Protect and sign your PDF documents
Java | C# | .NET Core | nuget | C/C++ | COM | Command Line | Watched Folders
3-Heights™ PDF Security offers comprehensive functionality in two independent yet combinable areas: Electronic signatures and encryption. Protect your PDF documents using password protection with 256 bit AES encryption. Use digital signatures to ensure authenticity and integrity of your PDF documents. 3-Heights™ PDF Security is available as shell tool for batch processing with the command line and as API to be integrated with C#, Visual Basic, Java, C/C++.
Add and validate digital signatures
Protect PDF documents against unauthorized access
Manage document revisions and include read-only stamps as text or image
The decision to use 3-Heights™ PDF Security was based on the functional range of the product, the ability to integrate it into the Mobiliar’s applications and IT infrastructure, and additionally the extremely promising functional and performance tests.
The 3-Heights™ PDF Security solution is a tremendous help in ensuring the necessary data security. A stable data interface is also essential to achieving this. The performance meets our expectations, and the flexibility of the solution sets 3-Heights™ PDF Security apart from other solutions on the market.
Apply simple, advanced, and qualified electronic signatures
Extract digital signatures
Encrypt and decrypt PDF documents
Stamping
Set document metadata
Optimize for the web (linearize)
Read input from and write output document to file, memory, or stream
Input formats
Output formats
Documents are signed prior to archiving; this increases conformance with audit requirements, for instance. A hardware security module can be used to handle large numbers of documents. Verification enables the authenticity and integrity of signed documents to be checked prior to archiving.
Verification of incoming signed PDF documents to ensure they have not been modified during transmission and were transmitted by an authenticated sender.
The component can encrypt and apply an electronic signature to PDF documents before they are sent, thus enabling the recipient to verify authenticity and integrity.
The 3‑Heights™ PDF Security component is quickly integrated in solutions without any need for extensive learning and programming.
Preparation steps
for example:
Application of the signature
for example:
Apply the signature by providing the following information:
Add a digital signature to a PDF document. Use the DigiCert-QuoVadis sealsign service to create the signature. Set different mandatory properties such as the account ID, the password to access the account, the client ID and the PIN code to activate the signing key.
// Create secure object
using (Secure secure = new Secure())
{
// Open input file
if (!secure.Open(inputPath, ""))
throw new Exception(String.Format("Input file {0} cannot be opened. " +
"{1} (ErrorCode: 0x{2:x}).", inputPath, secure.ErrorMessage, secure.ErrorCode));
// Required: unique name of the accountspecified on the server.
secure.SetSessionPropertyString("Identity", "Rigora");
// Required: identifies the signature specifications by a unique name.
secure.SetSessionPropertyString("Profile", "Default");
// Required: password which secures the access to the account.
secure.SetSessionPropertyString("secret", "NeE=EKEd33FeCk70");
// Required: helps to separate access and to create better statistics.
secure.SetSessionPropertyString("clientId", "3949-4929-3179-2818");
// Required: activates the signing key.
secure.SetSessionPropertyString("pin", "123456");
// Optional: default value "SHA-256"
secure.SetSessionPropertyString("MessageDigestAlgorithm", "SHA-256");
// Begin session using DigiCert-QuoVadis Sealsign (demo version)
if (!secure.BeginSession(@"https://services.sealsignportal.com/sealsign/ws/BrokerClient"))
throw new Exception(String.Format("Unable to establish connection to DigiCert-QuoVadis Sealsign. " +
"{0} (ErrorCode: 0x{1:x}).", secure.ErrorMessage, secure.ErrorCode));
// Add signature
using (Signature signature = new Signature())
{
// Required, name of the signer
signature.Name = "Rigora";
secure.AddSignature(signature);
}
// Sign document
if (!secure.SaveAs(outputPath, "", "", PDFPermission.ePermNoEncryption, 0, "", ""))
throw new Exception(String.Format("Unable to sign document {0}. {1} (ErrorCode: 0x{2:x}).",
outputPath, secure.ErrorMessage, secure.ErrorCode));
// Cleanup
secure.Close();
secure.EndSession();
}
// Create secure object
secure = new Secure();
// Open input file
if (!secure.open(inputPath, ""))
throw new IOException(String.format("Input file %s cannot be opened. %s (ErrorCode: 0x%08x).",
inputPath, secure.getErrorMessage(), secure.getErrorCode()));
// Required: unique name of the account specified on the server.
secure.setSessionPropertyString("Identity", "Rigora");
// Required: identifies the signature specifications by a unique name.
secure.setSessionPropertyString("Profile", "Default");
// Required: password which secures the access to the account.
secure.setSessionPropertyString("secret", "NeE=EKEd33FeCk70");
// Required: helps to separate access and to create better statistics.
secure.setSessionPropertyString("clientId", "3949-4929-3179-2818");
// Required: activates the signing key.
secure.setSessionPropertyString("pin", "123456");
// Optional: default value "SHA-256"
secure.setSessionPropertyString("MessageDigestAlgorithm", "SHA-256");
// Begin session using DigiCert-QuoVadis Sealsign (demo version)
if (!secure.beginSession("https://services.sealsignportal.com/sealsign/ws/BrokerClient"))
throw new IOException(String.format("Unable to establish connection to DigiCert-QuoVadis Sealsign. " +
"%s (ErrorCode: 0x%08x).", secure.getErrorMessage(), secure.getErrorCode()));
// Add signature
signature = new Signature();
// Required, name of the signer
signature.setName("Rigora");
secure.addSignature(signature);
// Sign document
if (!secure.saveAs(outputPath, "", "", NativeLibrary.PERMISSION.ePermNoEncryption, 0, "", ""))
throw new IOException(String.format("Unable to sign document %s. %s (ErrorCode: 0x%08x).",
outputPath, secure.getErrorMessage(), secure.getErrorCode()));
// Cleanup
secure.close();
secure.endSession();
// Create secure object
pSecure = PdfSecureCreateObject();
// Open input file
if (!PdfSecureOpen(pSecure, szInputPath, _T("")))
{
_tprintf(_T("Input file %s cannot be opened. %s (ErrorCode: 0x%08x).\n"), szInputPath, PdfSecureGetErrorMessage(pSecure), PdfSecureGetErrorCode(pSecure));
iReturnValue = 1;
goto cleanup;
}
// Required: unique name of the accountspecified on the server.
PdfSecureSetSessionPropertyString(pSecure, _T("Identity"), _T("Rigora"));
// Required: identifies the signature specifications by a unique name.
PdfSecureSetSessionPropertyString(pSecure, _T("Profile"), _T("Default"));
// Required: password which secures the access to the account.
PdfSecureSetSessionPropertyString(pSecure, _T("secret"), _T("NeE=EKEd33FeCk70"));
// Required: helps to separate access and to create better statistics.
PdfSecureSetSessionPropertyString(pSecure, _T("clientId"), _T("3949-4929-3179-2818"));
// Required: activates the signing key.
PdfSecureSetSessionPropertyString(pSecure, _T("pin"), _T("123456"));
// Optional: default value "SHA-256"
PdfSecureSetSessionPropertyString(pSecure, _T("MessageDigestAlgorithm"), _T("SHA-256"));
// Begin session using DigiCert-QuoVadis Sealsign (demo version)
if (!PdfSecureBeginSession(pSecure, _T("https://services.sealsignportal.com/sealsign/ws/BrokerClient")))
{
_tprintf(_T("Unable to connect to DigiCert-QuoVadis Sealsign. %s (ErrorCode: 0x%08x).\n"), PdfSecureGetErrorMessage(pSecure), PdfSecureGetErrorCode(pSecure));
iReturnValue = 1;
goto cleanup;
}
// Create signature object
pSignature = PdfSignatureCreateObject();
// Add signature
// Required, name of the signer
PdfSignatureSetName(pSignature, _T("Rigora"));
PdfSecureAddSignature(pSecure, pSignature);
// Sign document
if (!PdfSecureSaveAs(pSecure, szOutputPath, _T(""), _T(""), ePermNoEncryption, 0, _T(""), _T("")))
{
_tprintf(_T("Unable to sign document %s. %s (ErrorCode: 0x%08x).\n"), szOutputPath, PdfSecureGetErrorMessage(pSecure), PdfSecureGetErrorCode(pSecure));
iReturnValue = 1;
goto cleanup;
}
// Cleanup
PdfSecureClose(pSecure);
PdfSecureEndSession(pSecure);
Applying an electronic signature guarantees the authenticity and integrity of documents, both of which are important requirements in electronic data exchange. Depending on the characteristics of the signature and the country it is used in, an electronic signature can be equivalent to signing a document by hand. Electronic signatures offer advantages with regard to the speed, security and automation of business correspondence.
The 3-Heights™ PDF Security component is able to apply various types of electronic signature (simple, advanced and qualified). The component’s benefits include PDF/A conformity, embedding information on the validity of certificates (OCSP, CRL), time stamps and compatibility with signature hardware (HSM) for mass signature applications. The component can verify existing signatures by checking their integrity.
PDF documents used in professional circumstances contain important information that needs to be protected against unauthorized access and unintentional alteration. This is achieved by protecting PDF documents through encryption and user permission flags.
The term “digital signature” is used in legal contexts; its meaning is comparable with the expression “signed by hand”.
An “electronic signature”, on the other hand, refers to the technical implementation of a signature.
Furthermore, how these terms are interpreted differs between various countries.
There are various signature types:
Processes in which large numbers of documents need to be signed or where the signees are in different locations can take days to complete. Digital signatures can drastically reduce this time span.
Unlike a manual signature, a digital signature has more than just legal implications. It offers the additional option to programmatically verify the authenticity and integrity of a document and the time at which it was signed.
Certain processes have specific requirements concerning the exchange of documents. In some countries (e. g. Germany and Switzerland) applying a qualified electronic signature is equivalent to signing a document by hand.