As you may already know, we introduced multiple signature support in our v20.1 release cycle.
Based on your great feedback, we introduced a series of enhancements in our v20.1.6 minor update and expect to issue additional updates in upcoming builds. Thanks for all your help and your continued support. We appreciate it.
v20.1.6
PAdES Support
You can now apply signatures with a B-T level PAdES profile to a document. To do so, specify the signature profile in the Pkcs7Signer object constructor.
The IOcspClient and ICrlClient interfaces allow you to add certificate revocation information. You can use our default implementations or create a custom implementation as needed.
using (var signer = new PdfDocumentSigner("Document.pdf"))
{
IOcspClient ocspClient = new PdfOcspClient();
ICrlClient crlClient = new PdfCrlClient();
ITsaClient tsaClient = new PdfTsaClient(new Uri(@"https://freetsa.org/tsr"), PdfHashAlgorithm.SHA256);
//Create a PKCS#7 signature:
Pkcs7Signer pkcs7Signature = new Pkcs7Signer("Signing Documents//testcert.pfx", "123",
PdfHashAlgorithm.SHA256, tsaClient, ocspClient, crlClient, PdfSignatureProfile.PAdES_BES);
//Apply a signature to a form field:
var signature =
new PdfSignatureBuilder(pkcs7Signature, "Sign");
//Sign and save the document:
signer.SaveDocument("SignedDocument.pdf", signature);
}Certification Signature
The PdfSignatureBuilder.CertificationLevel property defines the changes available to users when the signature is applied. If a user makes a restricted change, the signature is invalidated. You can specify the following permissions:
- Allow all changes
- Allow users to populate forms and sign the document
- Allow users to populate forms, manage annotations, and sign the document
- Restrict all changes
//Load a document:
using (var signer = new PdfDocumentSigner("Document.pdf"))
{
//Create a PAdES PKCS#7 signature
Pkcs7Signer pkcs7Signature =
new Pkcs7Signer("Signing Documents/certificate.pfx", "123", PdfHashAlgorithm.SHA256);
//Apply a signature to a form field:
var signature =
new PdfSignatureBuilder(pkcs7Signature, "Sign");
//Specify an image and signer information:
signature.SetImageData(File.ReadAllBytes
("Signing Documents//SantuzzaValentina.jpg"));
signature.Name = "Santuzza Valentina";
santuzzaSignature.CertificationLevel = PdfCertificationLevel.FillFormsAndAnnotate;
//Sign and save the document:
signer.SaveDocument("SignedDocument.pdf", signature);
}
Document-Level Timestamps
You can now use document-level timestamps to sign a document.
The PdfTimeStamp object allows you to generate a document-level timestamp. Use the ITsaClient interface implementation to specify the timestamp client.
Pass the PdfTimeStamp object to the PdfSignatureBuilder constructor to apply the timestamp to the signature field.
using (var signer = new PdfDocumentSigner("Document.pdf"))
{
//Create a timestamp:
ITsaClient tsaClient = new PdfTsaClient(new Uri(@"https://freetsa.org/tsr"), PdfHashAlgorithm.SHA256);
//Create a new signature form field:
var signatureFieldInfo = new PdfSignatureFieldInfo(1);
signatureFieldInfo.Name = "SignatureField1";
signatureFieldInfo.SignatureBounds = new PdfRectangle(200, 200, 250, 250);
//Create a document-level timestamp:
PdfTimeStamp pdfTimeStamp = new PdfTimeStamp(tsaClient);
//Apply this timestamp to the form field:
var timestampSignature = new PdfSignatureBuilder(pdfTimestamp, signatureFieldInfo);
//Sign and save the document:
signer.SaveDocument("SignedDocument.pdf", timestampSignature);
}
v20.1.7 (Next Update)
Sign Documents in Deferred Mode
The PDF Document API will allow you to use a document hash to apply a signature or a document-level timestamp externally.
You can use the ExternalSignerInfo class object to specify signature parameters: type, size, hashing algorithm, etc. The PdfDocumentSigner.SignDeferred method applies the signature to the document and returns a document hash. Utilize the PdfDeferredSigner.Sign method to write signature contents to the document and save the result to a file or stream.
using (var signer = new PdfDocumentSigner(File.OpenRead("SignDemo.pdf")))
{
//Specify information about signature metadata:
var digestCalculator = new PdfDigestCalculator(PdfHashAlgorithm.SHA256);
var signerInfo = new ExternalSignerInfo(PdfSignatureType.Pkcs7, 8000, digestCalculator);
//Create a new form field:
var fieldInfo = new PdfSignatureFieldInfo(1) { SignatureBounds = new PdfRectangle(10, 10, 100, 100) };
//Apply the metadata to the form field:
var builder = new PdfDeferredSignatureBuilder(signerInfo, fieldInfo);
//Add the signature to the document:
var deferredSigner = signer.SignDeferred(builder);
//Obtain the document hash and the hash algorithm's object identifier:
var digest = deferredSigner.HashValue;
var digestAlgorithmOID = digestCalculator.AlgorithmOid;
//Generate the signature content for the document:
byte[] signature = CreateSignature(digest, digestAlgorithmOID);
//Add signature contents and save the document to a file:
deferredSigner.Sign("signed.pdf", signature);
}
static byte[] CreateSignature(byte[] digest, string digestAlgorithmOID)
{
var signer = new Pkcs7Signer(@"SignDemo.pfx", "dxdemo");
byte[] signature = signer.BuildSignature(digest, digestAlgorithmOID);
return signature;
}
Add Signatures to Multiple Pages
We will add a new PdfSignatureFieldInfo class constructor. You can use this constructor to create a signature with a widget that belongs to multiple document pages.
var numbers = new List<int>() { 1, 2, 5 };
var fieldInfo = new PdfSignatureFieldInfo(numbers)
{ SignatureBounds = new PdfRectangle(10, 10, 100, 100) };
What’s Next
PAdES signatures with LT and LTA levels are not yet supported. We plan to address this issue in our v20.2 release cycle. We will share updates with you in an upcoming blog post.
Your Feedback Matters
As always, we welcome your thoughts. Please comment below and let us know what you think of these new features. Should you have technical questions, feel free to contact us via the DevExpress Support Center.