static void PrintSignaturesInfo(string in_docpath)
{
Console.Out.WriteLine("================================================================================");
Console.Out.WriteLine("Reading and printing digital signature information");
using (PDFDoc doc = new PDFDoc(in_docpath))
{
if (!doc.HasSignatures())
{
Console.Out.WriteLine("Doc has no signatures.");
Console.Out.WriteLine("================================================================================");
return;
}
else
{
Console.Out.WriteLine("Doc has signatures.");
}
for (FieldIterator fitr = doc.GetFieldIterator(); fitr.HasNext(); fitr.Next())
{
if (fitr.Current().IsLockedByDigitalSignature())
{
Console.Out.WriteLine("==========\nField locked by a digital signature");
}
else
{
Console.Out.WriteLine("==========\nField not locked by a digital signature");
}
Console.Out.WriteLine("Field name: " + fitr.Current().GetName());
Console.Out.WriteLine("==========");
}
Console.Out.WriteLine("====================\nNow iterating over digital signatures only.\n====================");
DigitalSignatureFieldIterator digsig_fitr = doc.GetDigitalSignatureFieldIterator();
for (; digsig_fitr.HasNext(); digsig_fitr.Next())
{
Console.Out.WriteLine("==========");
Console.Out.WriteLine("Field name of digital signature: " + new Field(digsig_fitr.Current().GetSDFObj()).GetName());
DigitalSignatureField digsigfield = digsig_fitr.Current();
if (!digsigfield.HasCryptographicSignature())
{
Console.Out.WriteLine("Either digital signature field lacks a digital signature dictionary, " +
"or digital signature dictionary lacks a cryptographic hash entry. " +
"Digital signature field is not presently considered signed.\n" +
"==========");
continue;
}
int cert_count = digsigfield.GetCertCount();
Console.Out.WriteLine("Cert count: " + cert_count);
for (int i = 0; i < cert_count; ++i)
{
byte[] cert = digsigfield.GetCert(i);
Console.Out.WriteLine("Cert #" + i + " size: " + cert.Length);
}
DigitalSignatureField.SubFilterType subfilter = digsigfield.GetSubFilter();
Console.Out.WriteLine("Subfilter type: " + (int)subfilter);
if (subfilter != DigitalSignatureField.SubFilterType.e_ETSI_RFC3161)
{
Console.Out.WriteLine("Signature's signer: " + digsigfield.GetSignatureName());
Date signing_time = digsigfield.GetSigningTime();
if (signing_time.IsValid())
{
Console.Out.WriteLine("Signing day: " + (int)signing_time.day);
}
Console.Out.WriteLine("Location: " + digsigfield.GetLocation());
Console.Out.WriteLine("Reason: " + digsigfield.GetReason());
Console.Out.WriteLine("Contact info: " + digsigfield.GetContactInfo());
}
else
{
Console.Out.WriteLine("SubFilter == e_ETSI_RFC3161 (DocTimeStamp; no signing info)\n");
}
Console.Out.WriteLine(((digsigfield.HasVisibleAppearance()) ? "Visible" : "Not visible"));
DigitalSignatureField.DocumentPermissions digsig_doc_perms = digsigfield.GetDocumentPermissions();
string[] locked_fields = digsigfield.GetLockedFields();
foreach (string field_name in locked_fields)
{
Console.Out.WriteLine("This digital signature locks a field named: " + field_name);
}
switch (digsig_doc_perms)
{
case DigitalSignatureField.DocumentPermissions.e_no_changes_allowed:
Console.Out.WriteLine("No changes to the document can be made without invalidating this digital signature.");
break;
case DigitalSignatureField.DocumentPermissions.e_formfilling_signing_allowed:
Console.Out.WriteLine("Page template instantiation, form filling, and signing digital signatures are allowed without invalidating this digital signature.");
break;
case DigitalSignatureField.DocumentPermissions.e_annotating_formfilling_signing_allowed:
Console.Out.WriteLine("Annotating, page template instantiation, form filling, and signing digital signatures are allowed without invalidating this digital signature.");
break;
case DigitalSignatureField.DocumentPermissions.e_unrestricted:
Console.Out.WriteLine("Document not restricted by this digital signature.");
break;
default:
throw new Exception("Unrecognized digital signature document permission level.");
}
Console.Out.WriteLine("==========");
}
}
Console.Out.WriteLine("================================================================================");
}
public void AdhocTest()
{
PDFDoc doc = new PDFDoc(GetTestPdf(SamplePdf));
// Ad-hoc field added for signing the PDF
var signatureField = doc.FieldCreate("sample-field-name", Field.Type.e_signature, "signer name");
signatureField.SetValue("Signature Name");
var digitalSignatureField = new DigitalSignatureField(signatureField);
// Before the rest of the lines or else it fails due to dictionary being empty
digitalSignatureField.SignOnNextSave(GetCertificatePath("pdf-signing.pfx"), CertPassword);
digitalSignatureField.SetReason("reason");
digitalSignatureField.SetContactInfo("*****@*****.**");
digitalSignatureField.SetLocation("location");
digitalSignatureField.SetFieldPermissions(DigitalSignatureField.FieldPermissions.e_include, new string[0]);
digitalSignatureField.SetDocumentPermissions(DigitalSignatureField.DocumentPermissions
.e_formfilling_signing_allowed);
// Save file
var temporaryFile = Path.GetTempFileName();
doc.Save(temporaryFile, pdftron.SDF.SDFDoc.SaveOptions.e_incremental);
// VALIDATE
var result = new PDFDoc(temporaryFile);
var verificationOptions = new VerificationOptions(VerificationOptions.SignatureVerificationSecurityLevel
.e_compatibility_and_archiving);
// Using filepath/password directly makes it fail on adding trusted cert
// THIS ONE FAILS:
// verificationOptions.AddTrustedCertificate(GetCertificatePath("pdf-signing.crt"));
var x509 = new X509Certificate(GetCertificatePath("pdf-signing.pfx"), CertPassword);
verificationOptions.AddTrustedCertificate(x509.GetRawCertData());
DigitalSignatureFieldIterator signatureFieldIterator = result.GetDigitalSignatureFieldIterator();
for (; signatureFieldIterator.HasNext(); signatureFieldIterator.Next())
{
var dsField = signatureFieldIterator.Current();
var verificationResult = dsField.Verify(verificationOptions);
var status = verificationResult.GetTrustStatus();
var certCount = dsField.GetCertCount();
Console.WriteLine($"Verification status {status}");
Console.WriteLine($"Digest status {verificationResult.GetDigestStatus()}");
Console.WriteLine($"Digest document status {verificationResult.GetDocumentStatus()}");
Console.WriteLine($"Verification status {verificationResult.GetVerificationStatus()}");
Console.WriteLine($"Cert count: {certCount}");
Console.WriteLine($"Signature Name{dsField.GetSignatureName()}");
var sigTime = dsField.GetSigningTime();
Console.WriteLine($"Signing Time: {sigTime.day}/{sigTime.month}/{sigTime.year} {sigTime.hour}:{sigTime.minute}.{sigTime.second}");
Assert.True(status != VerificationResult.TrustStatus.e_untrusted, "Unexpected status e_untrusted");
Assert.True(certCount > 0, "DigitalSignatureField should have a certificate");
}
}
