static void CertifyPDF(string in_docpath,
string in_cert_field_name,
string in_private_key_file_path,
string in_keyfile_password,
string in_appearance_image_path,
string in_outpath)
{
Console.Out.WriteLine("================================================================================");
Console.Out.WriteLine("Certifying PDF document");
// Open an existing PDF
using (PDFDoc doc = new PDFDoc(in_docpath))
{
Console.Out.WriteLine("PDFDoc has " + (doc.HasSignatures() ? "signatures" : "no signatures"));
Page page1 = doc.GetPage(1);
// Create a random text field that we can lock using the field permissions feature.
TextWidget annot1 = TextWidget.Create(doc, new Rect(50, 550, 350, 600), "asdf_test_field");
page1.AnnotPushBack(annot1);
/* Create new signature form field in the PDFDoc. The name argument is optional;
* leaving it empty causes it to be auto-generated. However, you may need the name for later.
* Acrobat doesn't show digsigfield in side panel if it's without a widget. Using a
* Rect with 0 width and 0 height, or setting the NoPrint/Invisible flags makes it invisible. */
DigitalSignatureField certification_sig_field = doc.CreateDigitalSignatureField(in_cert_field_name);
SignatureWidget widgetAnnot = SignatureWidget.Create(doc, new Rect(0, 100, 200, 150), certification_sig_field);
page1.AnnotPushBack(widgetAnnot);
// (OPTIONAL) Add an appearance.
// Widget AP from image
Image img = Image.Create(doc, in_appearance_image_path);
widgetAnnot.CreateSignatureAppearance(img);
// End of optional appearance-adding code.
// Add permissions. Lock the random text field.
Console.Out.WriteLine("Adding document permissions.");
certification_sig_field.SetDocumentPermissions(DigitalSignatureField.DocumentPermissions.e_annotating_formfilling_signing_allowed);
Console.Out.WriteLine("Adding field permissions.");
string[] fields_to_lock = new string[1];
fields_to_lock[0] = "asdf_test_field";
certification_sig_field.SetFieldPermissions(DigitalSignatureField.FieldPermissions.e_include, fields_to_lock);
#if USE_DOTNET_CRYPTO
DotNetCryptoSignatureHandler sigHandler = new DotNetCryptoSignatureHandler(in_private_key_file_path, in_keyfile_password);
SDF.SignatureHandlerId sigHandlerId = doc.AddSignatureHandler(sigHandler);
found_approval_signature_digsig_field.CertifyOnNextSaveWithCustomHandler(sigHandlerId);
#else
certification_sig_field.CertifyOnNextSave(in_private_key_file_path, in_keyfile_password);
#endif
///// (OPTIONAL) Add more information to the signature dictionary.
certification_sig_field.SetLocation("Vancouver, BC");
certification_sig_field.SetReason("Document certification.");
certification_sig_field.SetContactInfo("www.pdftron.com");
///// End of optional sig info code.
// Save the PDFDoc. Once the method below is called, PDFNetC will also sign the document using the information provided.
doc.Save(in_outpath, 0);
}
Console.Out.WriteLine("================================================================================");
}
public void AdhocTest()
{
PDFDoc doc = new PDFDoc(GetTestPdf(SamplePdf));
// Ad-hoc field added for signing the PDF
var signatureField = doc.FieldCreate("sample-field-name", Field.Type.e_signature, "signer name");
signatureField.SetValue("Signature Name");
var digitalSignatureField = new DigitalSignatureField(signatureField);
// Before the rest of the lines or else it fails due to dictionary being empty
digitalSignatureField.SignOnNextSave(GetCertificatePath("pdf-signing.pfx"), CertPassword);
digitalSignatureField.SetReason("reason");
digitalSignatureField.SetContactInfo("*****@*****.**");
digitalSignatureField.SetLocation("location");
digitalSignatureField.SetFieldPermissions(DigitalSignatureField.FieldPermissions.e_include, new string[0]);
digitalSignatureField.SetDocumentPermissions(DigitalSignatureField.DocumentPermissions
.e_formfilling_signing_allowed);
// Save file
var temporaryFile = Path.GetTempFileName();
doc.Save(temporaryFile, pdftron.SDF.SDFDoc.SaveOptions.e_incremental);
// VALIDATE
var result = new PDFDoc(temporaryFile);
var verificationOptions = new VerificationOptions(VerificationOptions.SignatureVerificationSecurityLevel
.e_compatibility_and_archiving);
// Using filepath/password directly makes it fail on adding trusted cert
// THIS ONE FAILS:
// verificationOptions.AddTrustedCertificate(GetCertificatePath("pdf-signing.crt"));
var x509 = new X509Certificate(GetCertificatePath("pdf-signing.pfx"), CertPassword);
verificationOptions.AddTrustedCertificate(x509.GetRawCertData());
DigitalSignatureFieldIterator signatureFieldIterator = result.GetDigitalSignatureFieldIterator();
for (; signatureFieldIterator.HasNext(); signatureFieldIterator.Next())
{
var dsField = signatureFieldIterator.Current();
var verificationResult = dsField.Verify(verificationOptions);
var status = verificationResult.GetTrustStatus();
var certCount = dsField.GetCertCount();
Console.WriteLine($"Verification status {status}");
Console.WriteLine($"Digest status {verificationResult.GetDigestStatus()}");
Console.WriteLine($"Digest document status {verificationResult.GetDocumentStatus()}");
Console.WriteLine($"Verification status {verificationResult.GetVerificationStatus()}");
Console.WriteLine($"Cert count: {certCount}");
Console.WriteLine($"Signature Name{dsField.GetSignatureName()}");
var sigTime = dsField.GetSigningTime();
Console.WriteLine($"Signing Time: {sigTime.day}/{sigTime.month}/{sigTime.year} {sigTime.hour}:{sigTime.minute}.{sigTime.second}");
Assert.True(status != VerificationResult.TrustStatus.e_untrusted, "Unexpected status e_untrusted");
Assert.True(certCount > 0, "DigitalSignatureField should have a certificate");
}
}