Samples Overview
Encryption | Signing | Time-stamping | PAdES | Signatures Validation | Stamping | In Memory
Encryption
Decrypt a PDF document
Decrypt a PDF document. A password must be provided if the document requires a password to open. Create a new PDF document without encryption and full access permissions.
// Create secure object
using (Secure secure = new Secure())
{
// Decrypt input file
if (!secure.Open(inputPath, password))
throw new Exception(String.Format("Input file {0} cannot be opened. " +
"{1} (ErrorCode: 0x{2:x}).", inputPath, secure.ErrorMessage, secure.ErrorCode));
// Save file
if (!secure.SaveAs(outputPath, "", "", PDFPermission.ePermNoEncryption, 0, "", ""))
throw new Exception(String.Format("Unable to save document {0}. {1} (ErrorCode: 0x{2:x}).",
outputPath, secure.ErrorMessage, secure.ErrorCode));
// Cleanup
secure.Close();
}
// Create secure object
secure = new Secure();
// Decrypt input file
if (!secure.open(inputPath, password))
throw new IOException(String.format("Input file %s cannot be opened. %s (ErrorCode: 0x%08x).",
inputPath, secure.getErrorMessage(), secure.getErrorCode()));
// Save file
if (!secure.saveAs(outputPath, "", "", NativeLibrary.PERMISSION.ePermNoEncryption, 0, "", ""))
throw new IOException(String.format("Unable to save the document %s. %s (ErrorCode: 0x%08x).",
outputPath, secure.getErrorMessage(), secure.getErrorCode()));
// Cleanup
secure.close();
// Create secure object
pSecure = PdfSecureCreateObject();
// Decrypt input file
if (!PdfSecureOpen(pSecure, szInputPath, szPassword))
{
_tprintf(_T("Input file %s cannot be opened. %s (ErrorCode: 0x%08x).\n"), szInputPath, PdfSecureGetErrorMessage(pSecure), PdfSecureGetErrorCode(pSecure));
iReturnValue = 1;
goto cleanup;
}
// Save file
if (!PdfSecureSaveAs(pSecure, szOutputPath, _T(""), _T(""), ePermNoEncryption, 0, _T(""), _T("")))
{
_tprintf(_T("Unable to save document %s. %s (ErrorCode: 0x%08x).\n"), szOutputPath, PdfSecureGetErrorMessage(pSecure), PdfSecureGetErrorCode(pSecure));
iReturnValue = 1;
goto cleanup;
}
// Cleanup
PdfSecureClose(pSecure);
Encrypt a PDF document
Set a user and an owner password for the output document. If a user password is set, either of the passwords is required to open the output document. If the user password is an empty string, the document can be opened without a password. The user can print the document, but may not perform other actions, such as text extraction, unless he knows the owner password.
// Create secure object
using (Secure secure = new Secure())
{
// Open input file
if (!secure.Open(inputPath, ""))
throw new Exception(String.Format("Input file {0} cannot be opened. " +
"{1} (ErrorCode: 0x{2:x}).", inputPath, secure.ErrorMessage, secure.ErrorCode));
// enable encryption
secure.ForceEncryption = true;
// Encrypt file
if (!secure.SaveAs(outputPath, userPassword, ownerPassword, PDFPermission.ePermDigitalPrint |
PDFPermission.ePermPrint, 128, "V2", "V2"))
throw new Exception(String.Format("Unable to encrypt document {0}. " +
"{1} (ErrorCode: 0x{2:x}).", outputPath, secure.ErrorMessage, secure.ErrorCode));
// Cleanup
secure.Close();
}
// Create secure object
secure = new Secure();
// Open input file
if (!secure.open(inputPath, ""))
throw new IOException(String.format("Input file %s cannot be opened. %s (ErrorCode: 0x%08x).",
inputPath, secure.getErrorMessage(), secure.getErrorCode()));
// enable encryption
secure.setForceEncryption(true);
// Encrypt file
if (!secure.saveAs(outputPath, userPassword, ownerPassword,
NativeLibrary.PERMISSION.ePermDigitalPrint | NativeLibrary.PERMISSION.ePermPrint,
128, "V2", "V2"))
throw new IOException(String.format("Unable to save the document %s. %s (ErrorCode: 0x%08x).",
outputPath, secure.getErrorMessage(), secure.getErrorCode()));
// Cleanup
secure.close();
// Create secure object
pSecure = PdfSecureCreateObject();
// Decrypt input file
if (!PdfSecureOpen(pSecure, szInputPath, _T("")))
{
_tprintf(_T("Input file %s cannot be opened. %s (ErrorCode: 0x%08x).\n"), szInputPath, PdfSecureGetErrorMessage(pSecure), PdfSecureGetErrorCode(pSecure));
iReturnValue = 1;
goto cleanup;
}
// Enable encryption
PdfSecureSetForceEncryption(pSecure, 1);
// Encyrpt file
if (!PdfSecureSaveAs(pSecure, szOutputPath, szUserPassword, szOwnerPassword, ePermDigitalPrint | ePermPrint, 128, _T("V2"), _T("V2")))
{
_tprintf(_T("Unable to encrypt document %s. %s (ErrorCode: 0x%08x).\n"), szOutputPath, PdfSecureGetErrorMessage(pSecure), PdfSecureGetErrorCode(pSecure));
iReturnValue = 1;
goto cleanup;
}
// Cleanup
PdfSecureClose(pSecure);
Signing
Mass signing of PDF documents
Travers a directory and its subdirectories and add a signature to all existing PDF files. Speed up the signing process by means of parallel execution. Get all signed documents in the given output directory.
using (SessionPool pool = new SessionPool())
{
List<Task> allTasks = new List<Task>();
foreach (string inputPath in Directory.GetFiles(inputDir, "*.pdf", SearchOption.AllDirectories))
{
// Create output directory if it doesn't exist
string outputPath = inputPath.Replace(inputDir, outputDir);
Directory.CreateDirectory(Path.GetDirectoryName(outputPath));
// Start signing task
Task t = Task.Factory.StartNew(() => Sign(pool, inputPath, outputPath, certificate));
allTasks.Add(t);
}
Task.WaitAll(allTasks.ToArray());
}
static void Sign(SessionPool pool, string inputPath, string outputPath, string certificate)
{
Secure secure = null;
try
{
// Get session from pool
secure = pool.GetSession();
// Open input file
if (!secure.Open(inputPath, ""))
throw new Exception(String.Format("Input file {0} cannot be opened. {1} (ErrorCode: 0x{2:x}).",
inputPath, secure.ErrorMessage, secure.ErrorCode));
// Create signature object
using (Signature signature = new Signature())
{
signature.Name = certificate;
secure.AddSignature(signature);
// Sign document
if (!secure.SaveAs(outputPath, "", "", PDFPermission.ePermNoEncryption, 0, "", ""))
throw new Exception(String.Format("Unable to sign document {0}. {1} (ErrorCode: 0x{2:x}).",
inputPath, secure.ErrorMessage, secure.ErrorCode));
}
secure.Close();
Console.WriteLine("Document {0} signed successfully.", inputPath);
}
catch (Exception ex)
{
Console.WriteLine(ex.Message);
}
finally
{
if (secure != null)
pool.PutSession(secure);
}
}
class SessionPool : IDisposable
{
private ConcurrentBag<Secure> sessions = new ConcurrentBag<Secure>();
public Secure GetSession()
{
Secure session;
if (sessions.TryTake(out session))
return session;
else
session = new Secure();
if (!session.BeginSession(""))
{
session.Dispose();
throw new Exception(String.Format("Unable to connect to windows cryptographic provider. " +
"{0} (ErrorCode: 0x{1:x}).", session.ErrorMessage, session.ErrorCode));
}
return session;
}
public void PutSession(Secure session)
{
sessions.Add(session);
}
public void Dispose()
{
try
{
int sessionCount = 0;
Secure session;
while (sessions.TryTake(out session))
{
session.EndSession();
session.Dispose();
sessionCount++;
}
Console.WriteLine("Closed {0} sessions.", sessionCount);
}
finally
{
Secure.Terminate();
}
}
}
Sign a PDF using Windows Cryptographic Provider
Use the Windows Cryptographic Provider to access a certificate and to get the necessary cryptographic algorithms. Access the certificate by its common name (CN).
// Create secure object
using (Secure secure = new Secure())
{
// Open input file
if (!secure.Open(inputPath, ""))
throw new Exception(String.Format("Input file {0} cannot be opened. " +
"{1} (ErrorCode: 0x{2:x}).", inputPath, secure.ErrorMessage, secure.ErrorCode));
// Begin session with Windows Cryptographic Provider
if (!secure.BeginSession(""))
throw new Exception(String.Format("Unable to connect to Windows Cryptographic Provider. " +
"{0} (ErrorCode: 0x{1:x}).", secure.ErrorMessage, secure.ErrorCode));
// Create signature object
using (Signature signature = new Signature())
{
signature.Name = certificate;
secure.AddSignature(signature);
// Sign document
if (!secure.SaveAs(outputPath, "", "", PDFPermission.ePermNoEncryption, 0, "", ""))
throw new Exception(String.Format("Unable to sign document {0}. " +
"{1} (ErrorCode: 0x{2:x}).", outputPath, secure.ErrorMessage, secure.ErrorCode));
}
// Cleanup
secure.Close();
secure.EndSession();
}
// Create secure object
secure = new Secure();
// Open input file
if (!secure.open(inputPath, ""))
throw new IOException(String.format("Input file %s cannot be opened. %s (ErrorCode: 0x%08x).",
inputPath, secure.getErrorMessage(), secure.getErrorCode()));
// Begin session with Windows Cryptographic Provider
if (!secure.beginSession(""))
throw new IOException(String.format("Unable to connect to Windows Cryptographic Provider. " +
"%s (ErrorCode: 0x%08x).", secure.getErrorMessage(), secure.getErrorCode()));
// Create signature object
signature = new Signature();
signature.setName(certificate);
secure.addSignature(signature);
// Sign document
if (!secure.saveAs(outputPath, "", "", NativeLibrary.PERMISSION.ePermNoEncryption, 0, "", ""))
throw new IOException(String.format("Unable to sign document %s. %s (ErrorCode: 0x%08x).",
outputPath, secure.getErrorMessage(), secure.getErrorCode()));
// Cleanup
secure.close();
secure.endSession();
// Create secure object
pSecure = PdfSecureCreateObject();
// Open input file
if (!PdfSecureOpen(pSecure, szInputPath, _T("")))
{
_tprintf(_T("Input file %s cannot be opened. %s (ErrorCode: 0x%08x).\n"), szInputPath, PdfSecureGetErrorMessage(pSecure), PdfSecureGetErrorCode(pSecure));
iReturnValue = 1;
goto cleanup;
}
// Begin session with Windows Cryptographic Provider
if (!PdfSecureBeginSession(pSecure, _T("")))
{
_tprintf(_T("Unable to connect to Windows Cryptographic Provider. %s (ErrorCode: 0x%08x).\n"), PdfSecureGetErrorMessage(pSecure), PdfSecureGetErrorCode(pSecure));
iReturnValue = 1;
goto cleanup;
}
// Create signature object
pSignature = PdfSignatureCreateObject();
PdfSignatureSetName(pSignature, szCertificate);
PdfSecureAddSignature(pSecure, pSignature);
// Sign document
if (!PdfSecureSaveAs(pSecure, szOutputPath, _T(""), _T(""), ePermNoEncryption, 0, _T(""), _T("")))
{
_tprintf(_T("Unable to sign document %s. %s (ErrorCode: 0x%08x).\n"), szOutputPath, PdfSecureGetErrorMessage(pSecure), PdfSecureGetErrorCode(pSecure));
iReturnValue = 1;
goto cleanup;
}
// Cleanup
PdfSecureClose(pSecure);
Sign a PDF using DigiCert-QuoVadis sealsign
Add a digital signature to a PDF document. Use the DigiCert-QuoVadis sealsign service to create the signature. Set different mandatory properties such as the account ID, the password to access the account, the client ID and the PIN code to activate the signing key.
// Create secure object
using (Secure secure = new Secure())
{
// Open input file
if (!secure.Open(inputPath, ""))
throw new Exception(String.Format("Input file {0} cannot be opened. " +
"{1} (ErrorCode: 0x{2:x}).", inputPath, secure.ErrorMessage, secure.ErrorCode));
// Required: unique name of the accountspecified on the server.
secure.SetSessionPropertyString("Identity", "Rigora");
// Required: identifies the signature specifications by a unique name.
secure.SetSessionPropertyString("Profile", "Default");
// Required: password which secures the access to the account.
secure.SetSessionPropertyString("secret", "NeE=EKEd33FeCk70");
// Required: helps to separate access and to create better statistics.
secure.SetSessionPropertyString("clientId", "3949-4929-3179-2818");
// Required: activates the signing key.
secure.SetSessionPropertyString("pin", "123456");
// Optional: default value "SHA-256"
secure.SetSessionPropertyString("MessageDigestAlgorithm", "SHA-256");
// Begin session using DigiCert-QuoVadis Sealsign (demo version)
if (!secure.BeginSession(@"https://services.sealsignportal.com/sealsign/ws/BrokerClient"))
throw new Exception(String.Format("Unable to establish connection to DigiCert-QuoVadis Sealsign. " +
"{0} (ErrorCode: 0x{1:x}).", secure.ErrorMessage, secure.ErrorCode));
// Add signature
using (Signature signature = new Signature())
{
// Required, name of the signer
signature.Name = "Rigora";
secure.AddSignature(signature);
}
// Sign document
if (!secure.SaveAs(outputPath, "", "", PDFPermission.ePermNoEncryption, 0, "", ""))
throw new Exception(String.Format("Unable to sign document {0}. {1} (ErrorCode: 0x{2:x}).",
outputPath, secure.ErrorMessage, secure.ErrorCode));
// Cleanup
secure.Close();
secure.EndSession();
}
// Create secure object
secure = new Secure();
// Open input file
if (!secure.open(inputPath, ""))
throw new IOException(String.format("Input file %s cannot be opened. %s (ErrorCode: 0x%08x).",
inputPath, secure.getErrorMessage(), secure.getErrorCode()));
// Required: unique name of the account specified on the server.
secure.setSessionPropertyString("Identity", "Rigora");
// Required: identifies the signature specifications by a unique name.
secure.setSessionPropertyString("Profile", "Default");
// Required: password which secures the access to the account.
secure.setSessionPropertyString("secret", "NeE=EKEd33FeCk70");
// Required: helps to separate access and to create better statistics.
secure.setSessionPropertyString("clientId", "3949-4929-3179-2818");
// Required: activates the signing key.
secure.setSessionPropertyString("pin", "123456");
// Optional: default value "SHA-256"
secure.setSessionPropertyString("MessageDigestAlgorithm", "SHA-256");
// Begin session using DigiCert-QuoVadis Sealsign (demo version)
if (!secure.beginSession("https://services.sealsignportal.com/sealsign/ws/BrokerClient"))
throw new IOException(String.format("Unable to establish connection to DigiCert-QuoVadis Sealsign. " +
"%s (ErrorCode: 0x%08x).", secure.getErrorMessage(), secure.getErrorCode()));
// Add signature
signature = new Signature();
// Required, name of the signer
signature.setName("Rigora");
secure.addSignature(signature);
// Sign document
if (!secure.saveAs(outputPath, "", "", NativeLibrary.PERMISSION.ePermNoEncryption, 0, "", ""))
throw new IOException(String.format("Unable to sign document %s. %s (ErrorCode: 0x%08x).",
outputPath, secure.getErrorMessage(), secure.getErrorCode()));
// Cleanup
secure.close();
secure.endSession();
// Create secure object
pSecure = PdfSecureCreateObject();
// Open input file
if (!PdfSecureOpen(pSecure, szInputPath, _T("")))
{
_tprintf(_T("Input file %s cannot be opened. %s (ErrorCode: 0x%08x).\n"), szInputPath, PdfSecureGetErrorMessage(pSecure), PdfSecureGetErrorCode(pSecure));
iReturnValue = 1;
goto cleanup;
}
// Required: unique name of the accountspecified on the server.
PdfSecureSetSessionPropertyString(pSecure, _T("Identity"), _T("Rigora"));
// Required: identifies the signature specifications by a unique name.
PdfSecureSetSessionPropertyString(pSecure, _T("Profile"), _T("Default"));
// Required: password which secures the access to the account.
PdfSecureSetSessionPropertyString(pSecure, _T("secret"), _T("NeE=EKEd33FeCk70"));
// Required: helps to separate access and to create better statistics.
PdfSecureSetSessionPropertyString(pSecure, _T("clientId"), _T("3949-4929-3179-2818"));
// Required: activates the signing key.
PdfSecureSetSessionPropertyString(pSecure, _T("pin"), _T("123456"));
// Optional: default value "SHA-256"
PdfSecureSetSessionPropertyString(pSecure, _T("MessageDigestAlgorithm"), _T("SHA-256"));
// Begin session using DigiCert-QuoVadis Sealsign (demo version)
if (!PdfSecureBeginSession(pSecure, _T("https://services.sealsignportal.com/sealsign/ws/BrokerClient")))
{
_tprintf(_T("Unable to connect to DigiCert-QuoVadis Sealsign. %s (ErrorCode: 0x%08x).\n"), PdfSecureGetErrorMessage(pSecure), PdfSecureGetErrorCode(pSecure));
iReturnValue = 1;
goto cleanup;
}
// Create signature object
pSignature = PdfSignatureCreateObject();
// Add signature
// Required, name of the signer
PdfSignatureSetName(pSignature, _T("Rigora"));
PdfSecureAddSignature(pSecure, pSignature);
// Sign document
if (!PdfSecureSaveAs(pSecure, szOutputPath, _T(""), _T(""), ePermNoEncryption, 0, _T(""), _T("")))
{
_tprintf(_T("Unable to sign document %s. %s (ErrorCode: 0x%08x).\n"), szOutputPath, PdfSecureGetErrorMessage(pSecure), PdfSecureGetErrorCode(pSecure));
iReturnValue = 1;
goto cleanup;
}
// Cleanup
PdfSecureClose(pSecure);
PdfSecureEndSession(pSecure);
Sign a PDF using GlobalSign Digital Signing Service
Add a digital signature with time-stamp to a PDF document. Use the GlobalSign Digital Signing Service to create the signature. Configure the provider properties, such as client certificate, its password and account credentials.
// Create secure object
using (Secure secure = new Secure())
{
// Open input file
if (!secure.Open(inputPath, ""))
throw new Exception(String.Format("Input file {0} cannot be opened. " +
"{1} (ErrorCode: 0x{2:x}).", inputPath, secure.ErrorMessage, secure.ErrorCode));
// Required: insert your account credentials’ key parameter for the login request
secure.SetSessionPropertyString("api_key", "****fill in****");
// Required: insert your account credentials’ secret parameter for the login request
secure.SetSessionPropertyString("api_secret", "****fill in****");
// Required: parameter to create the signing certificate
secure.SetSessionPropertyString("Identity", "{ }");
// Required: insert byte array of SSL client certificate in PKCS#12 Format (.p12, .pfx)
secure.SetSessionPropertyBytes("SSLClientCertificate", File.ReadAllBytes("****fill in****"));
// Optional: password to decrypt the private key of theSSL client certificate
secure.SetSessionPropertyString("SSLClientCertificatePassword", "****fill in****");
// Recommended: The server's SSL certificate or its issuer (CA) certificate.
secure.SetSessionPropertyBytes("SSLServerCertificate", File.ReadAllBytes("globalsign-root-ca.cer"));
// Begin session using GlobalSign Digital Signing Service
if (!secure.BeginSession("https://emea.api.dss.globalsign.com:8443/v2"))
throw new Exception(String.Format("Unable to establish connection to GlobalSign Digital " +
"Signing Service. {0} (ErrorCode: 0x{1:x}).", secure.ErrorMessage, secure.ErrorCode));
// Add signature
using (Signature signature = new Signature())
{
// Required, name of the signer
signature.Name = signatureName;
signature.TimeStampURL = "urn:ietf:rfc:3161";
secure.AddSignature(signature);
}
// Sign document
if (!secure.SaveAs(outputPath, "", "", PDFPermission.ePermNoEncryption, 0, "", ""))
throw new Exception(String.Format("Unable to sign document {0}. {1} (ErrorCode: 0x{2:x}).",
outputPath, secure.ErrorMessage, secure.ErrorCode));
// Cleanup
secure.Close();
secure.EndSession();
}
// Create secure object
secure = new Secure();
// Open input file
if (!secure.open(inputPath, ""))
throw new IOException(String.format("Input file %s cannot be opened. %s (ErrorCode: 0x%08x).",
inputPath, secure.getErrorMessage(), secure.getErrorCode()));
// Required: insert your account credentials' key parameter for the login request
secure.setSessionPropertyString("api_key", "*****fill in*****");
// Required: insert your account credentials' secret parameter for the login request
secure.setSessionPropertyString("api_secret", "*****fill in*****");
// Required: parameter to create the signing certificate
secure.setSessionPropertyString("Identity", "{ }");
// Required: insert byte array of SSL client certificate in PKCS#12 Format (.p12, .pfx)
secure.setSessionPropertyBytes("SSLClientCertificate",
Files.readAllBytes(Paths.get("*****fil in*****")));
// Optional: password to decrypt the private key of theSSL client certificate
secure.setSessionPropertyString("SSLClientCertificatePassword", "*****fill in*****");
// Recommended: server's SSL certificate or its issuer (CA) certificate.
secure.setSessionPropertyBytes("SSLServerCertificate",
Files.readAllBytes(Paths.get("globalsign-root-ca.cer")));
// Begin session using GlobalSign Digital Signing Service
if (!secure.beginSession("https://emea.api.dss.globalsign.com:8443/v2"))
throw new IOException(String.format("Unable to establish connection to GlobalSign Digital " +
"Signing Service. %s (ErrorCode: 0x%08x).", secure.getErrorMessage(),
secure.getErrorCode()));
// Add signature
signature = new Signature();
// Required, name of the signer
signature.setName(signatureName);
signature.setTimeStampURL("urn:ietf:rfc:3161");
secure.addSignature(signature);
// Sign document
if (!secure.saveAs(outputPath, "", "", NativeLibrary.PERMISSION.ePermNoEncryption, 0, "", ""))
throw new IOException(String.format("Unable to sign document %s. %s (ErrorCode: 0x%08x).",
outputPath, secure.getErrorMessage(), secure.getErrorCode()));
// Cleanup
secure.close();
secure.endSession();
// Create secure object
pSecure = PdfSecureCreateObject();
// Open input file
if (!PdfSecureOpen(pSecure, szInputPath, _T("")))
{
_tprintf(_T("Input file %s cannot be opened. %s (ErrorCode: 0x%08x).\n"), szInputPath, PdfSecureGetErrorMessage(pSecure), PdfSecureGetErrorCode(pSecure));
iReturnValue = 1;
goto cleanup;
}
// Required: insert your account credentials’ key parameter for the login request
PdfSecureSetSessionPropertyString(pSecure, _T("api_key"), _T("****fill in****"));
// Required: insert your account credentials’ secret parameter for the login request
PdfSecureSetSessionPropertyString(pSecure, _T("api_secret"), _T("****fill in****"));
// Required: parameter to create the signing certificate
PdfSecureSetSessionPropertyString(pSecure, _T("Identity"), _T("{ }"));
// Required: insert byte array of SSL client certificate in PKCS#12 Format (.p12, .pfx)
PdfSecureSetSessionPropertyString(pSecure, _T("SSLClientCertificate"), _T("****fill in****"));
// Optional: password to decrypt the private key of theSSL client certificate
PdfSecureSetSessionPropertyString(pSecure, _T("SSLClientCertificatePassword"), _T("****fill in****"));
// Recommended: path to server's SSL certificate or its issuer (CA) certificate.
PdfSecureSetSessionPropertyString(pSecure, _T("SSLServerCertificate"), _T("globalsign-root-ca.cer"));
// Begin session using GlobalSign Digital Signing Service
if (!PdfSecureBeginSession(pSecure, _T("https://emea.api.dss.globalsign.com:8443/v2")))
{
_tprintf(_T("Unable to connect to GlobalSign Digital Signing Service. %s (ErrorCode: 0x%08x).\n"), PdfSecureGetErrorMessage(pSecure), PdfSecureGetErrorCode(pSecure));
iReturnValue = 1;
goto cleanup;
}
// Create signature object
pSignature = PdfSignatureCreateObject();
// Add signature
// Required, name of the signer
PdfSignatureSetName(pSignature, szSignatureName);
PdfSignatureSetTimeStampURL(pSignature, _T("urn:ietf:rfc:3161"));
PdfSecureAddSignature(pSecure, pSignature);
// Sign document
if (!PdfSecureSaveAs(pSecure, szOutputPath, _T(""), _T(""), ePermNoEncryption, 0, _T(""), _T("")))
{
_tprintf(_T("Unable to sign document %s. %s (ErrorCode: 0x%08x).\n"), szOutputPath, PdfSecureGetErrorMessage(pSecure), PdfSecureGetErrorCode(pSecure));
iReturnValue = 1;
goto cleanup;
}
// Cleanup
PdfSecureClose(pSecure);
PdfSecureEndSession(pSecure);
Sign a PDF using PKCS#11 Provider
Use a PKCS#11 Provider to access the certificate and to get the necessary cryptographic algorithms. Use the common name to access the certificate.
// Create secure object
using (Secure secure = new Secure())
{
// Open input file
if (!secure.Open(inputPath, ""))
throw new Exception(String.Format("Input file {0} cannot be opened. " +
"{1} (ErrorCode: 0x{2:x}).", inputPath, secure.ErrorMessage, secure.ErrorCode));
// Begin session using PKCS#11
// General: "PathToDll;SlotId;Pin"
if (!secure.BeginSession("****fill in****"))
throw new Exception(String.Format("Unable to connect to PKCS#11. {0} (ErrorCode: 0x{1:x}).",
secure.ErrorMessage, secure.ErrorCode));
// Create signature object
using (Signature signature = new Signature())
{
signature.Name = certificate;
secure.AddSignature(signature);
// Sign document
if (!secure.SaveAs(outputPath, "", "", PDFPermission.ePermNoEncryption, 0, "", ""))
throw new Exception(String.Format("Unable to sign document {0}. " +
"{1} (ErrorCode: 0x{2:x}).", outputPath, secure.ErrorMessage, secure.ErrorCode));
}
// Cleanup
secure.Close();
secure.EndSession();
}
// Create secure object
secure = new Secure();
// Open input file
if (!secure.open(inputPath, ""))
throw new IOException(String.format("Input file %s cannot be opened. %s (ErrorCode: 0x%08x).",
inputPath, secure.getErrorMessage(), secure.getErrorCode()));
// Begin session using PKCS#11
// General: "PathToDll;SlotId;Pin"
if (!secure.beginSession("*****fill in*****"))
throw new IOException(String.format("Unable to connect to PKCS#11. %s (ErrorCode: 0x%08x).",
secure.getErrorMessage(), secure.getErrorCode()));
// Create signature object
signature = new Signature();
signature.setName(certificate);
secure.addSignature(signature);
// Sign document
if (!secure.saveAs(outputPath, "", "", NativeLibrary.PERMISSION.ePermNoEncryption, 0, "", ""))
throw new IOException(String.format("Unable to sign document %s. %s (ErrorCode: 0x%08x).",
outputPath, secure.getErrorMessage(), secure.getErrorCode()));
// Cleanup
secure.close();
secure.endSession();
// Create secure object
pSecure = PdfSecureCreateObject();
// Open input file
if (!PdfSecureOpen(pSecure, szInputPath, _T("")))
{
_tprintf(_T("Input file %s cannot be opened. %s (ErrorCode: 0x%08x).\n"), szInputPath, PdfSecureGetErrorMessage(pSecure), PdfSecureGetErrorCode(pSecure));
iReturnValue = 1;
goto cleanup;
}
// Begin session using PKCS#11
// General: "PathToDll;SlotId;Pin"
if (!PdfSecureBeginSession(pSecure, "****fill in****"))
{
_tprintf(_T("Unable to connect to PKCS#11. %s (ErrorCode: 0x%08x).\n"), PdfSecureGetErrorMessage(pSecure), PdfSecureGetErrorCode(pSecure));
iReturnValue = 1;
goto cleanup;
}
// Create signature object
pSignature = PdfSignatureCreateObject();
PdfSignatureSetName(pSignature, szCertificate);
PdfSecureAddSignature(pSecure, pSignature);
// Sign document
if (!PdfSecureSaveAs(pSecure, szOutputPath, _T(""), _T(""), ePermNoEncryption, 0, _T(""), _T("")))
{
_tprintf(_T("Unable to sign document %s. %s (ErrorCode: 0x%08x).\n"), szOutputPath, PdfSecureGetErrorMessage(pSecure), PdfSecureGetErrorCode(pSecure));
iReturnValue = 1;
goto cleanup;
}
// Cleanup
PdfSecureClose(pSecure);
Sign PDF using Swisscom All-in Signing Service
Add a digital signature to a PDF document. Use the Swisscom All-in Signing Service to create the signature. Set different mandatory properties such as the client certificate and its password, the customer identity and a DSS profile.
// Create secure object
using (Secure secure = new Secure())
{
// Open input file
if (!secure.Open(inputPath, ""))
throw new Exception(String.Format("Input file {0} cannot be opened. " +
"{1} (ErrorCode: 0x{2:x}).", inputPath, secure.ErrorMessage, secure.ErrorCode));
// Required: insert missing value ‹customer name›:‹key identity›
secure.SetSessionPropertyString("Identity", "****fill in****");
// Required: set DSSProfile
secure.SetSessionPropertyString("DSSProfile", "http://ais.swisscom.ch/1.0");
// Required: insert byte array of SSL client certificate in PKCS#12 Format (.p12, .pfx)
secure.SetSessionPropertyBytes("SSLClientCertificate", File.ReadAllBytes(@"****fill in****"));
// Optional: insert password to decrypt the private key of the SSL client certificate
secure.SetSessionPropertyString("SSLClientCertificatePassword", "****fill in****");
// Recommended: set server's SSL certificate or its issuer (CA) certificate.
secure.SetSessionPropertyBytes("SSLServerCertificate", File.ReadAllBytes("ais.swisscom-root-ca.cer"));
// Create a Request-ID
Guid requestId = Guid.NewGuid();
secure.SetSessionPropertyString("RequestID", requestId.ToString("D"));
// Begin session using Swisscom All-in Signing Service
if (!secure.BeginSession(@"https://ais.swisscom.com/AIS-Server/rs/v1.0/sign"))
throw new Exception(String.Format("Unable to establish connection to Swisscom All-in " +
"Signing Service. {0} (ErrorCode: 0x{1:x}).", secure.ErrorMessage, secure.ErrorCode));
// Add signature
using (Signature signature = new Signature())
{
// Required, name of the signer
signature.Name = "****fill in****";
secure.AddSignature(signature);
}
// Sign document
if (!secure.SaveAs(outputPath, "", "", PDFPermission.ePermNoEncryption, 0, "", ""))
throw new Exception(String.Format("Unable to sign document {0}. {1} (ErrorCode: 0x{2:x}, " +
"Request-ID: {3}).", outputPath, secure.ErrorMessage, secure.ErrorCode, requestId));
// Cleanup
secure.Close();
secure.EndSession();
}
// Create secure object
secure = new Secure();
// Open input file
if (!secure.open(inputPath, ""))
throw new IOException(String.format("Input file %s cannot be opened. %s (ErrorCode: 0x%08x).",
inputPath, secure.getErrorMessage(), secure.getErrorCode()));
// Required: insert missing value ‹customer name›:‹key identity›
secure.setSessionPropertyString("Identity", "*****fill in****");
// Required: set DSSProfile
secure.setSessionPropertyString("DSSProfile", "http://ais.swisscom.ch/1.0");
// Required: insert byte array of SSL client certificate in PKCS#12 Format (.p12, .pfx)
secure.setSessionPropertyBytes("SSLClientCertificate",
Files.readAllBytes(Paths.get("*****fill in*****")));
// Optional: insert password to decrypt the private key of the SSL client certificate
secure.setSessionPropertyString("SSLClientCertificatePassword", "*****fill in*****");
// Recommended: set server's SSL certificate or its issuer (CA) certificate.
secure.setSessionPropertyBytes("SSLServerCertificate",
Files.readAllBytes(Paths.get("ais.swisscom-root-ca.cer")));
// Create a Request-ID
UUID requestId = UUID.randomUUID();
secure.setSessionPropertyString("RequestID", requestId.toString());
// Begin session using Swisscom All-in Signing Service
if (!secure.beginSession("https://ais.swisscom.com/AIS-Server/rs/v1.0/sign"))
throw new IOException(String.format("Unable to establish connection to Swisscom All-in " +
"Signing Service. %s (ErrorCode: 0x%08x).", secure.getErrorMessage(),
secure.getErrorCode()));
// Add signature
signature = new Signature();
// Required, name of the signer
signature.setName("****fill in****");
secure.addSignature(signature);
// Sign document
if (!secure.saveAs(outputPath, "", "", NativeLibrary.PERMISSION.ePermNoEncryption, 0, "", ""))
throw new IOException(String.format("Unable to sign document %s. %s (ErrorCode: 0x%08x, " +
"Request-ID: %s).", outputPath, secure.getErrorMessage(), secure.getErrorCode(),
requestId));
// Cleanup
secure.close();
secure.endSession();
// Create secure object
pSecure = PdfSecureCreateObject();
// Open input file
if (!PdfSecureOpen(pSecure, szInputPath, _T("")))
{
_tprintf(_T("Input file %s cannot be opened. %s (ErrorCode: 0x%08x).\n"), szInputPath, PdfSecureGetErrorMessage(pSecure), PdfSecureGetErrorCode(pSecure));
iReturnValue = 1;
goto cleanup;
}
// Required: insert missing value ‹customer name›:‹key identity›
PdfSecureSetSessionPropertyString(pSecure, _T("Identity"), _T("****fill in****"));
// Required: set DSSProfile
PdfSecureSetSessionPropertyString(pSecure, _T("DSSProfile"), _T("http://ais.swisscom.ch/1.0"));
// Required: insert byte array of SSL client certificate in PKCS#12 Format (.p12, .pfx)
PdfSecureSetSessionPropertyString(pSecure, _T("SSLClientCertificate"), _T("****fill in****"));
// Optional: insert password to decrypt the private key of the SSL client certificate
PdfSecureSetSessionPropertyString(pSecure, _T("SSLClientCertificatePassword"), _T("****fill in****"));
// Recommended: Path to server's SSL certificate or its issuer (CA) certificate.
PdfSecureSetSessionPropertyString(pSecure, _T("SSLServerCertificate"), _T("ais.swisscom-root-ca.cer"));
// Recommended, insert any string that can be used to track the request
PdfSecureSetSessionPropertyString(pSecure, _T("RequestID"), _T("AE57F021-C0EB-4AE0-8E5E-67FB93E5BC7F"));
// Begin session using Swisscom All-in Signing Service
if (!PdfSecureBeginSession(pSecure, _T("https://ais.swisscom.com/AIS-Server/rs/v1.0/sign")))
{
_tprintf(_T("Unable to connect to Swisscom All-in Signing Service. %s (ErrorCode: 0x%08x).\n"), PdfSecureGetErrorMessage(pSecure), PdfSecureGetErrorCode(pSecure));
iReturnValue = 1;
goto cleanup;
}
// Create signature object
pSignature = PdfSignatureCreateObject();
// Add signature
// Required, name of the signer
PdfSignatureSetName(pSignature, _T("****fill in****"));
PdfSecureAddSignature(pSecure, pSignature);
// Sign document
if (!PdfSecureSaveAs(pSecure, szOutputPath, _T(""), _T(""), ePermNoEncryption, 0, _T(""), _T("")))
{
_tprintf(_T("Unable to sign document %s. %s (ErrorCode: 0x%08x).\n"), szOutputPath, PdfSecureGetErrorMessage(pSecure), PdfSecureGetErrorCode(pSecure));
iReturnValue = 1;
goto cleanup;
}
// Cleanup
PdfSecureClose(pSecure);
PdfSecureEndSession(pSecure);
Sign a PDF using SwissSign Digital Signing Service
Assure the authenticity and the integrity of a PDF document by adding a signature and a time-stamp. Use the SwissSign Digital Signing Service to create the signature. Set different mandatory properties such as the client certificate and its password.
// Create secure object
using (Secure secure = new Secure())
{
// Open input file
if (!secure.Open(inputPath, ""))
throw new Exception(String.Format("Input file {0} cannot be opened. " +
"{1} (ErrorCode: 0x{2:x}).", inputPath, secure.ErrorMessage, secure.ErrorCode));
// Required: set identity of the signing certificate
secure.SetSessionPropertyString("Identity", "****fill in****");
// Required: set DSSProfile
secure.SetSessionPropertyString("DSSProfile", "http://dss.swisssign.net/dss/profile/pades/1.0");
// Required: insert byte array of SSL client certificate in PKCS#12 Format (.p12, .pfx)
secure.SetSessionPropertyBytes("SSLClientCertificate", File.ReadAllBytes("****fill in****"));
// Optional: set password to decrypt the private key of the SSL client certificate
secure.SetSessionPropertyString("SSLClientCertificatePassword", "****fill in****");
// Recommended: Path to server's SSL certificate or its issuer (CA) certificate.
secure.SetSessionPropertyString("SSLServerCertificate", "swisssign-root-ca.cer");
// Create a Request-ID
Guid requestId = Guid.NewGuid();
secure.SetSessionPropertyString("RequestID", requestId.ToString("D"));
// Begin session using Swiss Sign Digital Signing Service
if (!secure.BeginSession(@"https://dss.signdemo.com/dss/DS"))
throw new Exception(String.Format("Unable to establish connection to Swiss Sign Digital " +
"Signing Service. {0} (ErrorCode: 0x{1:x}).", secure.ErrorMessage, secure.ErrorCode));
// Add signature
using (Signature signature = new Signature())
{
// Required, name of signer
signature.Name = "****fill in****";
signature.TimeStampURL = "urn:ietf:rfc:3161";
secure.AddSignature(signature);
}
// Sign document
if (!secure.SaveAs(outputPath, "", "", PDFPermission.ePermNoEncryption, 0, "", ""))
throw new Exception(String.Format("Unable to sign document {0}. {1} (ErrorCode: 0x{2:x}, " +
"Request-ID: {3}).", outputPath, secure.ErrorMessage, secure.ErrorCode, requestId));
// Cleanup
secure.Close();
secure.EndSession();
}
// Create secure object
secure = new Secure();
// Open input file
if (!secure.open(inputPath, ""))
throw new IOException(String.format("Input file %s cannot be opened. %s (ErrorCode: 0x%08x).",
inputPath, secure.getErrorMessage(), secure.getErrorCode()));
// Required: set identity of the signing certificate
secure.setSessionPropertyString("Identity", "*****fill in*****");
// Required: set DSSProfile
secure.setSessionPropertyString("DSSProfile", "http://dss.swisssign.net/dss/profile/pades/1.0");
// Required: insert byte array of SSL client certificate in PKCS#12 Format (.p12, .pfx)
secure.setSessionPropertyBytes("SSLClientCertificate",
Files.readAllBytes(Paths.get("*****fill in*****")));
// Optional: set password to decrypt the private key of the SSL client certificate
secure.setSessionPropertyString("SSLClientCertificatePassword", "*****fill in*****");
// Recommended: Path to server's SSL certificate or its issuer (CA) certificate.
secure.setSessionPropertyString("SSLServerCertificate", "swisssign-root-ca.cer");
// Create a Request-ID
UUID requestId = UUID.randomUUID();
secure.setSessionPropertyString("RequestID", requestId.toString());
// Begin session using Swiss Sign Digital Signing Service
if (!secure.beginSession("https://dss.signdemo.com/dss/DS"))
throw new IOException(String.format("Unable to establish connection to Swiss Sign Digital" +
"Signing Service. %s (ErrorCode: 0x%08x).", secure.getErrorMessage(),
secure.getErrorCode()));
// Add signature
signature = new Signature();
// Required, name of the signer
signature.setName("****fill in****");
signature.setTimeStampURL("urn:ietf:rfc:3161");
secure.addSignature(signature);
// Sign document
if (!secure.saveAs(outputPath, "", "", NativeLibrary.PERMISSION.ePermNoEncryption, 0, "", ""))
throw new IOException(String.format("Unable to sign document %s. %s (ErrorCode: 0x%08x, " +
"Request-ID: %s).", outputPath, secure.getErrorMessage(), secure.getErrorCode(),
requestId));
// Cleanup
secure.close();
secure.endSession();
// Create secure object
pSecure = PdfSecureCreateObject();
// Open input file
if (!PdfSecureOpen(pSecure, szInputPath, _T("")))
{
_tprintf(_T("Input file %s cannot be opened. %s (ErrorCode: 0x%08x).\n"), szInputPath, PdfSecureGetErrorMessage(pSecure), PdfSecureGetErrorCode(pSecure));
iReturnValue = 1;
goto cleanup;
}
// Required: insert missing value ‹customer name›:‹key identity›
PdfSecureSetSessionPropertyString(pSecure, _T("Identity"), _T("****fill in****"));
// Required: set DSSProfile
PdfSecureSetSessionPropertyString(pSecure, _T("DSSProfile"), _T("http://dss.swisssign.net/dss/profile/pades/1.0"));
// Required: insert byte array of SSL client certificate in PKCS#12 Format (.p12, .pfx)
PdfSecureSetSessionPropertyString(pSecure, _T("SSLClientCertificate"), _T("****fill in****"));
// Optional: insert password to decrypt the private key of the SSL client certificate
PdfSecureSetSessionPropertyString(pSecure, _T("SSLClientCertificatePassword"), _T("****fill in****"));
// Recommended: Path to server's SSL certificate or its issuer (CA) certificate.
PdfSecureSetSessionPropertyString(pSecure, _T("SSLServerCertificate"), _T("swisssign-root-ca.cer"));
// Recommended, insert any string that can be used to track the request, e.g. an UUID
PdfSecureSetSessionPropertyString(pSecure, _T("RequestID"), _T("1"));
// Begin session using Swiss Sign Digital Signing Service
if (!PdfSecureBeginSession(pSecure, _T("https://dss.signdemo.com/dss/DS")))
{
_tprintf(_T("Unable to connect to Swiss Sign Digital Signing Service. %s (ErrorCode: 0x%08x).\n"), PdfSecureGetErrorMessage(pSecure), PdfSecureGetErrorCode(pSecure));
iReturnValue = 1;
goto cleanup;
}
// Create signature object
pSignature = PdfSignatureCreateObject();
// Add signature
// Required, name of the signer
PdfSignatureSetName(pSignature, _T("****fill in****"));
PdfSignatureSetTimeStampURL(pSignature, _T("urn:ietf:rfc:3161"));
PdfSecureAddSignature(pSecure, pSignature);
// Sign document
if (!PdfSecureSaveAs(pSecure, szOutputPath, _T(""), _T(""), ePermNoEncryption, 0, _T(""), _T("")))
{
_tprintf(_T("Unable to sign document %s. %s (ErrorCode: 0x%08x).\n"), szOutputPath, PdfSecureGetErrorMessage(pSecure), PdfSecureGetErrorCode(pSecure));
iReturnValue = 1;
goto cleanup;
}
// Cleanup
PdfSecureClose(pSecure);
PdfSecureEndSession(pSecure);
Sign a PDF using SwissSign SuisseID Signing Service
Use the SwissSign SuisseID Signing Service to create the signature. Additionally, add a time-stamp to strengthen the authenticity of the signature. Imprint a visual appearance of the signature on the first page of the PDF document.
// Create secure object
using (Secure secure = new Secure())
{
// Open input file
if (!secure.Open(inputPath, ""))
throw new Exception(String.Format("Input file {0} cannot be opened. " +
"{1} (ErrorCode: 0x{2:x}).", inputPath, secure.ErrorMessage, secure.ErrorCode));
// Required: SAML token issued by the SuisseID Identity Provider (IDP)
secure.SetSessionPropertyString("SAMLToken", samlToken);
// Required: insert byte array of SSL client certificate in PKCS#12 Format (.p12, .pfx)
secure.SetSessionPropertyBytes("SSLClientCertificate", File.ReadAllBytes("****fill in****"));
// Optional: password to decrypt the private key of the SSL client certificate
secure.SetSessionPropertyString("SSLClientCertificatePassword", "****fill in****");
// Recommended: Path to server's SSL certificate or its issuer (CA) certificate.
secure.SetSessionPropertyString("SSLServerCertificate", "swisssign-root-ca.cer");
// Begin session using SwissSign SuisseID Signing Service
if (!secure.BeginSession("https://sig.post.ch/sigaas/?SuisseID"))
throw new Exception(String.Format("Unable to establish connection to SwissSign SuisseID " +
"Signing Service. {0} (ErrorCode: 0x{1:x}).", secure.ErrorMessage, secure.ErrorCode));
// Add signature and time-stamp
using (Signature signature = new Signature())
{
// Required, name of signer
signature.Name = signatureName;
signature.TimeStampURL = "http://tsa.swisssign.net";
signature.Reason = "Document reviewed!";
signature.Text1 = "\t10,44 " + signature.Name;
signature.FontSize1 = 15;
signature.FontSize2 = 6;
signature.ImageFileName = "DigitalSignature.jpg";
signature.PageNo = 1;
signature.Rect = new PDFRect(10.0f, 10.0f, 145.0f, 86.0f);
secure.AddSignature(signature);
}
// Sign document
if (!secure.SaveAs(outputPath, "", "", PDFPermission.ePermNoEncryption, 0, "", ""))
throw new Exception(String.Format("Unable to sign document {0}. {1} (ErrorCode: 0x{2:x}).",
outputPath, secure.ErrorMessage, secure.ErrorCode));
// Cleanup
secure.Close();
secure.EndSession();
}
// Create secure object
secure = new Secure();
// Open input file
if (!secure.open(inputPath, ""))
throw new IOException(String.format("Input file %s cannot be opened. %s (ErrorCode: 0x%08x).",
inputPath, secure.getErrorMessage(), secure.getErrorCode()));
// Required: SAML token issued by the SuisseID Identity Provider (IDP)
secure.setSessionPropertyString("SAMLToken", samlToken);
// Required: insert byte array of SSL client certificate in PKCS#12 Format (.p12, .pfx)
secure.setSessionPropertyBytes("SSLClientCertificate",
Files.readAllBytes(Paths.get("****fill in****")));
// Optional: password to decrypt the private key of the SSL client certificate
secure.setSessionPropertyString("SSLClientCertificatePassword", "****fill in****");
// Recommended: Path to server's SSL certificate or its issuer (CA) certificate.
secure.setSessionPropertyString("SSLServerCertificate", "swisssign-root-ca.cer");
// Begin session using SwissSign SuisseID Signing Service
if (!secure.beginSession("https://sig.post.ch/sigaas/?SuisseID"))
throw new IOException(String.format("Unable to establish connection to SwissSign SuisseID " +
"Signing Service. %s (ErrorCode: 0x%08x).", secure.getErrorMessage(),
secure.getErrorCode()));
// Add signature and time-stamp
signature = new Signature();
// Required, name of the signer
signature.setName(signatureName);
signature.setTimeStampURL("http://tsa.swisssign.net");
signature.setReason("Document reviewed!");
signature.setText1("\t10,44" + signature.getName());
signature.setFontSize1(15);
signature.setFontSize2(6);
signature.setImageFileName("DigitalSignature.jpg");
signature.setPageNo(1);
signature.setRect(new float[]{10.0f, 10.0f, 145.0f, 86.0f});
secure.addSignature(signature);
// Sign document
if (!secure.saveAs(outputPath, "", "", NativeLibrary.PERMISSION.ePermNoEncryption, 0, "", ""))
throw new IOException(String.format("Unable to sign document %s. %s (ErrorCode: 0x%08x).",
outputPath, secure.getErrorMessage(), secure.getErrorCode()));
// Cleanup
secure.close();
secure.endSession();
// Create secure object
pSecure = PdfSecureCreateObject();
// Open input file
if (!PdfSecureOpen(pSecure, szInputPath, _T("")))
{
_tprintf(_T("Input file %s cannot be opened. %s (ErrorCode: 0x%08x).\n"), szInputPath, PdfSecureGetErrorMessage(pSecure), PdfSecureGetErrorCode(pSecure));
iReturnValue = 1;
goto cleanup;
}
// Required: SAML token issued by the SuisseID Identity Provider (IDP)
PdfSecureSetSessionPropertyString(pSecure, _T("SAMLToken"), szSAMLToken));
// Required: insert byte array of SSL client certificate in PKCS#12 Format (.p12, .pfx)
PdfSecureSetSessionPropertyString(pSecure, _T("SSLClientCertificate"), _T("****fill in****"));
// Optional: password to decrypt the private key of the SSL client certificate
PdfSecureSetSessionPropertyString(pSecure, _T("SSLClientCertificatePassword"), _T("****fill in****"));
// Recommended: Path to server's SSL certificate or its issuer (CA) certificate.
PdfSecureSetSessionPropertyString(pSecure, _T("SSLServerCertificate"), _T("swisssign-root-ca.cer"));
// Begin session using SwissSign SuisseID Signing Service
if (!PdfSecureBeginSession(pSecure, _T("https://sig.post.ch/sigaas/?SuisseID")))
{
_tprintf(_T("Unable to establish connection to SwissSign Suisse ID Signing Service. %s (ErrorCode: 0x%08x).\n"), PdfSecureGetErrorMessage(pSecure), PdfSecureGetErrorCode(pSecure));
iReturnValue = 1;
goto cleanup;
}
// Create signature object
pSignature = PdfSignatureCreateObject();
// Add signature and time-stamp
// Required, name of the signer
PdfSignatureSetName(pSignature, szSignatureName);
PdfSignatureSetTimeStampURL(pSignature, _T("http://tsa.swisssign.net"));
PdfSignatureSetReason(pSignature, _T("Document reviewed!"));
PdfSignatureSetText1(pSignature, (_T("\t10,44 %s"), PdfSignatureGetName(pSignature)));
PdfSignatureSetFontSize1(pSignature, 15);
PdfSignatureSetFontSize2(pSignature, 6);
PdfSignatureSetImageFileName(pSignature, _T("DigitalSignature.jpg"));
PdfSignatureSetPageNo(pSignature, 1);
PdfSignatureSetRect(pSignature, &rect);
PdfSecureAddSignature(pSecure, pSignature);
// Sign document
if (!PdfSecureSaveAs(pSecure, szOutputPath, _T(""), _T(""), ePermNoEncryption, 0, _T(""), _T("")))
{
_tprintf(_T("Unable to sign document %s. %s (ErrorCode: 0x%08x).\n"), szOutputPath, PdfSecureGetErrorMessage(pSecure), PdfSecureGetErrorCode(pSecure));
iReturnValue = 1;
goto cleanup;
}
// Cleanup
PdfSecureClose(pSecure);
PdfSecureEndSession(pSecure);
Create visual appearance of a signed PDF document
Sign the PDF document and imprint a visual appearance of the signature on a specific page of the document. Design the visual appearance and define the location within the page.
// Create secure object
using (Secure secure = new Secure())
{
// Open input file
if (!secure.Open(inputPath, ""))
throw new Exception(String.Format("Input file {0} cannot be opened. " +
"{1} (ErrorCode: 0x{2:x}).", inputPath, secure.ErrorMessage, secure.ErrorCode));
// Begin session using Windows Cryptographic Provider
if (!secure.BeginSession(""))
throw new Exception(String.Format("Unable to connect to Windows Cryptographic Provider. " +
"{0} (ErrorCode: 0x{1:x}).", secure.ErrorMessage, secure.ErrorCode));
// Create signature object
using (Signature signature = new Signature())
{
signature.Name = certificate;
signature.Reason = reason;
signature.Text1 = "\t10,47 " + signature.Name;
signature.Text2 = "\n Reason: " + signature.Reason + "\n Date: " + DateTime.Now;
signature.FontSize1 = 10;
signature.FontSize2 = 6;
signature.ImageFileName = "DigitalSignature.jpg";
signature.PageNo = 1;
signature.Rect = new PDFRect(10.0f, 10.0f, 145.0f, 86.0f);
secure.AddSignature(signature);
// Sign document and imprint visual appearance of signature
if (!secure.SaveAs(outputPath, "", "", PDFPermission.ePermNoEncryption, 0, "", ""))
throw new Exception(String.Format("Unable to sign document {0}. " +
"{1} (ErrorCode: 0x{2:x}).", outputPath, secure.ErrorMessage, secure.ErrorCode));
}
// Cleanup
secure.Close();
secure.EndSession();
}
// Create signature object
secure = new Secure();
// Open input file
if (!secure.open(inputPath, ""))
throw new IOException(String.format("Input file %s cannot be opened. %s (ErrorCode: 0x%08x).",
inputPath, secure.getErrorMessage(), secure.getErrorCode()));
// Begin session with Windows Cryptographic Provider
if (!secure.beginSession(""))
throw new IOException(String.format("Unable to connect to Cryptographic Provider." +
"%s (ErrorCode: 0x%08x).", secure.getErrorMessage(), secure.getErrorCode()));
// Create signature object
signature = new Signature();
signature.setName(certificate);
signature.setReason(reason);
signature.setText1("\t10,47 " + signature.getName());
signature.setText2("\n Reason: " + signature.getReason() + "\n Date: " +
new SimpleDateFormat("dd.MM.yyyy HH:mm:ss").format(Calendar.getInstance().getTime()));
signature.setFontSize1(10);
signature.setFontSize2(6);
signature.setImageFileName("DigitalSignature.jpg");
signature.setPageNo(1);
signature.setRect(new float[]{10.0f, 10.0f, 145.0f, 86.0f});
secure.addSignature(signature);
// Sign document and imprint visual appearance of signature
if (!secure.saveAs(outputPath, "", "", NativeLibrary.PERMISSION.ePermNoEncryption, 128, "V2", "V2"))
throw new IOException(String.format("Unable to sign document %s. %s (ErrorCode: 0x%08x).",
outputPath, secure.getErrorMessage(), secure.getErrorCode()));
// Cleanup
secure.close();
secure.endSession();
// Create secure object
pSecure = PdfSecureCreateObject();
// Open input file
if (!PdfSecureOpen(pSecure, szInputPath, _T("")))
{
_tprintf(_T("Input file %s cannot be opened. %s (ErrorCode: 0x%08x).\n"), szInputPath, PdfSecureGetErrorMessage(pSecure), PdfSecureGetErrorCode(pSecure));
iReturnValue = 1;
goto cleanup;
}
// Begin session with Windows Cryptographic Provider
if (!PdfSecureBeginSession(pSecure, _T("")))
{
_tprintf(_T("Unable to connect to Cryptographic Provider. %s (ErrorCode: 0x%08x).\n"), PdfSecureGetErrorMessage(pSecure), PdfSecureGetErrorCode(pSecure));
iReturnValue = 1;
goto cleanup;
}
// Create signature object
pSignature = PdfSignatureCreateObject();
// Get current time
time(&iTime);
szCurrentTime = localtime(&iTime);
_tcsftime(szTimeBuffer, 26, _T("%d.%m.%Y %H:%M:%S"), szCurrentTime);
PdfSignatureSetName(pSignature, szCertificate);
PdfSignatureSetReason(pSignature, szReason);
_stprintf(szCerBuff, _T("\t10,47 %s"), szCertificate);
PdfSignatureSetText1(pSignature, szCerBuff);
_stprintf(szTextBuffer, _T("\n Reason: %s \n Date: %s"), PdfSignatureGetReason(pSignature), szTimeBuffer);
PdfSignatureSetText2(pSignature, szTextBuffer);
PdfSignatureSetFontSize1(pSignature, 10);
PdfSignatureSetFontSize2(pSignature, 6);
PdfSignatureSetImageFileName(pSignature, "DigitalSignature.jpg");
PdfSignatureSetPageNo(pSignature, 1);
PdfSignatureSetRect(pSignature, &rect);
PdfSecureAddSignature(pSecure, pSignature);
// Sign document and imprint visual appearance of signature
if (!PdfSecureSaveAs(pSecure, szOutputPath, _T(""), _T(""), ePermNoEncryption, 0, _T(""), _T("")))
{
_tprintf(_T("Unable to sign document %s. %s (ErrorCode: 0x%08x).\n"), szOutputPath, PdfSecureGetErrorMessage(pSecure), PdfSecureGetErrorCode(pSecure));
iReturnValue = 1;
goto cleanup;
}
// Cleanup
PdfSecureClose(pSecure);
PdfSecureEndSession(pSecure);
Time-stamping
Put time-stamp on a PDF using Windows Cryptographic Provider
Use the Windows Cryptographic Provider to add a time stamp.
// Create secure object
using (Secure secure = new Secure())
{
// Open input file
if (!secure.Open(inputPath, ""))
throw new Exception(String.Format("Input file {0} cannot be opened. " +
"{1} (ErrorCode: 0x{2:x}).", inputPath, secure.ErrorMessage, secure.ErrorCode));
// Add time-stamp
using (Signature timeStamp = new Signature())
{
timeStamp.TimeStampURL = "http://tsa.swisssign.net";
secure.AddTimeStampSignature(timeStamp);
}
// Put time-stamp to document
if (!secure.SaveAs(outputPath, "", "", PDFPermission.ePermNoEncryption, 0, "", ""))
throw new Exception(String.Format("Unable to add time-stamp to document {0}. " +
"{1} (ErrorCode: 0x{2:x}).", outputPath, secure.ErrorMessage, secure.ErrorCode));
// Cleanup
secure.Close();
}
// Create secure object
secure = new Secure();
// Open input file
if (!secure.open(inputPath, ""))
throw new IOException(String.format("Input file %s cannot be opened. %s (ErrorCode: 0x%08x).",
inputPath, secure.getErrorMessage(), secure.getErrorCode()));
// Add time-stamp
timeStamp = new Signature();
timeStamp.setTimeStampURL("http://tsa.swisssign.net");
secure.addTimeStampSignature(timeStamp);
// Put time-stamp to document
if (!secure.saveAs(outputPath, "", "", NativeLibrary.PERMISSION.ePermNoEncryption, 0, "", ""))
throw new IOException(String.format("Unable to add time-stamp to document %s. " +
"%s (ErrorCode: 0x%08x).", outputPath, secure.getErrorMessage(), secure.getErrorCode()));
// Cleanup
secure.close();
// Create secure object
pSecure = PdfSecureCreateObject();
// Open input file
if (!PdfSecureOpen(pSecure, szInputPath, _T("")))
{
_tprintf(_T("Input file %s cannot be opened. %s (ErrorCode: 0x%08x).\n"), szInputPath, PdfSecureGetErrorMessage(pSecure), PdfSecureGetErrorCode(pSecure));
iReturnValue = 1;
goto cleanup;
}
// Create signature object
pTimeStamp = PdfSignatureCreateObject();
// Add time-stamp
PdfSignatureSetTimeStampURL(pTimeStamp, _T("http://tsa.swisssign.net"));
PdfSecureAddTimeStampSignature(pSecure, pTimeStamp);
// Put time-stamp to document
if (!PdfSecureSaveAs(pSecure, szOutputPath, _T(""), _T(""), ePermNoEncryption, 0, _T(""), _T("")))
{
_tprintf(_T("Unable to add time-stamp to document %s. %s (ErrorCode: 0x%08x).\n"), szOutputPath, PdfSecureGetErrorMessage(pSecure), PdfSecureGetErrorCode(pSecure));
iReturnValue = 1;
goto cleanup;
}
// Cleanup
PdfSecureClose(pSecure);
Put time-stamp on a PDF using GlobalSign Digital Signing Service
Generate a time-stamp using the GlobalSign Digital Signing Services.
// Create secure object
using (Secure secure = new Secure())
{
// Open input file
if (!secure.Open(inputPath, ""))
throw new Exception(String.Format("Input file {0} cannot be opened. " +
"{1} (ErrorCode: 0x{2:x}).", inputPath, secure.ErrorMessage, secure.ErrorCode));
// Required: insert your account credentials’ key parameter for the login request
secure.SetSessionPropertyString("api_key", "****fill in****");
// Required: insert your account credentials’ secret parameter for the login request
secure.SetSessionPropertyString("api_secret", "****fill in****");
// Required: parameter to create the signing certificate
secure.SetSessionPropertyString("Identity", "{ }");
// Required: insert byte array of SSL client certificate in PKCS#12 Format (.p12, .pfx)
secure.SetSessionPropertyBytes("SSLClientCertificate", File.ReadAllBytes("****fill in****"));
// Optional: password to decrypt the private key of theSSL client certificate
secure.SetSessionPropertyString("SSLClientCertificatePassword", "****fill in****");
// Recommended: server's SSL certificate or its issuer (CA) certificate.
secure.SetSessionPropertyBytes("SSLServerCertificate", File.ReadAllBytes("globalsign-root-ca.cer"));
// Begin session using GlobalSign Digital Signing Service
if (!secure.BeginSession("https://emea.api.dss.globalsign.com:8443/v2"))
throw new Exception(String.Format("Unable to establish connection to GlobalSign Digital " +
"Signing Service. {0} (ErrorCode: 0x{1:x}).", secure.ErrorMessage, secure.ErrorCode));
// Add time-stamp
using (Signature signature = new Signature())
{
signature.TimeStampURL = "urn:ietf:rfc:3161";
secure.AddTimeStampSignature(signature);
}
// Save output document
if (!secure.SaveAs(outputPath, "", "", PDFPermission.ePermNoEncryption, 0, "", ""))
throw new Exception(String.Format("Unable to add time-stamp to document {0}. " +
"{1} (ErrorCode: 0x{2:x}).", outputPath, secure.ErrorMessage, secure.ErrorCode));
// Cleanup
secure.Close();
secure.EndSession();
}
// Create secure object
secure = new Secure();
// Open input file
if (!secure.open(inputPath, ""))
throw new IOException(String.format("Input file %s cannot be opened. %s (ErrorCode: 0x%08x).",
inputPath, secure.getErrorMessage(), secure.getErrorCode()));
// Required: insert your account credentials' key parameter for the login request
secure.setSessionPropertyString("api_key", "****fill in****");
// Required: insert your account credentials' secret parameter for the login request
secure.setSessionPropertyString("api_secret", "****fill in****");
// Required: parameter to create the signing certificate
secure.setSessionPropertyString("Identity", "{ }");
// Required: insert byte array of SSL client certificate in PKCS#12 Format (.p12, .pfx)
secure.setSessionPropertyBytes("SSLClientCertificate",
Files.readAllBytes(Paths.get("****fill in****")));
// Optional: password to decrypt the private key of the SSL client certificate
secure.setSessionPropertyString("SSLClientCertificatePassword", "****fill in****");
// Recommended: server's SSL certificate or its issuer (CA) certificate.
secure.setSessionPropertyBytes("SSLServerCertificate",
Files.readAllBytes(Paths.get("globalsign-root-ca.cer")));
// Begin session using GlobalSign Digital Signing Service
if (!secure.beginSession("https://emea.api.dss.globalsign.com:8443/v2"))
throw new IOException(String.format("Unable to establish connection to GlobalSign Digital " +
"Signing Service. %s (ErrorCode: 0x%08x).", secure.getErrorMessage(),
secure.getErrorCode()));
// Add time-stamp
signature = new Signature();
signature.setTimeStampURL("urn:ietf:rfc:3161");
secure.addTimeStampSignature(signature);
// Save output document
if (!secure.saveAs(outputPath, "", "", NativeLibrary.PERMISSION.ePermNoEncryption, 0, "", ""))
throw new IOException(String.format("Unable to add time-stamp to document %s. " +
"%s (ErrorCode: 0x%08x).", outputPath, secure.getErrorMessage(), secure.getErrorCode()));
// Cleanup
secure.close();
// Create secure object
pSecure = PdfSecureCreateObject();
// Open input file
if (!PdfSecureOpen(pSecure, szInputPath, _T("")))
{
_tprintf(_T("Input file %s cannot be opened. %s (ErrorCode: 0x%08x).\n"), szInputPath, PdfSecureGetErrorMessage(pSecure), PdfSecureGetErrorCode(pSecure));
iReturnValue = 1;
goto cleanup;
}
// Required: insert your account credentials' key parameter for the login request
PdfSecureSetSessionPropertyString(pSecure, _T("api_key"), _T("****fill in****"));
// Required: insert your account credentials' secret parameter for the login request
PdfSecureSetSessionPropertyString(pSecure, _T("api_secret"), _T("****fill in****"));
// Required: parameter to create the signing certificate
PdfSecureSetSessionPropertyString(pSecure, _T("Identity"), _T("{ }"));
// Required: insert byte array of SSL client certificate in PKCS#12 Format (.p12, .pfx)
PdfSecureSetSessionPropertyString(pSecure, _T("SSLClientCertificate"), _T("****fill in****"));
// Optional: password to decrypt the private key of theSSL client certificate
PdfSecureSetSessionPropertyString(pSecure, _T("SSLClientCertificatePassword"), _T("****fill in****"));
// Recommended: Path to server's SSL certificate or its issuer (CA) certificate.
PdfSecureSetSessionPropertyString(pSecure, _T("SSLServerCertificate"), _T("globalsign-root-ca.cer"));
// Begin session using GlobalSign Digital Signing Service
if (!PdfSecureBeginSession(pSecure, _T("https://emea.api.dss.globalsign.com:8443/v2")))
{
_tprintf(_T("Unable to establish connection to GlobalSign Digital Signing Service. %s (ErrorCode: 0x%08x).\n"), PdfSecureGetErrorMessage(pSecure), PdfSecureGetErrorCode(pSecure));
iReturnValue = 1;
goto cleanup;
}
// Create signature object
pTimeStamp = PdfSignatureCreateObject();
// Add time-stamp
PdfSignatureSetTimeStampURL(pTimeStamp, _T("urn:ietf:rfc:3161"));
PdfSecureAddTimeStampSignature(pSecure, pTimeStamp);
// Save output document
if (!PdfSecureSaveAs(pSecure, szOutputPath, _T(""), _T(""), ePermNoEncryption, 0, _T(""), _T("")))
{
_tprintf(_T("Unable to add time-stamp to document %s. %s (ErrorCode: 0x%08x).\n"), szOutputPath, PdfSecureGetErrorMessage(pSecure), PdfSecureGetErrorCode(pSecure));
iReturnValue = 1;
goto cleanup;
}
// Cleanup
PdfSecureClose(pSecure);
PdfSecureEndSession(pSecure);
Put time-stamp on a PDF using PKCS#11 Provider
Use the PKCS#11 Provider to add a time stamp.
// Create secure object
using (Secure secure = new Secure())
{
// Open input file
if (!secure.Open(inputPath, ""))
throw new Exception(String.Format("Input file {0} cannot be opened. " +
"{1} (ErrorCode: 0x{2:x}).", inputPath, secure.ErrorMessage, secure.ErrorCode));
// Add time-stamp
using (Signature timeStamp = new Signature())
{
// Begin session using PKCS#11
// General: "PathToDll;SlotId;Pin"
timeStamp.Provider = "****fill in****";
timeStamp.TimeStampURL = "http://tsa.swisssign.net";
secure.AddTimeStampSignature(timeStamp);
}
// Put time-stamp to document
if (!secure.SaveAs(outputPath, "", "", PDFPermission.ePermNoEncryption, 0, "", ""))
throw new Exception(String.Format("Unable to add time-stamp to document {0}. " +
"{1} (ErrorCode: 0x{2:x}).", outputPath, secure.ErrorMessage, secure.ErrorCode));
// Cleanup
secure.Close();
}
// Create secure object
secure = new Secure();
// Open input file
if (!secure.open(inputPath, ""))
throw new IOException(String.format("Input file %s cannot be opened. %s (ErrorCode: 0x%08x).",
inputPath, secure.getErrorMessage(), secure.getErrorCode()));
// Add time-stamp
timeStamp = new Signature();
// Begin session using PKCS#11
// General: "PathToDll;SlotId;Pin"
timeStamp.setProvider("*****fill in*****");
timeStamp.setTimeStampURL("http://tsa.swisssign.net");
secure.addTimeStampSignature(timeStamp);
// Put time-stamp to document
if (!secure.saveAs(outputPath, "", "", NativeLibrary.PERMISSION.ePermNoEncryption, 0, "", ""))
throw new IOException(String.format("Unable to add time-stamp to document %s. " +
"%s (ErrorCode: 0x%08x).", outputPath, secure.getErrorMessage(), secure.getErrorCode()));
// Cleanup
secure.close();
// Create secure object
pSecure = PdfSecureCreateObject();
// Open input file
if (!PdfSecureOpen(pSecure, szInputPath, _T("")))
{
_tprintf(_T("Input file %s cannot be opened. %s (ErrorCode: 0x%08x).\n"), szInputPath, PdfSecureGetErrorMessage(pSecure), PdfSecureGetErrorCode(pSecure));
iReturnValue = 1;
goto cleanup;
}
// Create signature object
pTimeStamp = PdfSignatureCreateObject();
// Add time-stamp
// Begin session using PKCS#11
// General: "PathToDll;SlotId;Pin"
PdfSignatureSetProvider(pTimeStamp, _T("****fill in****"));
PdfSignatureSetTimeStampURL(pTimeStamp, _T("http://tsa.swisssign.net"));
PdfSecureAddSignature(pSecure, pTimeStamp);
// Put time-stamp to document
if (!PdfSecureSaveAs(pSecure, szOutputPath, _T(""), _T(""), ePermNoEncryption, 0, _T(""), _T("")))
{
_tprintf(_T("Unable to add time-stamp to document %s. %s (ErrorCode: 0x%08x).\n"), szOutputPath, PdfSecureGetErrorMessage(pSecure), PdfSecureGetErrorCode(pSecure));
iReturnValue = 1;
goto cleanup;
}
// Cleanup
PdfSecureClose(pSecure);
Put time-stamp on a PDF using Swisscom All-in Signing Service
Generate a timestamp using the Swisscom All-in Signing Service.
// Create secure object
using (Secure secure = new Secure())
{
// Open input file
if (!secure.Open(inputPath, ""))
throw new Exception(String.Format("Input file {0} cannot be opened. " +
"{1} (ErrorCode: 0x{2:x}).", inputPath, secure.ErrorMessage, secure.ErrorCode));
// Required: insert missing value ‹customer name›:‹key identity›
secure.SetSessionPropertyString("Identity", "****fill in****");
// Required: set DSSProfile
secure.SetSessionPropertyString("DSSProfile", "http://ais.swisscom.ch/1.0");
// Required: insert byte array of SSL client certificate in PKCS#12 Format (.p12, .pfx)
secure.SetSessionPropertyBytes("SSLClientCertificate", File.ReadAllBytes("****fill in****"));
// Optional: insert password to decrypt the private key of the SSL client certificate
secure.SetSessionPropertyString("SSLClientCertificatePassword", "****fill in****");
// Recommended: set server's SSL certificate or its issuer (CA) certificate.
secure.SetSessionPropertyBytes("SSLServerCertificate", File.ReadAllBytes("ais.swisscom-root-ca.cer"));
// Create a Request-ID
Guid requestId = Guid.NewGuid();
secure.SetSessionPropertyString("RequestID", requestId.ToString("D"));
// Begin session using Swisscom All-in Signing Service
if (!secure.BeginSession(@"https://ais.swisscom.com/AIS-Server/rs/v1.0/sign"))
throw new Exception(String.Format("Unable to establish connection to Swisscom All-in " +
"Signing Service. {0} (ErrorCode: 0x{1:x}).", secure.ErrorMessage, secure.ErrorCode));
// Add time-stamp
using (Signature timeStamp = new Signature())
{
// Required, name of the signer
timeStamp.TimeStampURL = "urn:ietf:rfc:3161";
secure.AddTimeStampSignature(timeStamp);
}
// Sign document and put time-stamp
if (!secure.SaveAs(outputPath, "", "", PDFPermission.ePermNoEncryption, 0, "", ""))
throw new Exception(String.Format("Unable to sign document {0} and to put a time-stamp. " +
"{1} (ErrorCode: 0x{2:x}, Request-ID: {3}).", outputPath, secure.ErrorMessage,
secure.ErrorCode, requestId));
// Cleanup
secure.Close();
secure.EndSession();
}
// Create secure object
secure = new Secure();
// Open input file
if (!secure.open(inputPath, ""))
throw new IOException(String.format("Input file %s cannot be opened. %s (ErrorCode: 0x%08x).",
inputPath, secure.getErrorMessage(), secure.getErrorCode()));
// Required: insert missing value <customer name>:<key identity>
secure.setSessionPropertyString("Identity", "****fill in****");
// Required: set DSSProfile
secure.setSessionPropertyString("DSSProfile", "http://ais.swisscom.ch/1.0");
// Required: insert byte array of SSL client certificate in PKCS#12 Format (.p12, .pfx)
secure.setSessionPropertyBytes("SSLClientCertificate",
Files.readAllBytes(Paths.get("*****fill in*****")));
// Optional: insert password to decrypt the private key of the SSL client certificate
secure.setSessionPropertyString("SSLClientCertificatePassword", "****fill in****");
// Recommended: set server's SSL certificate or its issuer (CA) certificate.
secure.setSessionPropertyBytes("SSLServerCertificate",
Files.readAllBytes(Paths.get("ais.swisscom-root-ca.cer")));
// Create a Request-ID
UUID requestId = UUID.randomUUID();
secure.setSessionPropertyString("RequestID", requestId.toString());
// Begin session using Swisscom All-in Signing Service
if (!secure.beginSession("https://ais.swisscom.com/AIS-Server/rs/v1.0/sign"))
throw new IOException(String.format("Unable to establish connection to Swisscom All-in Signing "
+ "Service. %s (ErrorCode: 0x%08x).", secure.getErrorMessage(), secure.getErrorCode()));
// Add time-stamp
timeStamp = new Signature();
// Required, name of the signer
timeStamp.setTimeStampURL("urn:ietf:rfc:3161");
secure.addTimeStampSignature(timeStamp);
// Sign document and put time-stamp
if (!secure.saveAs(outputPath, "", "", NativeLibrary.PERMISSION.ePermNoEncryption, 0, "", ""))
throw new IOException(String.format("Unable to sign document %s and to put a time-stamp. " +
"%s (ErrorCode: 0x%08x, Request-ID: %s).", outputPath, secure.getErrorMessage(),
secure.getErrorCode(), requestId));
// Cleanup
secure.close();
secure.endSession();
// Create secure object
pSecure = PdfSecureCreateObject();
// Open input file
if (!PdfSecureOpen(pSecure, szInputPath, _T("")))
{
_tprintf(_T("Input file %s cannot be opened. %s (ErrorCode: 0x%08x).\n"), szInputPath, PdfSecureGetErrorMessage(pSecure), PdfSecureGetErrorCode(pSecure));
iReturnValue = 1;
goto cleanup;
}
// Required: insert missing value ‹customer name›:‹key identity›
PdfSecureSetSessionPropertyString(pSecure, _T("Identity"), _T("****fill in****"));
// Required: set DSSProfile
PdfSecureSetSessionPropertyString(pSecure, _T("DSSProfile"), _T("http://ais.swisscom.ch/1.0"));
// Required: insert byte array of SSL client certificate in PKCS#12 Format (.p12, .pfx)
PdfSecureSetSessionPropertyString(pSecure, _T("SSLClientCertificate"), _T("****fill in****"));
// Optional: insert password to decrypt the private key of the SSL client certificate
PdfSecureSetSessionPropertyString(pSecure, _T("SSLClientCertificatePassword"), _T("****fill in****"));
// Recommended: Path to server's SSL certificate or its issuer (CA) certificate.
PdfSecureSetSessionPropertyString(pSecure, _T("SSLServerCertificate"), _T("ais.swisscom-root-ca.cer"));
// Recommended, insert any string that can be used to track the request
PdfSecureSetSessionPropertyString(pSecure, _T("RequestID"), _T("AE57F021-C0EB-4AE0-8E5E-67FB93E5BC7F"));
// Begin session using Swisscom All-in Signing Service
if (!PdfSecureBeginSession(pSecure, _T("https://ais.swisscom.com/AIS-Server/rs/v1.0/sign")))
{
_tprintf(_T("Unable to establish connection to Swisscom All-in Signing Service. %s (ErrorCode: 0x%08x).\n"), PdfSecureGetErrorMessage(pSecure), PdfSecureGetErrorCode(pSecure));
iReturnValue = 1;
goto cleanup;
}
// Create signature object
pTimeStamp = PdfSignatureCreateObject();
// Add time-stamp
// Required, name of the signer
PdfSignatureSetTimeStampURL(pTimeStamp, _T("urn:ietf:rfc:3161"));
PdfSecureAddTimeStampSignature(pSecure, pTimeStamp);
// Sign document and put time-stamp
if (!PdfSecureSaveAs(pSecure, szOutputPath, _T(""), _T(""), ePermNoEncryption, 0, _T(""), _T("")))
{
_tprintf(_T("Unable to sign document %s and to put a time-stamp. %s (ErrorCode: 0x%08x).\n"), szOutputPath, PdfSecureGetErrorMessage(pSecure), PdfSecureGetErrorCode(pSecure));
iReturnValue = 1;
goto cleanup;
}
// Cleanup
PdfSecureClose(pSecure);
PdfSecureEndSession(pSecure);
Put time-stamp on a PDF using SwissSign Digital Signing Service
Generate a timestamp using the SwissSign Digital Signing Service.
// Create secure object
using (Secure secure = new Secure())
{
// Open input file
if (!secure.Open(inputPath, ""))
throw new Exception(String.Format("Input file {0} cannot be opened. " +
"{1} (ErrorCode: 0x{2:x}).", inputPath, secure.ErrorMessage, secure.ErrorCode));
// Required: identity of the signing certificate
secure.SetSessionPropertyString("Identity", "****fill in****");
// Required: set DSSProfile
secure.SetSessionPropertyString("DSSProfile", "http://dss.swisssign.net/dss/profile/pades/1.0");
// Required: insert byte array of SSL client certificate in PKCS#12 Format (.p12, .pfx)
secure.SetSessionPropertyBytes("SSLClientCertificate", File.ReadAllBytes("****fill in****"));
// Optional: password to decrypt the private key of the SSL client certificate
secure.SetSessionPropertyString("SSLClientCertificatePassword", "****fill in****");
// Recommended: Path to server's SSL certificate or its issuer (CA) certificate.
secure.SetSessionPropertyString("SSLServerCertificate", "swisssign-root-ca.cer");
// Create a Request-ID
Guid requestId = Guid.NewGuid();
secure.SetSessionPropertyString("RequestID", requestId.ToString("D"));
// Begin session using Swiss Sign Digital Signing Service
if (!secure.BeginSession(@"https://dss.signdemo.com/dss/DS"))
throw new Exception(String.Format("Unable to establish connection to Swiss Sign Digital " +
"Signing Service. {0} (ErrorCode: 0x{1:x}).", secure.ErrorMessage, secure.ErrorCode));
// Add time-stamp
using (Signature signature = new Signature())
{
signature.TimeStampURL = "http://tsa.swisssign.net";
secure.AddTimeStampSignature(signature);
}
// Save document
if (!secure.SaveAs(outputPath, "", "", PDFPermission.ePermNoEncryption, 0, "", ""))
throw new Exception(String.Format("Unable to put time-stamp to document {0}. " +
"{1} (ErrorCode: 0x{2:x}, Request-ID: {3}).", outputPath, secure.ErrorMessage,
secure.ErrorCode, requestId));
// Cleanup
secure.Close();
secure.EndSession();
}
// Create secure object
secure = new Secure();
// Open input file
if (!secure.open(inputPath, ""))
throw new IOException(String.format("Input file %s cannot be opened. " +
"%s (ErrorCode: 0x%08x).", inputPath, secure.getErrorMessage(), secure.getErrorCode()));
// Required: identity of the signing certificate
secure.setSessionPropertyString("Identity", "****fill in****");
// Required: set DSSProfile
secure.setSessionPropertyString("DSSProfile", "http://dss.swisssign.net/dss/profile/pades/1.0");
// Required: insert byte array of SSL client certificate in PKCS#12 Format (.p12, .pfx)
secure.setSessionPropertyBytes("SSLClientCertificate",
Files.readAllBytes(Paths.get("*****fill in*****")));
// Optional: insert password to decrypt the private key of the SSL client certificate
secure.setSessionPropertyString("SSLClientCertificatePassword", "****fill in****");
// Recommended: Path to server's SSL certificate or its issuer (CA) certificate.
secure.setSessionPropertyString("SSLServerCertificate", "swisssign-root-ca.cer");
// Create a Request-ID
UUID requestId = UUID.randomUUID();
secure.setSessionPropertyString("RequestID", requestId.toString());
// Begin session using Swiss Sign Digital Signing Service
if (!secure.beginSession("https://dss.signdemo.com/dss/DS"))
throw new IOException(String.format("Unable to establish connection to Swiss Sign Digital " +
"Service. %s (ErrorCode: 0x%08x).", secure.getErrorMessage(), secure.getErrorCode()));
// Add time-stamp
signature = new Signature();
signature.setTimeStampURL("http://tsa.swisssign.net");
secure.addTimeStampSignature(signature);
// Sign document and put time-stamp
if (!secure.saveAs(outputPath, "", "", NativeLibrary.PERMISSION.ePermNoEncryption, 0, "", ""))
throw new IOException(String.format("Unable to put time-stamp to document %s. " +
"%s (ErrorCode: 0x%08x, Request-ID: %s).", outputPath, secure.getErrorMessage(),
secure.getErrorCode(), requestId));
// Cleanup
secure.close();
secure.endSession();
// Create secure object
pSecure = PdfSecureCreateObject();
// Open input file
if (!PdfSecureOpen(pSecure, szInputPath, _T("")))
{
_tprintf(_T("Input file %s cannot be opened. %s (ErrorCode: 0x%08x).\n"), szInputPath, PdfSecureGetErrorMessage(pSecure), PdfSecureGetErrorCode(pSecure));
iReturnValue = 1;
goto cleanup;
}
// Required: insert missing value ‹customer name›:‹key identity›
PdfSecureSetSessionPropertyString(pSecure, _T("Identity"), _T("****fill in****"));
// Required: set DSSProfile
PdfSecureSetSessionPropertyString(pSecure, _T("DSSProfile"), _T("http://dss.swisssign.net/dss/profile/pades/1.0"));
// Required: insert byte array of SSL client certificate in PKCS#12 Format (.p12, .pfx)
PdfSecureSetSessionPropertyString(pSecure, _T("SSLClientCertificate"), _T("****fill in****"));
// Optional: insert password to decrypt the private key of the SSL client certificate
PdfSecureSetSessionPropertyString(pSecure, _T("SSLClientCertificatePassword"), _T("****fill in****"));
// Recommended: Path to server's SSL certificate or its issuer (CA) certificate.
PdfSecureSetSessionPropertyString(pSecure, _T("SSLServerCertificate"), _T("swisssign-root-ca.cer"));
// Recommended, insert any string that can be used to track the request, e.g. an UUID
PdfSecureSetSessionPropertyString(pSecure, _T("RequestID"), _T("1"));
// Begin session using Swiss Sign Digital Signing Service
if (!PdfSecureBeginSession(pSecure, _T("https://dss.signdemo.com/dss/DS")))
{
_tprintf(_T("Unable to establish connection to Swiss Sign Digital Signing Service. %s (ErrorCode: 0x%08x).\n"), PdfSecureGetErrorMessage(pSecure), PdfSecureGetErrorCode(pSecure));
iReturnValue = 1;
goto cleanup;
}
// Create signature object
pTimeStamp = PdfSignatureCreateObject();
// Add time-stamp
PdfSignatureSetTimeStampURL(pTimeStamp, _T("http://tsa.swisssign.net"));
PdfSecureAddTimeStampSignature(pSecure, pTimeStamp);
// Save document
if (!PdfSecureSaveAs(pSecure, szOutputPath, _T(""), _T(""), ePermNoEncryption, 0, _T(""), _T("")))
{
_tprintf(_T("Unable to put time-stamp to document %s. %s (ErrorCode: 0x%08x).\n"), szOutputPath, PdfSecureGetErrorMessage(pSecure), PdfSecureGetErrorCode(pSecure));
iReturnValue = 1;
goto cleanup;
}
// Cleanup
PdfSecureClose(pSecure);
PdfSecureEndSession(pSecure);
PAdES
Create PAdES-B-LTA signature on a PDF document
Upgrade a PDF document with a PAdES-B-T signature to a PDF document with a PAdES-B-LTA signature or enlarge the longevity of a document with an existing PAdES-B-LTA signature. Provided it is available, signature validation information is added for all signatures of the document and a new time-stamp is added. The validation information contains all public certificates of the signing certificate’s trust chain and the revocation data (OCSP or CRL) for all certificates that support revocation information.
// Create secure object
using (Secure secure = new Secure())
{
// Open input file
if (!secure.Open(inputPath, ""))
throw new Exception(String.Format("Input file {0} cannot be opened. " +
"{1} (ErrorCode: 0x{2:x}).", inputPath, secure.ErrorMessage, secure.ErrorCode));
// Begin session using PKCS#11 or Windows Cryptographic Provider
// General for PKCS#11: "PathToDll;SloId;Pin"
if (!secure.BeginSession("****fill in****"))
throw new Exception(String.Format("Unable to connect to selected cryptographic provider." +
" {0} (ErrorCode: 0x{1:x}).", secure.ErrorMessage, secure.ErrorCode));
// Add validation information for every signature
for (int i = 0; i < secure.SignatureCount; i++)
{
using (Signature signature = secure.GetSignature(i))
{
if (signature.HasSignature && !secure.AddValidationInformation(signature))
throw new Exception("Error adding validation information to \"" + signature.Name +
"\": " + secure.ErrorMessage);
}
}
// Add time-stamp
using (Signature timeStamp = new Signature())
{
timeStamp.TimeStampURL = "http://tsa.swisssign.net";
secure.AddTimeStampSignature(timeStamp);
}
// Create PAdES-B-LTA compliant document
if (!secure.SaveAs(outputPath, "", "", PDFPermission.ePermNoEncryption, 0, "", ""))
throw new Exception(String.Format("Error creating PAdES-B-LTA signature for {0}. " +
"{1} (ErrorCode: 0x{2:x}).", outputPath, secure.ErrorMessage, secure.ErrorCode));
// Cleanup
secure.Close();
secure.EndSession();
}
// Create secure object
secure = new Secure();
// Open input file
if (!secure.open(inputPath, ""))
throw new IOException(String.format("Input file %s cannot be opened. %s (ErrorCode: 0x%08x).",
inputPath, secure.getErrorMessage(), secure.getErrorCode()));
// Begin session using PKCS#11 or Windows Cryptographic Provider
// General for PKCS#11: "PathToDll;SloId;Pin"
if (!secure.beginSession("*****fill in*****"))
throw new IOException(String.format("Unable to connect to selected cryptographic provider. " +
"%s (ErrorCode: 0x%08x).", secure.getErrorMessage(), secure.getErrorCode()));
// Add validation information for every signature
for (int i=0; i < secure.getSignatureCount(); i++)
{
Signature signature = secure.getSignature(i);
if (signature.getHasSignature() && !secure.addValidationInformation(signature))
throw new IOException("Error adding validation information to \"" + signature.getName() +
"\": " + secure.getErrorMessage());
signature.destroyObject();
}
// Add time-stamp
timeStamp = new Signature();
timeStamp.setTimeStampURL("http://tsa.swisssign.net");
secure.addTimeStampSignature(timeStamp);
// Create PAdES-B-LTA compliant document
if (!secure.saveAs(outputPath, "", "", NativeLibrary.PERMISSION.ePermNoEncryption, 0, "", ""))
throw new IOException(String.format("Error creating PAdES-B-LTA signature for %s. %s " +
"(ErrorCode: 0x%08x).", outputPath, secure.getErrorMessage(), secure.getErrorCode()));
// Cleanup
secure.close();
secure.endSession();
// Create secure object
pSecure = PdfSecureCreateObject();
// Open input file
if (!PdfSecureOpen(pSecure, szInputPath, _T("")))
{
_tprintf(_T("Input file %s cannot be opened. %s (ErrorCode: 0x%08x).\n"), szInputPath, PdfSecureGetErrorMessage(pSecure), PdfSecureGetErrorCode(pSecure));
iReturnValue = 1;
goto cleanup;
}
// Begin session using PKCS#11 or Windows Cryptographic Provider
// General for PKCS#11: "PathToDll;SloId;Pin"
if (!PdfSecureBeginSession(pSecure, "****fill in****"))
{
_tprintf(_T("Unable to connect to selected cryptographic provider. %s (ErrorCode: 0x%08x).\n"), PdfSecureGetErrorMessage(pSecure), PdfSecureGetErrorCode(pSecure));
iReturnValue = 1;
goto cleanup;
}
// Add validation information for every signature
for (int i = 0; i < PdfSecureGetSignatureCount(pSecure); i++)
{
pSignature = PdfSecureGetSignature(pSecure, i);
if (PdfSignatureGetHasSignature(pSignature) && !PdfSecureAddValidationInformation(pSecure, pSignature))
{
_tprintf(_T("Error adding validation information to \"%s \": %s\n"), PdfSignatureGetName(pSignature), PdfSecureGetErrorMessage(pSecure));
iReturnValue = 1;
goto cleanup;
}
PdfSignatureDestroyObject(pSignature);
}
// Create signature object
pTimeStamp = PdfSignatureCreateObject();
// Add time-stamp
PdfSignatureSetTimeStampURL(pTimeStamp, _T("http://tsa.swisssign.net"));
PdfSecureAddTimeStampSignature(pSecure, pTimeStamp);
// Create PAdES-B-LTA compliant document
if (!PdfSecureSaveAs(pSecure, szOutputPath, _T(""), _T(""), ePermNoEncryption, 0, _T(""), _T("")))
{
_tprintf(_T("Error creating PAdES-B-LTE signature for %s. %s (ErrorCode: 0x%08x).\n"), szOutputPath, PdfSecureGetErrorMessage(pSecure), PdfSecureGetErrorCode(pSecure));
iReturnValue = 1;
goto cleanup;
}
// Cleanup
PdfSecureClose(pSecure);
PdfSecureEndSession(pSecure);
Create PAdES-B-T signature on PDF document
Add a digital signature with a time-stamp token to a PDF document satisfying the PAdES standard.
// Create secure object
using (Secure secure = new Secure())
{
// Open input file
if (!secure.Open(inputPath, ""))
throw new Exception(String.Format("Input file {0} cannot be opened. " +
"{1} (ErrorCode: 0x{2:x}).", inputPath, secure.ErrorMessage, secure.ErrorCode));
// Begin session using PKCS#11 or Windows Cryptographic Provider
// General for PKCS#11: "PathToDll;SlotId;Pin"
if (!secure.BeginSession("****fill in****"))
throw new Exception(String.Format("Unable to connect to selected cryptographic provider. " +
"{0} (ErrorCode: 0x{1:x}).", secure.ErrorMessage, secure.ErrorCode));
// Create signature object
using (Signature signature = new Signature())
{
signature.Name = certificate;
signature.SubFilter = "ETSI.CAdES.detached";
signature.TimeStampURL = "http://tsa.swisssign.net";
secure.AddSignature(signature);
// Create PAdES-B-T compliant document
if (!secure.SaveAs(outputPath, "", "", PDFPermission.ePermNoEncryption, 0, "", ""))
throw new Exception(String.Format("Error creating PAdES-B-T signature for {0}. " +
"{1} (ErrorCode: 0x{2:x}).", outputPath, secure.ErrorMessage, secure.ErrorCode));
}
// Cleanup
secure.Close();
secure.EndSession();
}
// Create secure object
secure = new Secure();
// Open input file
if (!secure.open(inputPath, ""))
throw new IOException(String.format("Input file %s cannot be opened. %s (ErrorCode: 0x%08x).",
inputPath, secure.getErrorMessage(), secure.getErrorCode()));
// Begin session using PKCS#11 or Windows Cryptographic Provider
// General for PKCS#11: "PathToDll;SloId;Pin"
if (!secure.beginSession("*****fill in*****"))
throw new IOException(String.format("Unable to connect to selected cryptographic provider. " +
"%s (ErrorCode: 0x%08x).", secure.getErrorMessage(), secure.getErrorCode()));
// Create signature object
signature = new Signature();
signature.setName(certificate);
signature.setSubFilter("ETSI.CAdES.detached");
signature.setTimeStampURL("http://tsa.swisssign.net");
secure.addSignature(signature);
// Create PAdES-B-T compliant document
if (!secure.saveAs(outputPath, "", "", NativeLibrary.PERMISSION.ePermNoEncryption, 0, "", ""))
throw new IOException(String.format("Error creating PAdES-B-T signature for %s. %s " +
"(ErrorCode: 0x%08x).", outputPath, secure.getErrorMessage(), secure.getErrorCode()));
// Cleanup
secure.close();
secure.endSession();
// Create secure object
pSecure = PdfSecureCreateObject();
// Open input file
if (!PdfSecureOpen(pSecure, szInputPath, _T("")))
{
_tprintf(_T("Input file %s cannot be opened. %s (ErrorCode: 0x%08x).\n"), szInputPath, PdfSecureGetErrorMessage(pSecure), PdfSecureGetErrorCode(pSecure));
iReturnValue = 1;
goto cleanup;
}
// Begin session using PKCS#11 or Windows Cryptographic Provider
// General for PKCS#11: "PathToDll;SloId;Pin"
if (!PdfSecureBeginSession(pSecure, "****fill in****"))
{
_tprintf(_T("Unable to connect to selected cryptographic provider. %s (ErrorCode: 0x%08x).\n"), PdfSecureGetErrorMessage(pSecure), PdfSecureGetErrorCode(pSecure));
iReturnValue = 1;
goto cleanup;
}
// Create signature object
pSignature = PdfSignatureCreateObject();
PdfSignatureSetName(pSignature, szCertificate);
PdfSignatureSetSubFilter(pSignature, _T("ETSI.CAdES.detached"));
PdfSignatureSetTimeStampURL(pSignature, _T("http://tsa.swisssign.net"));
PdfSecureAddSignature(pSecure, pSignature);
// Create PAdES-B-T compliant document
if (!PdfSecureSaveAs(pSecure, szOutputPath, _T(""), _T(""), ePermNoEncryption, 0, _T(""), _T("")))
{
_tprintf(_T("Error creating PAdES-B-T signature for %s. %s (ErrorCode: 0x%08x).\n"), szOutputPath, PdfSecureGetErrorMessage(pSecure), PdfSecureGetErrorCode(pSecure));
iReturnValue = 1;
goto cleanup;
}
// Cleanup
PdfSecureClose(pSecure);
PdfSecureEndSession(pSecure);
Signatures Validation
Validate digital signatures
Check if all signatures of a PDF document are valid. Use a Cryptographic Provider to access the certificate and to get necessary cryptographic algorithms. In case of an invalid signature, report its cause. Examine if the document has been modified after adding the last signature.
// Create secure object
using (Secure secure = new Secure())
{
// Open input file
if (!secure.Open(inputPath, ""))
throw new Exception(String.Format("Input file {0} cannot be opened. " +
"{1} (ErrorCode: 0x{2:x}).", inputPath, secure.ErrorMessage, secure.ErrorCode));
// Begin session using Windows Cryptographic Provider
if (!secure.BeginSession(""))
throw new Exception(String.Format("Unable to connect to Windows Cryptographic Provider. " +
"{0} (ErrorCode: 0x{1:x}).", secure.ErrorMessage, secure.ErrorCode));
// Iterate through all signatures
int latestSignedRevision = -1;
for (int sigNo = 0; sigNo < secure.SignatureCount; sigNo++)
{
using (Signature signature = secure.GetSignature(sigNo))
{
Console.Write(" {0}: ", sigNo + 1);
if (signature.HasSignature)
{
// Validate signature
bool ok = secure.ValidateSignature(signature);
// Process dependent checks
switch (secure.ErrorCode)
{
case PDFErrorCode.SIG_VAL_W_ISSUERCERT:
case PDFErrorCode.SIG_VAL_W_TSP:
case PDFErrorCode.SIG_VAL_W_TSPCERT:
case PDFErrorCode.SIG_VAL_W_NOTRUSTCHAIN:
case PDFErrorCode.SIG_VAL_W_PADES:
ok = false;
break;
}
Console.Write("Signed by \"{0}\" of \"{1}\" on {2}, ", signature.Name,
signature.Issuer, signature.Date);
if (ok)
{
// Signature is valid
Console.WriteLine("Signature is valid.");
}
else
{
// Signature is invalid
Console.WriteLine(secure.ErrorMessage);
}
if (signature.Revision > latestSignedRevision)
latestSignedRevision = signature.Revision;
}
else
{
// Field is not signed yet
Console.WriteLine("Field \"{0}\" not signed.", signature.FieldName);
}
}
}
// Check if securement has been modified after last signature
if (latestSignedRevision != -1 && latestSignedRevision < secure.RevisionCount - 1)
Console.WriteLine("Document has been updated after last signature");
// Cleanup
secure.Close();
secure.EndSession();
}
// Create secure object
secure = new Secure();
// Open input file
if (!secure.open(inputPath, ""))
throw new IOException(String.format("Input file %s cannot be opened. %s (ErrorCode: 0x%08x).",
inputPath, secure.getErrorMessage(), secure.getErrorCode()));
// Begin session with Windows Cryptographic Provider
if (!secure.beginSession(""))
throw new IOException(String.format("Unable to connect to Cryptographic Provider. " +
"%s (ErrorCode: 0x%08x).", secure.getErrorMessage(), secure.getErrorCode()));
// Iterate through all signatures
int latestSignedRevision = -1;
for (int sigNo = 0; sigNo < secure.getSignatureCount(); sigNo++)
{
Signature signature = secure.getSignature(sigNo);
try
{
System.out.printf(" %d: ", sigNo + 1);
if (signature.getHasSignature())
{
// Validate signature
boolean ok = secure.validateSignature(signature);
// Process dependent checks
switch (secure.getErrorCode())
{
case NativeLibrary.ERRORCODE.SIG_VAL_W_ISSUERCERT:
case NativeLibrary.ERRORCODE.SIG_VAL_W_TSP:
case NativeLibrary.ERRORCODE.SIG_VAL_W_TSPCERT:
case NativeLibrary.ERRORCODE.SIG_VAL_W_NOTRUSTCHAIN:
case NativeLibrary.ERRORCODE.SIG_VAL_W_PADES:
ok = false;
break;
}
System.out.printf("Signed by \"%s\" of \"%s\" on %s, ", signature.getName(),
signature.getIssuer(), signature.getDate());
if (ok)
{
// Signature is valid
System.out.println("Signature is valid.");
}
else
{
// Signature is invalid
System.out.println(secure.getErrorMessage());
}
if (signature.getRevision() > latestSignedRevision)
latestSignedRevision = signature.getRevision();
}
else
{
// Field is not signed yet
System.out.printf("Field \"%s\" not signed.\n", signature.getFieldName());
}
}
finally
{
// Clean up
if (signature != null)
signature.destroyObject();
}
}
// Check if document has been modified after last signature
if (latestSignedRevision != -1 && latestSignedRevision < secure.getRevisionCount() - 1)
System.out.println("Document has been updated after last signature");
// Cleanup
secure.close();
secure.endSession();
// Create secure object
pSecure = PdfSecureCreateObject();
// Open input file
if (!PdfSecureOpen(pSecure, szInputPath, _T("")))
{
_tprintf(_T("Input file %s cannot be opened. %s (ErrorCode: 0x%08x).\n"), szInputPath, PdfSecureGetErrorMessage(pSecure), PdfSecureGetErrorCode(pSecure));
iReturnValue = 1;
goto cleanup;
}
// Begin session with Windows Cryptographic Provider
if (!PdfSecureBeginSession(pSecure, _T("")))
{
_tprintf(_T("Unable to connect to Cryptographic Provider. %s (ErrorCode: 0x%08x).\n"), PdfSecureGetErrorMessage(pSecure), PdfSecureGetErrorCode(pSecure));
iReturnValue = 1;
goto cleanup;
}
// Iterate through all signatures
int iLatestSignedRevision = -1;
for (int iSigNo = 0; iSigNo < PdfSecureGetSignatureCount(pSecure); iSigNo++)
{
pSignature = PdfSecureGetSignature(pSecure, iSigNo);
_tprintf(_T(" %d: "), iSigNo + 1);
if (PdfSignatureGetHasSignature(pSignature))
{
// Validate signature
bool bOk = PdfSecureValidateSignature(pSecure, pSignature);
// Process dependent checks
switch (PdfSecureGetErrorCode(pSecure))
{
case SIG_VAL_W_ISSUERCERT:
case SIG_VAL_W_TSP:
case SIG_VAL_W_TSPCERT:
case SIG_VAL_W_NOTRUSTCHAIN:
case SIG_VAL_W_PADES:
bOk = false;
break;
}
_tcscpy(szIssuer, PdfSignatureGetIssuer(pSignature));
_tprintf(_T("Signed by \"%s\" of \"%s\" on %s, "), PdfSignatureGetName(pSignature), szIssuer, PdfSignatureGetDate(pSignature));
if (bOk)
{
// Signature is valid
_tprintf(_T("Signature is valid.\n"));
}
else
{
// Signature is invalid
_tprintf(_T("%s\n"), PdfSecureGetErrorMessage(pSecure));
}
if (PdfSignatureGetRevision(pSignature) > iLatestSignedRevision)
iLatestSignedRevision = PdfSignatureGetRevision(pSignature);
}
else
{
// Field is not signed yet
_tprintf(_T("Field \"%s\" not signed.\n"), PdfSignatureGetFieldName(pSignature));
}
}
PdfSignatureDestroyObject(pSignature);
// Check if securement has been modified after last signature
if (iLatestSignedRevision != -1 && iLatestSignedRevision < PdfSecureGetRevisionCount(pSecure))
{
_tprintf(_T("Document hast been updated after last signature.\n"));
iReturnValue = 1;
goto cleanup;
}
// Cleanup
PdfSecureClose(pSecure);
PdfSecureEndSession(pSecure);
Stamping
Revise draft document by setting a stamp
Put a stamp on the PDF document to make the revision visible. At the same time, sign the document to prove the authenticity of the revision.
// Create secure object
using (Secure secure = new Secure())
{
// Open input file
if (!secure.Open(inputPath, ""))
throw new Exception(String.Format("Input file {0} cannot be opened. " +
"{1} (ErrorCode: 0x{2:x}).", inputPath, secure.ErrorMessage, secure.ErrorCode));
// Set revision stamp
if (!secure.AddStamps(stampPath))
throw new Exception(String.Format("Unable to add stamp file {0}. {1} (ErrorCode: 0x{2:x}).",
stampPath, secure.ErrorMessage, secure.ErrorCode));
// Begin session with windows cryptographic provider
if (!secure.BeginSession(""))
throw new Exception(String.Format("Unable to connect to Windows Cryptographic Provider. " +
"{0} (ErrorCode: 0x{1:x}).", secure.ErrorMessage, secure.ErrorCode));
// Create signature object
using (Signature signature = new Signature())
{
signature.Name = certificate;
secure.AddSignature(signature);
// Add stamp to document and sign it
if (!secure.SaveAs(outputPath, "", "", PDFPermission.ePermNoEncryption, 0, "", ""))
throw new Exception(String.Format("Unable to put a stamp to document {0} and " +
"to sign it. {1} (ErrorCode: 0x{2:x}).", outputPath, secure.ErrorMessage,
secure.ErrorCode));
}
// Cleanup
secure.Close();
secure.EndSession();
}
// Create secure object
secure = new Secure();
// Open input file
if (!secure.open(inputPath, ""))
throw new IOException(String.format("Input file %s cannot be opened. %s (ErrorCode: 0x%08x).",
inputPath, secure.getErrorMessage(), secure.getErrorCode()));
// Set revision stamp
if (!secure.addStamps(stampPath))
throw new IOException(String.format("Unable to add stamp file %s. %s (ErrorCode: 0x%08x).",
stampPath, secure.getErrorMessage(), secure.getErrorCode()));
// Begin session with Windows Cryptographic Provider
if (!secure.beginSession(""))
throw new IOException(String.format("Unable to connect to Cryptographic Provider. " +
"%s (ErrorCode: 0x%08x).", secure.getErrorMessage(), secure.getErrorCode()));
// Create signature object
signature = new Signature();
signature.setName(certificate);
secure.addSignature(signature);
// Add stamp to document and sign it
if (!secure.saveAs(outputPath, "", "", NativeLibrary.PERMISSION.ePermNoEncryption, 0, "", ""))
throw new IOException(String.format("Unable to put a stamp to document %s and to sign it. %s " +
"(ErrorCode: 0x%08x).", outputPath, secure.getErrorMessage(), secure.getErrorCode()));
// Cleanup
secure.close();
secure.endSession();
// Create secure object
pSecure = PdfSecureCreateObject();
// Open input file
if (!PdfSecureOpen(pSecure, szInputPath, _T("")))
{
_tprintf(_T("Input file %s cannot be opened. %s (ErrorCode: 0x%08x).\n"), szInputPath, PdfSecureGetErrorMessage(pSecure), PdfSecureGetErrorCode(pSecure));
iReturnValue = 1;
goto cleanup;
}
// Set revision stamp
if (!PdfSecureAddStamps(pSecure, szStampPath))
{
_tprintf(_T("Unable to add stamp file %s. %s (ErrorCode: 0x%08x).\n"), szStampPath, PdfSecureGetErrorMessage(pSecure), PdfSecureGetErrorCode(pSecure));
iReturnValue = 1;
goto cleanup;
}
// Begin session with Windows Cryptographic Provider
if (!PdfSecureBeginSession(pSecure, _T("")))
{
_tprintf(_T("Unable to connect to Cryptographic Provider. %s (ErrorCode: 0x%08x).\n"), PdfSecureGetErrorMessage(pSecure), PdfSecureGetErrorCode(pSecure));
iReturnValue = 1;
goto cleanup;
}
// Create signature object
pSignature = PdfSignatureCreateObject();
PdfSignatureSetName(pSignature, szCertificate);
PdfSecureAddSignature(pSecure, pSignature);
// Add stamp to document and sign it
if (!PdfSecureSaveAs(pSecure, szOutputPath, _T(""), _T(""), ePermNoEncryption, 0, _T(""), _T("")))
{
_tprintf(_T("Unable to put a stamp to document %s and to sign it. %s (ErrorCode: 0x%08x).\n"), szOutputPath, PdfSecureGetErrorMessage(pSecure), PdfSecureGetErrorCode(pSecure));
iReturnValue = 1;
goto cleanup;
}
// Cleanup
PdfSecureClose(pSecure);
PdfSecureEndSession(pSecure);
Add watermark on a PDF document
Put a watermark on each page of a PDF document which is scaled according to the corresponding page size. Use an XML-file for the design and the position of the watermark stamp.
// Create secure object
using (Secure secure = new Secure())
{
// Open input file
if (!secure.Open(inputPath, ""))
throw new Exception(String.Format("Input file {0} cannot be opened. " +
"{1} (ErrorCode: 0x{2:x}).", inputPath, secure.ErrorMessage, secure.ErrorCode));
// Create xml for watermark stamp
string xmlString = "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n" +
"<pdfstamp xmlns=\"http://www.pdf-tools.com/pdfstamp/\">\n" +
" <stamp page=\"all\" size=\"595 842\" align=\"center middle\" " +
" scale=\"relToA4\" autoorientation=\"true\" type=\"foreground\">\n" +
" <rotate angle=\"55\" origin=\"298 421\">\n" +
" <text mode=\"stroke\" align=\"center middle\" position=\"298 421\"\n" +
" font=\"Arial,Bold\" size=\"60\"\n" +
" text=\"WATERMARK TEXT\"/>\n" +
" </rotate>\n" +
" </stamp>\n" +
"</pdfstamp>\n";
byte[] watermark = Encoding.UTF8.GetBytes(xmlString);
// Set watermark from memory
if (!secure.AddStampsMem(watermark))
throw new Exception(String.Format("Unable to add watermark file. {0} (ErrorCode: 0x{1:x}).",
secure.ErrorMessage, secure.ErrorCode));
// Imprint watermark on document
if (!secure.SaveAs(outputPath, "", "", PDFPermission.ePermNoEncryption, 0, "", ""))
throw new Exception(String.Format("Unable to imprint watermark on document {0}. " +
"{1} (ErrorCode: 0x{2:x}).", outputPath, secure.ErrorMessage, secure.ErrorCode));
}
// Create secure object
secure = new Secure();
// Open input file
if (!secure.open(inputPath, ""))
throw new IOException(String.format("Input file %s cannot be opened. %s (ErrorCode: 0x%08x).",
inputPath, secure.getErrorMessage(), secure.getErrorCode()));
// Create xml for watermark stamp
String xmlString = "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n" +
"<pdfstamp xmlns=\"http://www.pdf-tools.com/pdfstamp/\">\n" +
" <stamp page=\"all\" size=\"595 842\" align=\"center middle\" " +
" scale=\"relToA4\" autoorientation=\"true\" type=\"foreground\">\n" +
" <rotate angle=\"55\" origin=\"298 421\">\n" +
" <text mode=\"stroke\" align=\"center middle\" position=\"298 421\"\n" +
" font=\"Arial,Bold\" size=\"60\"\n" +
" text=\"WATERMARK TEXT\"/>\n" +
" </rotate>\n" +
" </stamp>\n" +
"</pdfstamp>\n";
byte[] watermark = xmlString.getBytes(Charset.forName("UTF-8"));
// Set watermark from memory
if (!secure.addStampsMem(watermark))
throw new IOException(String.format("Unable to add watermark file. %s (ErrorCode: 0x%08x).",
secure.getErrorMessage(), secure.getErrorCode()));
// Imprint watermark on document
if (!secure.saveAs(outputPath, "", "", NativeLibrary.PERMISSION.ePermNoEncryption, 0, "", ""))
throw new IOException(String.format("Unable to imprint watermark on document %s. %s " +
"(ErrorCode: 0x%08x).", outputPath, secure.getErrorMessage(), secure.getErrorCode()));
// Create secure object
pSecure = PdfSecureCreateObject();
// Decrypt input file
if (!PdfSecureOpen(pSecure, szInputPath, _T("")))
{
_tprintf(_T("Input file %s cannot be opened. %s (ErrorCode: 0x%08x).\n"), szInputPath, PdfSecureGetErrorMessage(pSecure), PdfSecureGetErrorCode(pSecure));
iReturnValue = 1;
goto cleanup;
}
// Create xml for watermark stamp
pXmlString = "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n" \
"<pdfstamp xmlns=\"http://www.pdf-tools.com/pdfstamp/\">\n" \
" <stamp page=\"all\" size=\"595 842\" align=\"center middle\" " \
" scale=\"relToA4\" autoorientation=\"true\" type=\"foreground\">\n" \
" <rotate angle=\"55\" origin=\"298 421\">\n" \
" <text mode=\"stroke\" align=\"center middle\" position=\"298 421\"\n" \
" font=\"Arial,Bold\" size=\"60\"\n" \
" text=\"WATERMARK TEXT\"/>\n" \
" </rotate>\n" \
" </stamp>\n" \
"</pdfstamp>\n";
// Set watermark from memory
if (!PdfSecureAddStampsMem(pSecure, (void*) pXmlString, strlen(pXmlString)))
{
_tprintf(_T("Unable to add watermark file. %s (ErrorCode: 0x%08x).\n"), PdfSecureGetErrorMessage(pSecure), PdfSecureGetErrorCode(pSecure));
iReturnValue = 1;
goto cleanup;
}
// Imprint watermark on document
if (!PdfSecureSaveAs(pSecure, szOutputPath, _T(""), _T(""), ePermNoEncryption, 0, _T(""), _T("")))
{
_tprintf(_T("Unable to imprint watermark on document %s. %s (ErrorCode: 0x%08x).\n"), szOutputPath, PdfSecureGetErrorMessage(pSecure), PdfSecureGetErrorCode(pSecure));
iReturnValue = 1;
goto cleanup;
}
// Cleanup
PdfSecureClose(pSecure);
In Memory
Sign PDF in memory
Read a PDF from a byte stream, sign it and return the result as byte stream. Use a Cryptographic Provider to access the certificate and to get the necessary cryptographic algorithms. For demonstration purpose, the PDF byte stream is created from file and the resulting byte stream is written back to a file.
// Create secure object
using (Secure secure = new Secure())
{
// Open input file
if (!secure.OpenMem(inputBuffer, ""))
throw new Exception(String.Format("Input buffer cannot be opened in-memory. " +
"{0} (ErrorCode: 0x{1:x}).", secure.ErrorMessage, secure.ErrorCode));
// Begin session with Windows Cryptographic Provider
if (!secure.BeginSession(""))
throw new Exception(String.Format("Unable to connect to Windows Cryptographic Provider. " +
"{0} (ErrorCode: 0x{1:x}).", secure.ErrorMessage, secure.ErrorCode));
// Create signature object
using (Signature signature = new Signature())
{
signature.Name = certificate;
secure.AddSignature(signature);
// Save output buffer in-memory
if (!secure.SaveInMemory("", "", PDFPermission.ePermNoEncryption, 0, "", ""))
throw new Exception(String.Format("Unable to sign document {0}. " +
"{1} (ErrorCode: 0x{2:x}).", outputPath, secure.ErrorMessage, secure.ErrorCode));
// Get output PDF as byte array
byte[] outputBuffer = secure.GetPdf();
if (outputBuffer == null)
throw new Exception(String.Format("Output file %s cannot be created." , outputPath));
// Write bytes to output file
File.WriteAllBytes(outputPath, outputBuffer);
}
// Cleanup
secure.Close();
secure.EndSession();
}
// Create secure object
secure = new Secure();
// Open input file
if (!secure.openMem(inputBuffer, ""))
throw new Exception(String.format("Input buffer cannot be opened in-memory. " +
"%s (ErrorCode: 0x%08x).", secure.getErrorMessage(), secure.getErrorCode()));
// Begin session with Windows Cryptographic Provider
if (!secure.beginSession(""))
throw new IOException(String.format("Unable to connect to Cryptographic Provider. " +
"%s (ErrorCode: 0x%08x).", secure.getErrorMessage(), secure.getErrorCode()));
// Create signature object
signature = new Signature();
signature.setName(certificate);
secure.addSignature(signature);
// Save output buffer in-memory
if (!secure.saveInMemory("", "", NativeLibrary.PERMISSION.ePermNoEncryption, 0, "", ""))
throw new IOException(String.format("Unable to sign document %s. %s (ErrorCode: 0x%08x).",
outputPath, secure.getErrorMessage(), secure.getErrorCode()));
// Get output PDF as byte array
byte[] outputBuffer = secure.getPdf();
if (outputBuffer == null)
throw new IOException(String.format("Output file %s cannot be created.", outputPath));
// Write bytes to output file
Files.write(Paths.get(outputPath), outputBuffer, StandardOpenOption.CREATE_NEW);
// Cleanup
secure.close();
secure.endSession();
// Create secure object
pSecure = PdfSecureCreateObject();
// Open input file
if (!PdfSecureOpenMem(pSecure, pInputBuffer, nLength, _T("")))
{
_tprintf(_T("Input buffer cannot be opened in-memory. %s (ErrorCode: 0x%08x).\n"), PdfSecureGetErrorMessage(pSecure), PdfSecureGetErrorCode(pSecure));
iReturnValue = 1;
goto cleanup;
}
// Begin session with Windows Cryptographic Provider
if (!PdfSecureBeginSession(pSecure, _T("")))
{
_tprintf(_T("Unable to connect to Cryptographic Provider. %s (ErrorCode: 0x%08x).\n"), PdfSecureGetErrorMessage(pSecure), PdfSecureGetErrorCode(pSecure));
iReturnValue = 1;
goto cleanup;
}
// Create signature object
pSignature = PdfSignatureCreateObject();
PdfSignatureSetName(pSignature, szCertificate);
PdfSecureAddSignature(pSecure, pSignature);
// Save output PDF as byte array
if (!PdfSecureSaveInMemory(pSecure, _T(""), _T(""), ePermNoEncryption, 0, _T(""), _T("")))
{
_tprintf(_T("Unable to sign document %s. %s (ErrorCode: 0x%08x).\n"), szOutputPath, PdfSecureGetErrorMessage(pSecure), PdfSecureGetErrorCode(pSecure));
iReturnValue = 1;
goto cleanup;
}
// Get output PDG as byte array
pOutputBuffer = PdfSecureGetPdf(pSecure);
if ((pData = _tfopen(szOutputPath, _T("wb"))) == NULL)
{
_tprintf(_T("Output file %s cannot be created.\n"), szOutputPath);
iReturnValue = 1;
goto cleanup;
}
// Write bytes to output file
fwrite(pOutputBuffer->m_pData, pOutputBuffer->m_nLength, 1, pData);
fclose(pData);
// Cleanup
PdfSecureClose(pSecure);
PdfSecureEndSession(pSecure);