DataFlex
DataFlex
Sign PDF: Choosing RSASSA-PSS or PKCS1-v1_5 and Hash Algorithm
See more PDF Signatures Examples
This example demonstrates how to choose between RSASSA-PSS vs. PKCS1-v1_5 and the hash algorithm when signing a PDF.Chilkat DataFlex Downloads
Use ChilkatAx-win32.pkg
Procedure Test
Boolean iSuccess
Handle hoPdf
Variant vJson
Handle hoJson
Variant vCert
Handle hoCert
String sTemp1
Move False To iSuccess
// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
Get Create (RefClass(cComChilkatPdf)) To hoPdf
If (Not(IsComObjectCreated(hoPdf))) Begin
Send CreateComObject of hoPdf
End
// Load a PDF to be signed.
// The "hello.pdf" is available at https://chilkatsoft.com/hello.pdf
Get ComLoadFile Of hoPdf "qa_data/pdf/hello.pdf" To iSuccess
If (iSuccess = False) Begin
Get ComLastErrorText Of hoPdf To sTemp1
Showln sTemp1
Procedure_Return
End
// Options for signing are specified in JSON.
Get Create (RefClass(cComChilkatJsonObject)) To hoJson
If (Not(IsComObjectCreated(hoJson))) Begin
Send CreateComObject of hoJson
End
// In most cases, the signingCertificateV2 attribute is needed.
Get ComUpdateInt Of hoJson "signingCertificateV2" 1 To iSuccess
// ---------------------------------------------------------------------------------------------------------------------------
// This example is the same as the example at Sign a PDF (Simplest Example Possible)
// but with the following lines added to specify the signature scheme and hash algorithm.
// The signature schemes PKCS-v1_5 and RSASSA-PSS have differences.
// PKCSV1_5 is deterministic. The same message and key will produce an identical signature value each time.
// PSS is randomized and will produce a different signature value each time.
// To choose the hash algorithm:
// (The typical choices are sha1, sha256, sha384, and sha512.)
Get ComUpdateString Of hoJson "hashAlgorithm" "sha256" To iSuccess
// To choose PKCSV1_5:
Get ComUpdateString Of hoJson "signingAlgorithm" "pkcs" To iSuccess
// Alternatively, to choose RSASSA-PSS:
Get ComUpdateString Of hoJson "signingAlgorithm" "pss" To iSuccess
// If not specified, the default is SHA256 with PKCS-v1_5.
// The remainder of this example is the same as the example at Sign a PDF (Simplest Example Possible)
// ---------------------------------------------------------------------------------------------------------------------------
// Put the signature on page 1, top left
Get ComUpdateInt Of hoJson "page" 1 To iSuccess
Get ComUpdateString Of hoJson "appearance.y" "top" To iSuccess
Get ComUpdateString Of hoJson "appearance.x" "left" To iSuccess
// Use a font scale of 10.0
Get ComUpdateString Of hoJson "appearance.fontScale" "10.0" To iSuccess
// In this example, the appearance of the digital signature will contain three lines:
// 1) The signing certificate's common name
// 2) The current date/time
// 3) Some arbitrary text.
// The keyword "cert_cn" is replaced with the Certificate's Subject Common Name.
// The keyword "current_dt" is replaced with the current date/time.
// Any number of appearance text lines can be added.
Get ComUpdateString Of hoJson "appearance.text[0]" "Digitally signed by: cert_cn" To iSuccess
Get ComUpdateString Of hoJson "appearance.text[1]" "current_dt" To iSuccess
Get ComUpdateString Of hoJson "appearance.text[2]" "The crazy brown fox jumps over the lazy dog." To iSuccess
// Load the signing certificate. (Use your own certificate.)
Get Create (RefClass(cComChilkatCert)) To hoCert
If (Not(IsComObjectCreated(hoCert))) Begin
Send CreateComObject of hoCert
End
Get ComLoadPfxFile Of hoCert "qa_data/pfx/myPdfSigningCert.pfx" "secret" To iSuccess
If (iSuccess = False) Begin
Get ComLastErrorText Of hoCert To sTemp1
Showln sTemp1
Procedure_Return
End
// Tell the pdf object to use the certificate for signing.
Get pvComObject of hoCert to vCert
Get ComSetSigningCert Of hoPdf vCert To iSuccess
If (iSuccess = False) Begin
Get ComLastErrorText Of hoPdf To sTemp1
Showln sTemp1
Procedure_Return
End
Get pvComObject of hoJson to vJson
Get ComSignPdf Of hoPdf vJson "qa_output/hello_signed.pdf" To iSuccess
If (iSuccess = False) Begin
Get ComLastErrorText Of hoPdf To sTemp1
Showln sTemp1
Procedure_Return
End
Showln "The PDF has been successfully cryptographically signed."
// The appearance of the signature appears in Adobe Acrobat as shown here:
// (image:https://example-code.com/images/signature1.jpg/endImage)
End_Procedure