(Android™) Sign PDF using PAdES-Baseline-B

See more PDF Signatures Examples

PAdES-Baseline-B is the most basic, entry-level profile of the PDF Advanced Electronic Signatures (PAdES) standard.

It means:

• A PDF contains a CMS/PKCS#7 detached signature over the document’s byte range.
• /SubFilter must be ETSI.CAdES.detached.
• The signer’s X.509 certificate is included inside the signature.
• The signature uses recognized secure algorithms (e.g., SHA-256 with RSA/ECDSA).
• It proves document integrity (no changes since signing) and signer authenticity (certificate identifies who signed).
• It does not include time-stamps, revocation data (CRL/OCSP), or long-term validation information — those appear only in higher levels (PAdES-Baseline-T, -LT, -LTA).

In short: Baseline-B = a standard PDF digital signature that ensures integrity and origin, but without time or revocation guarantees.

Chilkat Android™ Downloads Android™ Java Libraries Android C/C++ Libraries

// Important: Don't forget to include the call to System.loadLibrary
// as shown at the bottom of this code sample.
package com.test;

import android.app.Activity;
import com.chilkatsoft.*;

import android.widget.TextView;
import android.os.Bundle;

public class SimpleActivity extends Activity {

  private static final String TAG = "Chilkat";

  // Called when the activity is first created.
  @Override
  public void onCreate(Bundle savedInstanceState) {
    super.onCreate(savedInstanceState);

    boolean success = false;

    CkPdf pdf = new CkPdf();

    // Load a PDF to be signed.
    success = pdf.LoadFile("c:/someDir/my.pdf");
    if (success == false) {
        Log.i(TAG, pdf.lastErrorText());
        return;
        }

    // Options for signing are specified in JSON.
    CkJsonObject json = new CkJsonObject();

    json.UpdateString("subFilter","/ETSI.CAdES.detached");
    json.UpdateBool("signingCertificateV2",true);
    json.UpdateBool("signingTime",true);
    json.UpdateString("signingAlgorithm","pkcs");
    json.UpdateString("hashAlgorithm","sha256");

    // -----------------------------------------------------------
    // The following JSON settings define the signature appearance.
    json.UpdateInt("page",1);
    json.UpdateString("appearance.y","top");
    json.UpdateString("appearance.x","left");
    json.UpdateString("appearance.fontScale","10.0");
    json.UpdateString("appearance.text[0]","Digitally signed by: cert_cn");
    json.UpdateString("appearance.text[1]","current_dt");
    json.UpdateString("appearance.text[2]","Hello 123 ABC");

    // --------------------------------------------------------------
    // Load the signing certificate. (Use your own certificate.)
    // Note: There are other methods for using a certificate on an HSM (smartcard or token)
    // or from other sources, such as a cloud HSM, a Windows installed certificate,
    // or other file formats.
    CkCert cert = new CkCert();
    success = cert.LoadPfxFile("c:/myPfxFiles/myPdfSigningCert.pfx","pfxPassword");
    if (success == false) {
        Log.i(TAG, cert.lastErrorText());
        return;
        }

    // Once we have the certificate object, tell the PDF object to use it for signing
    success = pdf.SetSigningCert(cert);
    if (success == false) {
        Log.i(TAG, pdf.lastErrorText());
        return;
        }

    // Sign the PDF, creating the output file.
    String outFilePath = "c:/someDir/mySigned.pdf";
    success = pdf.SignPdf(json,outFilePath);
    if (success == false) {
        Log.i(TAG, pdf.lastErrorText());
        return;
        }

    Log.i(TAG, "Success.");

  }

  static {
      System.loadLibrary("chilkat");

      // Note: If the incorrect library name is passed to System.loadLibrary,
      // then you will see the following error message at application startup:
      //"The application <your-application-name> has stopped unexpectedly. Please try again."
  }
}