我正在尝试验证使用RSASSA-PSS算法签名的PDF。我收到此错误,使我认为iText(EncryptionAlgorithms)中缺乏支持。
错误:
java.security.NoSuchAlgorithmException: SHA256with1.2.840.113549.1.1.10 Signature not available
代码:
import com.itextpdf.kernel.pdf.PdfDocument;
import com.itextpdf.kernel.pdf.PdfReader;
import com.itextpdf.signatures.EncryptionAlgorithms;
import com.itextpdf.signatures.PdfPKCS7;
import com.itextpdf.signatures.SignatureUtil;
public void verifySignature(byte[] pdf, List<PublicKey> storedPublicKeys) throws PdfSignatureVerificationException {
try (final PdfReader pdfReader = new PdfReader(new ByteArrayInputStream(pdf))) {
PdfDocument doc = new PdfDocument(pdfReader);
SignatureUtil signatureUtil = new SignatureUtil(doc);
List<String> names = signatureUtil.getSignatureNames();
if (names == null || names.isEmpty()) {
throw new PdfSignatureVerificationException("Pdf is not signed");
}
verifySignatures(signatureUtil, names, storedPublicKeys);
} catch (IOException e) {
throw new PdfSignatureVerificationException("Cannot parse PDF data into pdf file.", e);
}
}
private void verifySignatures(SignatureUtil signUtil, List<String> names, List<PublicKey> storedPublicKeys) throws PdfSignatureVerificationException {
for (String name : names) {
PdfPKCS7 pkcs7 = signUtil.readSignatureData(name);
try {
if (!pkcs7.verifySignatureIntegrityAndAuthenticity()) {
throw new PdfSignatureVerificationException("Signature not valid");
}
} catch (GeneralSecurityException e) {
throw new PdfSignatureVerificationException("Signature not valid", e);
}
}
}
发现最新版本7.1.11仍然存在相同的问题。可以有人(@figolino)共享解决方案。