public void FindSigningCertificate() { var slot = SmartCardUtils.SaferFindSlot(@"C:\Program Files (x86)\EAC MW klient\pkcs11_x86.dll", "Sig_ZEP"); using (var session = PkcsSession.StartNewSession(slot, "200860")) { var signingCertificate = SmartCardUtils.FindSigningCertificate(session, "Certifikat k podpisovemu klucu"); Assert.IsNotNull(signingCertificate); var certificateChain = SmartCardUtils.GetCertificateChain(signingCertificate); Assert.IsNotEmpty(certificateChain); } }
public void SignPdf(string inputPdfPath, string signedPdfPath, string tokenPin) { // Pkcs11RsaSignature can't find a private key by certificate label, only by certificate id. var signingCertificateId = this.FindSigningCertificateId(tokenPin, this.ckaLabel); var pkcs11RsaSignature = SmartCardUtils.SaferCreateSignature(this.pkcsLibPath, this.tokenLabel, tokenPin, signingCertificateId); if (pkcs11RsaSignature == null) { throw new InvalidOperationException("Smart card read error."); } try { var rawSigningCertificate = pkcs11RsaSignature.SaferGetSigningCertificate(); var signingCertificate = SmartCardUtils.ParseCertificate(rawSigningCertificate); var signatureAuthor = GetCertificateCn(signingCertificate.Subject); var certificateChain = SmartCardUtils.GetCertificateChain(signingCertificate); var certPath = CertUtils.BuildCertPath(rawSigningCertificate, certificateChain.Select(v => v.RawData).ToList()); using (var pdfReader = new PdfReader(inputPdfPath)) { using (var outputStream = new FileStream(signedPdfPath, FileMode.Create)) { // Create PdfStamper that applies extra content to the PDF document using (var pdfStamper = PdfStamper.CreateSignature(pdfReader, outputStream, '\0', Path.GetTempFileName(), true)) { pdfStamper.SignatureAppearance.SignatureCreator = signatureAuthor; pdfStamper.SignatureAppearance.SignDate = DateTime.Now; // Sign PDF document MakeSignature.SignDetached(pdfStamper.SignatureAppearance, pkcs11RsaSignature, certPath, null, null, null, 0, CryptoStandard.CADES); } } } } finally { pkcs11RsaSignature.Dispose(); } }