PDF digital signature SDK
We are software house in document management are, and we want incorporate in our document management solution the feature of PDF digital signature.
What is your best SDK product for doing this (PDF Library SDK or Acrobat SDK)?
We have a windows client developed in C++ unmanaged and a web client developed in C#.
And what is the price of the product?
The price includes royalty free when delivered integrated with our product?
Thanks & Regards,
Rui Oliveira
It is to be delivered integrated with our software that it is installed in multiple servers and with multiple web/windows computers doing digital signatures.
The windows client is developed in C++ unmanaged and the web client developed in C#.
In first stage, could be enough to integrate with our windows version (developed in C++ unmanaged). This is a thick windows client installed in each client computer (Acrobat Pro is not installed in each client computer).
tks
Similar Messages
-
PDF Digital Signature for Offer letter
How to enable, pdf digital signature for BI Publisher, we need to enable for the offer letter generated thro' irecruitment .
Please advice
Thanks
SivaI haven't seen anything related to doing this for iRecruitment but have you checked over the standard BI Publisher support for digital signatures?
17 Support for Digital Signature in PDF Documents
http://download.oracle.com/docs/cd/E10383_01/doc/bip.1013/e10416/bip_digital_sigs.htm -
PDF Digital Signature using SM2 Encryption
Hi,
Is there any way to use SM2 encryption for digital signature in PDF instead of the default encryption?
Thanks,
Amir MehmoodHi Lrosenth,
Could you please help me with the following questions regarding SM2 encryption.
1) Whether Adobe China supports SM2 algorithm inside their Chinese version of Adobe Reader. US version does not support SM2 algorithm so signature validation will fail even if we were to use SM2 algorithm in our PDFs. This will be a key question to ask Adobe China and how they support viewing/validating of signed PDFs.
2) We use iText library to digitally sign the PDF document. iText uses BouncyCastle library (http://bouncycastle.org/specifications.html) to perform the actual encryption. SM2 algorithm is not supported by BouncyCastle out-of-the-box so we will need to extend BouncyCastle by implementing SM2 and modifying iText (open source version) to use SM2 for digitally signing the PDF. This could be a non-trivial task. So, the question is how do the Chinese digitally sign their PDFs using SM2? Do they use a third-party library that we can license?
3) Does Adobe China provide a PDF Java library for programmatically modifying and signing a PDF which is "Chinese"-compliant?
Thank you -
Crystal Reports 2008 - PDF Digital Signatures
Hello All,
I'll appreciate if somebody can help me with a customer requirement.
We are using .NET Crystal Reports 2008 libraries to render reports, basically, programatically we open an RPT file, inyect data vía XML and render the report. Everything works fine, and the same .NET component let us to get a PDF version of the report.
What we need to do now, according to our customer's requirement is how to add a Digital Signature to the PDF report.
The one million question is: Is there any way using Crystal Reports 2008 .NET Libraries to add a Digital Signature to a report (in its PDF version)???
Thanks in advance for your Help
AdriáAt least one of the 3rd-party Crystal report Desktop Scheduling tools listed at: http://www.kenhamady.com/bookmarks.html
provides this functionality. -
Extract name from pdf digital signature
I'm looking for info on extracting the digital signature name from a digitally signed field already in the pdf. I can see the signature when I open the file in Adobe Reader, but when I read the fields using cfpdfform, the digital signature field and its info is not listed amoung the fields.
What procedure piece am I missing?Hi all,
i have the same problem. Is it possible that only we have this problem? I found solutions with external partners, but i think it should be possible to do it inside SAP R/3, isn't it?
best regards
Erwin -
PDF digital signatures for beginners
I am developing a PHP application that automatically signs pdf files and I am very confused about certain aspects. I read the PDF specifications and managed through the part of adding annotation, objects, empty signature field, etc but I don't seem to understand anything about computing the hash for the /Contents in the signature dictionary. The documentation is pretty vague about this part. Here's what I am interested in:
what specific hash algorithm do I have to apply to the newly generated pdf file with the dummy signature?
(I should mention that I am inclining using for the /SubFilter adbe.pkcs7.detached or adbe.pkcs7.sha1,)
what is the content of the pkcs7 envelope and how do I generate it?
how to convert the pkcs7 envelope to hex?
I must mention I have no training in cryptography and I've come to this forum after a few days of documenting on the subject without any succes.I am at the point where I have a certificate, a private key (in PEM or DER format) and a binary string (the data that needs to be hashed). I would be helpfull if someone could explain me (in plain english, like telling a story) what to do to obtain the final value of the signature that's going to go in the final version of the file (ie: the value for the /Contents).
I must say that I've tried a work-around: tried openssl_pkcs7_sign that signs an S/MIME message and tried to extract the signature from there and I got to the point where when opening the file in Acrobat I get the message that the signature is invalid because the document has been altered or corrupted since it was applied. Since this doesn't work I am ready to implement the hashing function from 0, but I didn't find anywhere an example, structure or any other information on the pkcs7 envelope for pdf files. I am glad for any help, even if it means just some reading suggestions (with titles, maybe links, not just saying that I need to do more reading, please).
I am also attaching a file and maybe someone can analyze it and tell me what is wrong with it. I know there is some unnecesary data n the file, but I believe it has nothing to do with the signature. -
Hi,
Does any body know how to write a PKCS#7 (Public Key Cryptography Standard) object in java. This object has to be written to PDF file in order to generate signed pdf's.
plz let me now any code samples or URLs to write PKCS#7 format. I dont want to use third party libraries.
Thanks in advance.
Subhani.Here i'm attaching a sample file how to generate signature for PDF document. If i remove the BouncyCastle clasess the rest of the program perfectly compiled and generated valid signature bytes and i used BC clasess to convert this signature bytes in to PKCS#7 Format. one error is "gen.addCertificatesAndCRLs" of BC accept CertStore where as i got CertChain from keystore. (plz see the code)
import java.security.*;
import java.security.cert.*;
import java.security.spec.*;
import java.io.*;
import java.util.*;
import org.bouncycastle.cms.*;
public class TestDigSig {
// Generate a RSA signature
public TestDigSig() {
try {
KeyStore keyStore = KeyStore.getInstance("PKCS12");
// aa.pfx - Trial Digitlal Id got from Verisign site.
keyStore.load(new FileInputStream("aa.pfx"), storepswd);
Provider provider = keyStore.getProvider();
for(Enumeration e = keyStore.aliases() ; e.hasMoreElements() ;) {
alias = e.nextElement().toString();
// Retrieving private key
PrivateKey privKey = (PrivateKey)keyStore.getKey(alias, storepswd);
java.security.cert.X509Certificate cert = (java.security.cert.X509Certificate)keyStore.getCertificate(alias);
java.security.cert.Certificate[] certChain =
keyStore.getCertificateChain(alias);
// Length of certChain is 3
//System.out.println("certificte chain "+certChain.length);
// Retrieving public key
PublicKey pubKey = cert.getPublicKey();
// Have to support RSA - MD5 only
Signature rsa = Signature.getInstance("MD5withRSA");
rsa.initSign(privKey);
/* Update and sign the data */
// dumpPart1.dat and dumpPart2.dat are bytes of PDF document.
// Two dat files are compulsory in order to embed signature(PKCS#7 Format) in PDF doc
FileInputStream fis = new FileInputStream("dumpPart1.dat");
BufferedInputStream bufin = new BufferedInputStream(fis);
byte[] buffer = new byte[1024];
int len;
while (bufin.available() != 0) {
len = bufin.read(buffer);
rsa.update(buffer, 0, len);
bufin.close();
FileInputStream fis1 = new FileInputStream("dumpPart2.dat");
BufferedInputStream bufin1 = new BufferedInputStream(fis1);
byte[] buffer1 = new byte[1024];
int len1;
while (bufin1.available() != 0) {
len1 = bufin1.read(buffer1);
rsa.update(buffer1, 0, len1);
bufin1.close();
/* Now that all the data to be signed has been read in,
generate a signature for it */
// The array contains signature bytes.
byte[] rsaSign = rsa.sign();
// using BouncyCastl clasess for PKCS#7 Format
CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
gen.addSigner(privKey, cert, CMSSignedDataGenerator.DIGEST_MD5);
gen.addCertificatesAndCRLs(certChain);
CMSProcessableByteArray process = new CMSProcessableByteArray(rsaSign);
CMSSignedData data = gen.generate(process, "BC");
FileOutputStream contentStream = new FileOutputStream("chkContent");
contentStream.write(data.getEncoded());
contentStream.close();
} catch(Exception e) {
e.printStackTrace();
public static void main(String[] args) {
new TestDigSig();
private char[] storepswd = {'1', '2', '3'};
private String alias;
If you have any piece of code that how to create a PKCS#7 object using BC clasess, please let me know.
Thanks. -
Verifying digital signatures in PDF documents
I'm working on verifying PDFs digital signatures.
I know that when a PDF is signed, a byterange is defined, the certificates get embedded, and from what i've read, the signed message digest and the timestamp are also stored in the PDF.
I already can extract the certificates and validate them. Now I'm trying to validate the pdf's integrity and my problem is I don't know where the signed message digest is located.
In this sample signed pdf (http://blogs.adobe.com/security/SampleSignedPDFDocument.pdf), I can clearly identify the digest since it is down below the embedded certificates: /DigestMethod/MD5/DigestValue/ (line 1520).
But that PDF sample seems to be from 2009, and I suspect the message digest is stored in a different way now, because I signed a PDF with Adobe Reader and I can't find any message digest field like the previous one. Can someone tell if the digests are now stored in a different way? Where are they located?
Anyway, for now I'm using that sample document, and trying to verify its integrity. I'm getting the document's bytes to be signed acording to the specified byterange, and digesting them with MD5 algorithm, but the digest value I get doesn't match with the one from the message digest field... Am I doing something wrong? Is the digest also signed with the signer's private key?
I appreciate any help.You cannot rely on the digest to be in a certain place in PDF. If you want to manually verify the digest in a PDF signature here's what you need to do.
1. Open PDF in a Text Editor.
2. Find Signature Dictionary for your signature.
3. Get the Hex String which is the value of the /Contents entry in the Signature Dictionary.
4. Convert Hex String to binary string and discard trailing zeros. Remember that in a Hex string each byte is represented with two characters and the last one might be a zero. So, when you discard zeros make sure that what you get left has even number of bytes.
5. Use one of the commercially available BER Viewers (you can find free BER Viewers on the Web) to convert the binary string to ANSI.1 representation.
6. Analyze the BER-decoded PKCS#7 signature object (RFC 2315 describes it) and find the digest that you are looking for in it. It is an OCTET STRING.
If you want to programmatically validate a signature, you need to write code that does all that. Signature validation includes much more than checking the digest. You need to build chain, validate each certificate in the chain, check revocation for each certificate in the chain, etc. RFC 5280 is the guide what to do.
Good luck! -
Second digital signature invalidates the first one
Hello to all,
I'm having some troubles adding a second digital signature to an already digitally signed PDF. The library that I'm using in order to handle the PDFs is an open source one, so I'm programmatically editing the PDFs. The first PDF I produce, PDF1 (the PDF with one signature), has a valid digital signature. The second PDF I produce, PDF2 (the PDF with the two signatures), has the second signature marked as valid, but the first one as invalid with the following error:
Error during signature verification.
Unexpected byte range values defining scope of signed data.
Details: The signature byte range is invalid
I've read and applied all the "best practices" on PDF digital signature, so I'm adding the second signature in incremental mode and I'm sure that the second PDF has no changes in the first part, this because if I make a binary comparison of PDF1 and PDF2, the first part of the PDF2 equals PDF1. So if you remove the incremental part from PDF2 (after the first %%EOF), you obtain PDF1 again with the valid digital signature. So the problem seems to be in something new in the incremental part of PDF2 that makes Acrobat Reader X thinks that the first digital signature is invalid.
If you want to see the three PDFs, here are the links:
The original PDF: https://docs.google.com/viewer?a=v&pid=explorer&chrome=true&srcid=0BzrgexS80Iq_ODQxZTY2MDk tNTQyYi00YTE0LTk0MTctYWMxNDFiOWY4MjA5&hl=en_US
PDF1: https://docs.google.com/viewer?a=v&pid=explorer&chrome=true&srcid=0BzrgexS80Iq_ZDQ3MTk1ZmI tNWI4NS00YzdhLTkxNmUtODk1NjVmY2M2NTVh&hl=en_US
PDF2: https://docs.google.com/viewer?a=v&pid=explorer&chrome=true&srcid=0BzrgexS80Iq_ZGM1YmZhMWE tY2JiYi00YzZkLWE5ZjItNzgwM2RlNzExYWE1&hl=en_US
Any help will be very apreciated. Best regards.Hi,
I'm not sure if this helps, but I found something unusual with your PDF2. Just at the beginning of the second incremental update (with the new signature), the first object is added without a carriage return. This make the last line of the previous update looks like this:
%%EOF3 0 obj
May this leads to incorrect parsing and then invalidates the signature? Not sure about that, but as far as I can read offsets, your byte ranges are correct. -
Digital signatures in LiveCycle forms
Can anyone tell me what the numbers represent at the end of the date and time string in a PDF digital signature? My numbers looks like this:
Date: 2012.03.27 07:43:49 04'00' (Date = 2012.03.27 Time = 07:43:49 What is 04'00'?)
Thank youAnswered my own question. These numbers represent the time zone of the area where the digital signature was created.
-
How to Create a PDF Document and apply Digital Signature in C# using the Adobe SDK?
Hi Everybody!
I have to do two distinct tasks here:
1) How can I create a PDF document using the Adobe SDK in my .NET Applications(C# - 2.0)?
I just need a basic sample to create a document with a simple text, for example. I did not find any useful information in the adobe documentation. I have the Acrobat Professional 8.0 in my computer, but it's very dificult to work whith de Acrobat.dll and .NET with a poor documentaion.
2)How can I apply digital signature in a existent pdf document?
I need to sign documents using the SDK, just a basic sample in c# would be helpful to start!
Anybody could help?
Thank in advance!Leonard Rosenthol or anybody that can help, sorry to insist.
I will explain better my problem:
I have an ASP.NET WebPAge (C# - 2.0). In this page, the user make a request. The request should generate a PDF document with the informations of the request and with a field to add a digital signature. The document created will be send to a approver that will confirm the approval applying his digital signature (I need to do too, a webpage where the approver open the page, choose the pdf document, and sign, just selecting his own certificate and clicking in the button SIGN... but this is another problem).
That's the reason that I have to create a PDF document. If I create a WORD or HTML document, and then convert to PDF, how can I add a field to digital signature in this pdf document?
Is there any solution using Acrobat SDK?
Thank you very much! -
I have a need to create a Digital Signature field of the same size, in the same location, on many PDF documents over and over. I would like to do this automagically through the Adobe SDK if that is possible. Has anyone done something like this before, and if so can you briefly describe how? Thank you.
You can do this most easily with JavaScript.
-
Digital Signature Not Showing Up in Saved PDF
I am frequently sent pdf contracts that need to be filled out, signed and returned. I turn the pdf into a form and then add a signature field, click "certify with visible signature," sign it and save it as a pdf. But then when I email the signed pdf it has all the form content but doesn't show the signature. Same for when I open the file in Preview. The signature only shows up in Acrobat. Can anyone help explain what I am doing wrong?
Thanks in advance.Hi,
It was dsaks who originally asking about creating a digital signature and that's what the core of this thread is about. When Mobius Strip asked about flattening the signature into a bitmap image that I suggested using a custom signature appearance, because the progenitor of the thread was asking about digital signatures. If they can get by with using a custom stamp then that's fine by me, but that wasn't the thread topic.
On to your questions:
mrtoner wrote:
I understand why Adobe won't (if that's the case) license the digital signatures ability so that Preview and other applications can use it. However, it should be trivial to allow that wet ink signature appear in other apps and I don't see a compelling reason to prevent it -- afer all, it's not a digital signature.
There is no licensing involved here. The PDF specification is public and the Acrobat SDK even has an example of how to create your own signature plug-in. When it comes to the actual cryptographic operations we license the software from RSA. As far as how the signature is created, and how it should be processed, that's all covered by public facing documentation. In fact, Apple is more than capable of processing signatures using their Keychain utility, it's just that they have elected not to include that functionality into Preview.
If your job is to monitor this forum and assist users, why couldn't you manage to suggest that the other users use the stamps feature, since it was clear that what they were wanting was only the signature image? These folks are spending hundreds and thousands of dollars on your products and they deserve better than this.
It's not my job to monitor the forum. I chime in on digital signature issues because it's a complex subject and there are so few people who understand the minutia of how they work. If dsaks hadn't added "certify with visible signature," to the original post I would have skip this completely, but he/she did so I tried to answer their question.
Finally, it's a bit disingenuous when you stated "The image does not display at all, except in Acrobat/Acrobat Reader". It just doesn't display in the free Mac Preview app. There are other third party signature handlers that will process and display a digital signature in a PDF file, but there are not a lot of them in free PDF viewers. As I said above, if dsaks can get by with a custom stamp then great, but if he/she needs a cryptographically sound digital signature then there is no reason why not to created it because everyone can get the free Reader for the Mac, Windows and Linux platforms.
Steve -
Add Digital Signature Using C# and Acrobat SDK
Hi everybody!
Please, how can I digitally sign PDF documents using Acrobat Professional 8 API and C# language?
I know that I need use JavaScript APIs (IAC) but I can't find anything really helpful in the Acrobat SDK Documentation. Could anyone post a sample of how use javascript manipulation inside C# (Framework 2.0), or give me a direction?
Thank in advance!Hi Felipe,
when i am signing the document.
I believe i am missing something in my code. After executing the code to sign, when i open it i get "The following signature fields are not signed".
Please let me know where i m doing wrong?
Here is my VB.NET Code
Dim gapp As Acrobat.CAcroApp
Dim gpddoc As Acrobat.CAcroPDDoc
Dim jso As Object
gapp = CreateObject("acroexch.app")
gpddoc = CreateObject("acroexch.pddoc")
If gpddoc.Open("C:\Test1.pdf") Then
jso = gpddoc.GetJSObject()
jso.SetUserPassword("'testpassword12'")
'jso.ShowMyMessage("SetUserDigitalIDPath")
jso.SetUserDigitalIDPath("'c:\\DrTest.pfx'")
jso.app.execMenuItem("ADBESDK:AddSignature")
jso.AddSignature(jso)
gapp.Show()
and here is the javascript
// password to use the digital signature
var sigUserPwd = "UNKNOWN";
// to test the sample without user input, specify:
// var sigUserPwd = "testpassword";
// path to the digital signature file
var sigDigitalIDPath = "UNKNOWN";
// to test the sample without user input, specify:
//var sigDigitalIDPath = "/C/DrTest.pfx";
// other variables the user can modify
var sigHandlerName = "Adobe.PPKLite";
var sigFieldname = "sdkSignatureTest";
var sigReason = "I want to test my digital signature program.";
var sigLocation = "San Jose, CA";
var sigContactInfo = "[email protected]";
/* Add a menu item for AddSignature */
app.addMenuItem( { cName: "ADBESDK:AddSignature", cUser: "Add My Signature", cParent: "Advanced",
cEnable: "event.rc = (event.target != null);",
cExec: "AddSignature(event.target)" });
// main function
AddSignature=app.trustedFunction(function (doc)
app.beginPriv(); // explicitly raise privilege
// if sigDigitalIDPath is not spcified, ask for user input
if(sigDigitalIDPath == "UNKNOWN"){
var cResponse = app.response({
cQuestion: "Input your digital ID path:",
cTitle: "Digital Signature",
cDefault: "/C/DrTest.pfx",
if ( cResponse == null) {
app.alert("No input.");
return;
else
SetUserDigitalIDPath(cResponse);
// if sigUserPwd is not spcified, ask for user input
if(sigUserPwd == "UNKNOWN"){
var cResponse = app.response({
cQuestion: "Input your password:",
cTitle: "Digital Signature",
cDefault: "testpassword",
if ( cResponse == null) {
app.alert("No input.");
return
else
SetUserPassword(cResponse);
// create a new signature field
var signatureField = AddSignatureField(doc);
// sign it
if(signatureField) Sign(signatureField, sigHandlerName);
app.endPriv();
// create a signature field in the upper left conner with name of sigFieldname
function AddSignatureField(doc)
var inch=72;
var aRect = doc.getPageBox( {nPage: 0} );
aRect[0] += 0.5*inch; // from upper left hand corner of page.
aRect[2] = aRect[0]+2*inch; // Make it 2 inch wide
aRect[1] -= 0.5*inch;
aRect[3] = aRect[1] - 0.5*inch; // and 0.5 inch high
var sigField = null;
try {
sigField = doc.addField(sigFieldname, "signature", 0, aRect );
} catch (e) {
console.println("An error occurred: " + e);
return sigField;
// define the Sign function as a privileged function
Sign = app.trustedFunction (
function( sigField, DigSigHandlerName )
try {
app.beginPriv();
var myEngine = security.getHandler(DigSigHandlerName);
myEngine.login( sigUserPwd, sigDigitalIDPath);
sigField.signatureSign({oSig: myEngine,
bUI: false,
oInfo: { password: sigUserPwd,
reason: sigReason,
location: sigLocation,
contactInfo: sigContactInfo}
app.endPriv
} catch (e) {
console.println("An error occurred: " + e);
// set a correct password for using the signature, so you can quietly sign a doc.
function SetUserPassword(pwd)
sigUserPwd = pwd;
// set path to the digital signature file
function SetUserDigitalIDPath(idPath)
sigDigitalIDPath = idPath;
Sumit -
Digital Signature invalid when sign a PDF with instances
Hi,
I created a XDP document with LiveCycle Designer ES2.
This document contains:
- Some required fields (text fields, data fields ecc...)
- A Subform that user can add more instance pressing a button, contains some fields
- A Digital Signature (With a simple fields collection contains only the signature field)
I render the XDP for get a PDF (using ReaderExtensions component) by LiveCycle Workbench ES3.
Then I open the PDF with Adobe Reader X.
I compile the form and don't press on button increase the instances of Subform.
Sign the document and the signature is valid.
Now, instead, if I make the same but increase the instance of Subform, then sign, the signature is invalid...
Can the problem is the different versions of Designer and Workbench?
In past I got some problems, and sometime I resolved creating a new document and copying all the object of old form in new one... It's an ugly solution but it worked.
But in this case don't resolve nothing.
Any help?
Thank You!Hi,
I created a XDP document with LiveCycle Designer ES2.
This document contains:
- Some required fields (text fields, data fields ecc...)
- A Subform that user can add more instance pressing a button, contains some fields
- A Digital Signature (With a simple fields collection contains only the signature field)
I render the XDP for get a PDF (using ReaderExtensions component) by LiveCycle Workbench ES3.
Then I open the PDF with Adobe Reader X.
I compile the form and don't press on button increase the instances of Subform.
Sign the document and the signature is valid.
Now, instead, if I make the same but increase the instance of Subform, then sign, the signature is invalid...
Can the problem is the different versions of Designer and Workbench?
In past I got some problems, and sometime I resolved creating a new document and copying all the object of old form in new one... It's an ugly solution but it worked.
But in this case don't resolve nothing.
Any help?
Thank You!
Maybe you are looking for
-
Append value with Data Storage Vis
Dear, I would like to use the Data Storage VIs to collect my data but I can't achieve my target. I'm acquiring 1000 samples at 1kHz (N samples on demand) and I make the mean value of the samples. At the end of this proces I have a scalar value and th
-
Output text component new line
HI Team, I am picking up a value from resouce bundle for output text component. I wish to display data in output text component to display data after a new line. Suppose the message is coming as How are you.Welcome Now it should come as How are you W
-
Online Number for Brazil no longer available?
My online number just stoped working. Back in May I received an email stating the Skype team had addressed the issues with Brazil Telecom and I could order online numbers, since Transit was not releasing the old numbers. I ordered a new number on Ju
-
how to lock the tauch screen with some password or dots like android to prevent misuse. And also screen lock to prevent interruption while watching movie reading books etc.
-
Adobe CS 5.5 Windows vers Adobe CS 6 Mac OS
bonjour je possède une CS 5.5 Design Standard Windows et je souhaite maintenant travailler sur Mac. Existe-t-il une solution pour ne pas être obligé de racheter les logiciels en version Mac (simplement une évolution dans cet autre système d'exploitat