return x509; } } store.Close(); store = null; storecollection = null; return null; } catch (Exception) { throw; } } /// <summary> /// pdf签章 /// </summary> /// <param name="sourceFile">源pdf</param> /// <param name="destFile">pdf保存路径</param> /// <param name="signImage">签章图片</param> /// <param name="certSerialNum">证书序列号</param> /// <param name="page">页码</param> /// <param name="lx"></param> /// <param name="ly"></param> /// <param name="rx"></param> /// <param name="ry"></param> /// <param name="signAll">是否所有页签章</param> /// <returns></returns> public static bool SignPdf(string sourceFile,string destFile,string signImage,string certSerialNum,int page,int lx,int ly,int rx,int ry,bool signAll=false,string signAuth="auth") { var cert = GetCertificateFromStore(certSerialNum); if(cert==null) { return false; } PdfReader pdfReader = null; FileStream signedPdf = null; PdfStamper pdfStamper = null; try { Org.BouncyCastle.X509.X509CertificateParser cp = new Org.BouncyCastle.X509.X509CertificateParser(); Org.BouncyCastle.X509.X509Certificate[] chain = new Org.BouncyCastle.X509.X509Certificate[] { cp.ReadCertificate(cert.RawData)}; // IExternalSignature externalSignature = new X509Certificate2Signature(cert, "SB_ALGORITHM_DGST_SHA1"); IExternalSignature externalSignature = new UkeyExternalSignature(certSerialNum); var pathToBasePdf = sourceFile; pdfReader = new PdfReader(pathToBasePdf); signedPdf = new FileStream(destFile, FileMode.Create); pdfStamper = PdfStamper.CreateSignature(pdfReader, signedPdf, '\0'); PdfSignatureAppearance signatureAppearance = pdfStamper.SignatureAppearance; signatureAppearance.SignDate = DateTime.Now; signatureAppearance.SignatureCreator = signAuth; signatureAppearance.Reason = "I'm auth"; var image = Image.GetInstance(signImage); signatureAppearance.SignatureGraphic = image; signatureAppearance.SignatureRenderingMode = RenderingMode.GRAPHIC; signatureAppearance.SetVisibleSignature(new Rectangle(lx, ly, rx, ry), page, "xx公司"); if (signAll) { for (int i = 1; i <= pdfReader.NumberOfPages; i++) { PdfAnnotation stp = PdfAnnotation.CreateStamp(pdfStamper.Writer, new Rectangle(lx, ly, lx + image.Width, ly + image.Height), "MY STAMP", "STP" + i); PdfAppearance tp = PdfAppearance.CreateAppearance(pdfStamper.Writer, image.Height, image.Width); image.SetAbsolutePosition(0, 0); tp.AddImage(image); stp.SetAppearance(PdfAnnotation.APPEARANCE_NORMAL, tp); pdfStamper.AddAnnotation(stp, i); } } MakeSignature.SignDetached(signatureAppearance, externalSignature, chain, null, null, null, 0, CryptoStandard.CMS); return true; } catch(Exception ex) { throw ex; } finally { if (pdfReader != null) { pdfReader.Close(); } if (signedPdf != null) { signedPdf.Close(); } if (pdfStamper != null) { pdfStamper.Close(); } } } }