Sample code for 30+ languages & platforms
SQL Server

Sign PDF in PAdES (ETSI EN 319 142) standard

See more PDF Signatures Examples

Chilkat can sign PDF's to satisfy any of the different PDF signing levels, such as:

PAdES-Baseline: This is the basic level of PAdES compliance. It specifies the minimum requirements for creating an advanced electronic signature in a PDF document. PAdES-Baseline signatures typically include the signature itself, signer's identity information, and certificate validation data.

PAdES-B: PAdES-B is an extension of PAdES-Baseline that adds support for time-stamping the signature. Time-stamping ensures that the signature remains valid even after the expiration of the signer's certificate.

PAdES-LTV (Long-Term Validation), PAdES-LTA: PAdES-LTV adds additional features to ensure the long-term validity and integrity of signatures. It includes mechanisms for embedding validation-related information, such as certificate revocation status and validation policies, directly into the PDF document. This allows the signature to be validated even if the signer's certificate has expired or been revoked.

PAdES-T: PAdES-T is similar to PAdES-B, but it requires the use of a secure time-stamp from a trusted time-stamping authority. This provides additional assurance of the signature's time validity.

PAdES-C: PAdES-C adds support for multiple signers to sign the same PDF document sequentially or concurrently.

PAdES-X: PAdES-X is an extension of PAdES-Baseline that adds support for the use of external signature policies. External signature policies define additional requirements and constraints for creating and validating signatures.

Chilkat SQL Server Downloads

SQL Server
-- Important: See this note about string length limitations for strings returned by sp_OAMethod calls.
--
CREATE PROCEDURE ChilkatSample
AS
BEGIN
    DECLARE @hr int
    -- Important: Do not use nvarchar(max).  See the warning about using nvarchar(max).
    DECLARE @sTmp0 nvarchar(4000)
    DECLARE @success int
    SELECT @success = 0

    DECLARE @pdf int
    EXEC @hr = sp_OACreate 'Chilkat.Pdf', @pdf OUT
    IF @hr <> 0
    BEGIN
        PRINT 'Failed to create ActiveX component'
        RETURN
    END

    -- Load a PDF to be signed.
    EXEC sp_OAMethod @pdf, 'LoadFile', @success OUT, 'c:/someDir/my.pdf'
    IF @success = 0
      BEGIN
        EXEC sp_OAGetProperty @pdf, 'LastErrorText', @sTmp0 OUT
        PRINT @sTmp0
        EXEC @hr = sp_OADestroy @pdf
        RETURN
      END

    -- Options for signing are specified in JSON.
    DECLARE @json int
    EXEC @hr = sp_OACreate 'Chilkat.JsonObject', @json OUT

    -- ---------------------------------------------------------------------
    -- The JSON signing attributes are what controls the level of 
    -- PAdES signature produced (i.e. PAdES-LTV, PAdES-B-LTA, etc)
    -- 
    -- The best way to know what attributes to provide, and the values for
    -- for each attribute, is to find an already signed PDF that meets your 
    -- requirements, and pass it to Chilkat's online tool at Generate PDF Signing Code
    -- The online tool will analyze the signed PDF and will generate code with the
    -- JSON signing attributes that will produce a signed PDF with the same features.
    EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'subFilter', '/ETSI.CAdES.detached'
    EXEC sp_OAMethod @json, 'UpdateBool', @success OUT, 'signingCertificateV2', 1
    EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'signingAlgorithm', 'pkcs'
    EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'hashAlgorithm', 'sha256'

    -- -----------------------------------------------------------
    -- The following JSON settings define the signature appearance.
    EXEC sp_OAMethod @json, 'UpdateInt', @success OUT, 'page', 1
    EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'appearance.y', 'top'
    EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'appearance.x', 'left'
    EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'appearance.fontScale', '10.0'
    EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'appearance.text[0]', 'Digitally signed by: cert_cn'
    EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'appearance.text[1]', 'current_dt'
    EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'appearance.text[2]', 'Hello 123 ABC'

    -- --------------------------------------------------------------
    -- Load the signing certificate. (Use your own certificate.)
    -- Note: There are other methods for using a certificate on an HSM (smartcard or token)
    -- or from other sources, such as a cloud HSM, a Windows installed certificate,
    -- or other file formats.
    DECLARE @cert int
    EXEC @hr = sp_OACreate 'Chilkat.Cert', @cert OUT

    EXEC sp_OAMethod @cert, 'LoadPfxFile', @success OUT, 'c:/myPfxFiles/myPdfSigningCert.pfx', 'pfxPassword'
    IF @success = 0
      BEGIN
        EXEC sp_OAGetProperty @cert, 'LastErrorText', @sTmp0 OUT
        PRINT @sTmp0
        EXEC @hr = sp_OADestroy @pdf
        EXEC @hr = sp_OADestroy @json
        EXEC @hr = sp_OADestroy @cert
        RETURN
      END

    -- Once we have the certificate object, tell the PDF object to use it for signing
    EXEC sp_OAMethod @pdf, 'SetSigningCert', @success OUT, @cert
    IF @success = 0
      BEGIN
        EXEC sp_OAGetProperty @pdf, 'LastErrorText', @sTmp0 OUT
        PRINT @sTmp0
        EXEC @hr = sp_OADestroy @pdf
        EXEC @hr = sp_OADestroy @json
        EXEC @hr = sp_OADestroy @cert
        RETURN
      END

    -- Sign the PDF, creating the output file.
    DECLARE @outFilePath nvarchar(4000)
    SELECT @outFilePath = 'c:/someDir/mySigned.pdf'
    EXEC sp_OAMethod @pdf, 'SignPdf', @success OUT, @json, @outFilePath
    IF @success = 0
      BEGIN
        EXEC sp_OAGetProperty @pdf, 'LastErrorText', @sTmp0 OUT
        PRINT @sTmp0
        EXEC @hr = sp_OADestroy @pdf
        EXEC @hr = sp_OADestroy @json
        EXEC @hr = sp_OADestroy @cert
        RETURN
      END


    PRINT 'Success.'

    EXEC @hr = sp_OADestroy @pdf
    EXEC @hr = sp_OADestroy @json
    EXEC @hr = sp_OADestroy @cert


END
GO