// // Copyright (c) 2001-2023 by Apryse Software Inc. All Rights Reserved. // using System; using System.Collections.Generic; using System.IO; using pdftron; using pdftron.Common; using pdftron.PDF; using pdftron.PDF.Annots; using pdftron.SDF; using pdftron.Crypto; namespace DigitalSignaturesTestCS { class Class1 { static string input_path = "../../../../TestFiles/"; static string output_path = "../../../../TestFiles/Output/"; static void AuthorCertifyPDF( string in_approval_field_name, Rect widget_rect, string in_public_certificate_file_path, string in_private_key_file_path, string in_keyfile_password, string in_appearance_img_path, string tsa_url, string in_timestamp_authority_root_certificate_path, string in_outpath) { Console.Out.WriteLine("================================================================================"); Console.Out.WriteLine("Signing PDF document"); // create new, single page, PDF. using (PDFDoc doc = new PDFDoc()) { var page = doc.PageCreate(); doc.PagePushBack(page); // Create a digital signature field and associated widget. DigitalSignatureField digsig_field = doc.CreateDigitalSignatureField(in_approval_field_name); SignatureWidget widgetAnnot = SignatureWidget.Create(doc, widget_rect, digsig_field); if(in_appearance_img_path != null) { Image img = Image.Create(doc, in_appearance_img_path); widgetAnnot.CreateSignatureAppearance(img); } page.AnnotPushBack(widgetAnnot); digsig_field.SetDocumentPermissions(DigitalSignatureField.DocumentPermissions.e_annotating_formfilling_signing_allowed); // Create a digital signature dictionary inside the digital signature field, in preparation for signing. digsig_field.CreateSigDictForCustomCertification("Adobe.PPKLite", DigitalSignatureField.SubFilterType.e_adbe_pkcs7_detached, 8200); // For security reasons, set the contents size to a value greater than but as close as possible to the size you expect your final signature to be, in bytes. // Save the document incrementally to avoid invalidating any previous signatures. doc.Save(in_outpath, SDFDoc.SaveOptions.e_incremental); digsig_field = new DigitalSignatureField(doc.GetField(in_approval_field_name)); // Digest the relevant bytes of the document in accordance with ByteRanges surrounding the signature. byte[] pdf_digest = digsig_field.CalculateDigest(DigestAlgorithm.Type.e_sha256); byte[] in_pkcs12_buffer = File.ReadAllBytes(in_private_key_file_path); byte[] signature_value = DigitalSignatureField.SignDigest(pdf_digest, in_pkcs12_buffer, in_keyfile_password, false, DigestAlgorithm.Type.e_sha256); // Write the signature to the document. doc.SaveCustomSignature(signature_value, digsig_field, in_outpath); digsig_field = new DigitalSignatureField(doc.GetField(in_approval_field_name)); // Add embedded timestamp to signature. TimestampingConfiguration tst_config = new TimestampingConfiguration(tsa_url); VerificationOptions opts = new VerificationOptions(VerificationOptions.SignatureVerificationSecurityLevel.e_compatibility_and_archiving); opts.AddTrustedCertificate(in_timestamp_authority_root_certificate_path); /////////////////////////////////////////////////////////////////////////////// // For your Public certificate you need to add with elevated (non-default) permissions when Certifying. opts.AddTrustedCertificate(in_public_certificate_file_path, (ushort) VerificationOptions.CertificateTrustFlag.e_default_trust | (ushort) VerificationOptions.CertificateTrustFlag.e_certification_trust); /////////////////////////////////////////////////////////////////////////////// opts.EnableOnlineCRLRevocationChecking(true); // Add LTV VerificationResult timestampVerificationResult = digsig_field.Verify(opts); if(!timestampVerificationResult.GetVerificationStatus()) { throw new Exception("Error with time stamping verification."); } else if (!digsig_field.EnableLTVOfflineVerification(timestampVerificationResult)) { throw new Exception("Could not enable LTV for signature."); } // end LTV TimestampingResult result = digsig_field.GenerateContentsWithEmbeddedTimestamp(tst_config, opts); if (!result.GetStatus()) { throw new Exception(result.GetString()); } doc.SaveCustomSignature(result.GetData(), digsig_field, in_outpath); } } private static pdftron.PDFNetLoader pdfNetLoader = pdftron.PDFNetLoader.Instance(); static Class1() { } /// /// The main entry point for the application. /// [STAThread] static void Main(string[] args) { // Initialize PDFNetC PDFNet.Initialize(PDFTronLicense.Key); bool result = true; try { AuthorCertifyPDF( "PDFTronCertificationSig", new Rect(0, 0, 0, 0), // Author/certification signatures do not have to be visible. input_path + "pdftron.cer", input_path + "pdftron.pfx", "password", null, // if you want it visible, set Rect above and image path here "http://rfc3161timestamp.globalsign.com/advanced", input_path + "GlobalSignRootForTST.cer", output_path + "certified.pdf"); } catch (Exception e) { Console.Error.WriteLine(e); } } } }