Add a document time-stamp
The Pdftools SDK lets you apply a time-stamp to a PDF document. This type of digital signature provides evidence that a document existed at a specific time, and that the content of the document has not changed since that time.
The time-stamp is provided by a time-stamp authority (TSA) that is configured in the cryptographic provider. In this example, the Built-In cryptographic provider is used to apply a time-stamp to a PDF document. A third-party time-stamp authority is configured in the cryptographic provider.
Steps to apply a digital time-stamp:
- Initialize the cryptographic provider.
- Connect to the time-stamp authority.
- Add the document time-stamp.
You need to initialize the library.
Initializing the cryptographic provider
When using the Built-In cryptographic provider, you start the document time-stamp process by instantiating the Provider
object.
The Provider
object exposes the methods of the cryptographic provider.
The cryptographic provider manages certificates and private keys, and implements cryptographic algorithms.
- .NET
- Java
// Create a session to the built-in cryptographic provider
using var session = new BuiltIn.Provider();
// Create a session to the built-in cryptographic provider
Provider session = new Provider();
Connecting to the time-stamp authority
For the Built-In and PKCS#11 cryptographic providers, a third-party time-stamp authority must be configured.
To do this, you pass the URL of the time-stamp authority to the cryptographic provider and call the CreateTimestamp
method.
- .NET
- Java
// Create time-stamp configuration
session.TimestampUrl = timeStampUrl;
var timestamp = session.CreateTimestamp();
// Create time-stamp configuration
session.setTimestampUrl(timeStampUrl);
TimestampConfiguration timestamp = session.createTimestamp();
Adding the document time-stamp
After instantiating the Provider
and preparing the time-stamp configuration, you are ready to apply the digital time-stamp to a document.
The input and output PDF documents are created as streams (in this example, as file streams).
The Signer
object is used to apply the digital time-stamp.
Non-critical processing errors raise a Warning
event. It is recommended to listen for these events, and review the WarningCategory
to determine if further action is needed.
- .NET
- Java
// Open the input document
using var inStr = File.OpenRead(inPath);
using var inDoc = Document.Open(inStr);
// Create a stream for the output file
using var outStr = File.Create(outPath);
// Create the Signer object
Signer signer = new Signer();
// Create an event listener to listen for warning events that are raised and write them to console
signer.Warning += (s, e) => Console.WriteLine("Warning - {0}: {1}: {2}", e.Category, e.Context, e.Message);
// Add the document time-stamp
using var outDoc = new Signer().AddTimestamp(inDoc, timestamp, outStr);
// Open input document
FileStream inStr = new FileStream(inPath, FileStream.Mode.READ_ONLY);
Document inDoc = Document.open(inStr);
// Create a stream for the output file
FileStream outStr = new FileStream(outPath, FileStream.Mode.READ_WRITE_NEW);
// Create the Signer object
Signer signer = new Signer();
// (optional) Create an event listener to listen for warning events that are raised and write them to console
signer.addWarningListener((e) -> { System.out.format("Warning - %s: %s: %s", e.getCategory(), e.getContext(), e.getMessage()); });
// Sign the input document
Document outDoc = signer.addTimestamp(inDoc, signature, outStr);
Full example
- .NET
- Java
// Create a session to the built-in cryptographic provider
using var session = new BuiltIn.Provider();
// Create time-stamp configuration
session.TimestampUrl = timeStampUrl;
var timestamp = session.CreateTimestamp();
// Open input document
using var inStr = File.OpenRead(inPath);
using var inDoc = Document.Open(inStr);
// Create stream for output file
using var outStr = File.Create(outPath);
// Create the Signer object
Signer signer = new Signer();
// Create an event listener to listen for warning events that are raised and write them to console
signer.Warning += (s, e) => Console.WriteLine("Warning - {0}: {1}: {2}", e.Category, e.Context, e.Message);
// Add the document time-stamp
using var outDoc = signer.AddTimestamp(inDoc, timestamp, outStr);
// Create a session to the built-in cryptographic provider
try (Provider session = new Provider())
{
// Configure URL of the trusted time-stamp authority (TSA)
session.setTimestampUrl(timeStampUrl);
// Create time-stamp configuration
TimestampConfiguration timestamp = session.createTimestamp();
// Create the Signer object
Signer signer = new Signer();
// (optional) Create an event listener to listen for warning events that are raised and write them to console
signer.addWarningListener((e) -> { System.out.format("Warning - %s: %s: %s", e.getCategory(), e.getContext(), e.getMessage()); });
try (
// Open input document
FileStream inStr = new FileStream(inPath, FileStream.Mode.READ_ONLY);
Document inDoc = Document.open(inStr);
// Create output stream
FileStream outStr = new FileStream(outPath, FileStream.Mode.READ_WRITE_NEW);
// Add the document time-stamp
Document outDoc = signer.addTimestamp(inDoc, timestamp, outStr))
{
}
}
During the conversion process from PDF to PDF/A, any signatures are removed from the file before it is converted to PDF/A for archival. Therefore we recommend files that require archiving should be converted to PDF/A format before any digital signatures are applied.