目前系统中有一个需求,系统要求上传的pdf必须进行签章,上传后需要对pdf进行验签和拿到pdf章的证书的所有者,
拿到章证书的所有者代码如下
PdfReader reader = new PdfReader(pdfPath); AcroFields acroFields = reader.getAcroFields(); if (acroFields == null) { return result; } //签章名称 List<String> signatureNames = acroFields.getSignatureNames(); if (signatureNames == null || signatureNames.size() == 0) { return result; } reader.close(); for (String str : signatureNames) { //签章对应的字典 PdfDictionary sigDict = acroFields.getSignatureDictionary(str); if (sigDict == null) { continue; } PdfName sub = sigDict.getAsName(PdfName.SUBFILTER); if (PdfName.ADBE_X509_RSA_SHA1.equals(sub)) { //签章对应的证书 PdfString certStr = sigDict.getAsString(PdfName.CERT); if (certStr == null) { certStr = sigDict.getAsArray(PdfName.CERT).getAsString(0); } if (certStr == null) { continue; } //签章对应的证书 X509CertParser certParser = new X509CertParser(); certParser.engineInit(new ByteArrayInputStream(certStr.getBytes())); Collection<Certificate> certs = certParser.engineReadAll(); if (certs == null || certs.size() == 0) { continue; } X509Certificate certificate = (X509Certificate) certs.iterator().next(); if (certificate == null) { continue; } X500Principal principal = certificate.getSubjectX500Principal(); if (principal == null) { continue; } //签章对应的证书的所有者 LdapName ldapDN = new LdapName(principal.getName()); for (Rdn rdn : ldapDN.getRdns()) { if ("CN".equals(rdn.getType())) { result.add((String) rdn.getValue()); } } } }