apache POI为streamxlsx文件创build无效签名
我正在尝试创build一个有效的常规encryption签名并将其添加到我创build的xlsx文件中。 另外,我正在尝试在内存中执行它。 这似乎给我造成了问题。 此代码创build文件,但在Windows Excel中指出该签名是无效的。 请注意,我正在发送一个包含xlsx(内存 – 不在文件系统中)文件的inputstream,并且正在将pkg对象写入输出stream。
private ByteArrayOutputStream signFile(PrivateKey key, X509Certificate x509Certificate, InputStream input) { //change to approve signed SignatureConfig signatureConfig = new SignatureConfig(); ByteArrayOutputStream stream = new ByteArrayOutputStream(); signatureConfig.setKey(key); signatureConfig.setExecutionTime(new Date()); ArrayList<X509Certificate> x509Certificates = new ArrayList<>(Collections.singletonList(x509Certificate)); x509Certificates.add(x509Certificate); signatureConfig.setSigningCertificateChain(x509Certificates); OPCPackage pkg = null; try { if (input instanceof ByteArrayInputStream) pkg = OPCPackage.open(input); } catch (Exception ex) { logger.error("failed to open package for file, exception:",ex); } signatureConfig.setOpcPackage(pkg); // adding the signature document to the package SignatureInfo si = new SignatureInfo(); si.setSignatureConfig(signatureConfig); try { si.confirmSignature(); } catch (Exception ex) { logger.error("failed to confirm signature",ex); } // optionally verify the generated signature boolean b = si.verifySignature(); if (b==false){ logger.error("signature verified result:" + b); } try { pkg.flush(); pkg.save(stream); pkg.close(); } catch (Exception ex) { logger.error("failed to close package",ex); } return stream; } 此外,我有这个testing代码,它创build一个文件,并使用OPCPackage.open(…)的工作! excel标识签名。
SignatureConfig signatureConfig = new SignatureConfig(); signatureConfig.setKey(aPrivate); ArrayList<X509Certificate> x509Certificates = new ArrayList<>(); x509Certificates.add(x509Certificate); signatureConfig.setSigningCertificateChain(x509Certificates);//Collections.singletonList(x509)); OPCPackage pkg = OPCPackage.open(filePath, PackageAccess.READ_WRITE); signatureConfig.setOpcPackage(pkg); // adding the signature document to the package SignatureInfo si = new SignatureInfo(); si.setSignatureConfig(signatureConfig); si.confirmSignature(); // optionally verify the generated signature boolean b = si.verifySignature(); assertTrue(b); // write the changes back to disc pkg.close();