(Swift) Sign PDF using PAdES-Baseline-B

See more PDF Signatures Examples

PAdES-Baseline-B is the most basic, entry-level profile of the PDF Advanced Electronic Signatures (PAdES) standard.

It means:

• A PDF contains a CMS/PKCS#7 detached signature over the document’s byte range.
• /SubFilter must be ETSI.CAdES.detached.
• The signer’s X.509 certificate is included inside the signature.
• The signature uses recognized secure algorithms (e.g., SHA-256 with RSA/ECDSA).
• It proves document integrity (no changes since signing) and signer authenticity (certificate identifies who signed).
• It does not include time-stamps, revocation data (CRL/OCSP), or long-term validation information — those appear only in higher levels (PAdES-Baseline-T, -LT, -LTA).

In short: Baseline-B = a standard PDF digital signature that ensures integrity and origin, but without time or revocation guarantees.

Chilkat Downloads for the Swift Programming Language MAC OS X (Cocoa) Objective-C/Swift Libs iOS Objective-C/Swift Libs

func chilkatTest() {
    var success: Bool = false

    let pdf = CkoPdf()!

    // Load a PDF to be signed.
    success = pdf.loadFile("c:/someDir/my.pdf")
    if success == false {
        print("\(pdf.lastErrorText!)")
        return
    }

    // Options for signing are specified in JSON.
    let json = CkoJsonObject()!

    json.update("subFilter", value: "/ETSI.CAdES.detached")
    json.updateBool("signingCertificateV2", value: true)
    json.updateBool("signingTime", value: true)
    json.update("signingAlgorithm", value: "pkcs")
    json.update("hashAlgorithm", value: "sha256")

    // -----------------------------------------------------------
    // The following JSON settings define the signature appearance.
    json.updateInt("page", value: 1)
    json.update("appearance.y", value: "top")
    json.update("appearance.x", value: "left")
    json.update("appearance.fontScale", value: "10.0")
    json.update("appearance.text[0]", value: "Digitally signed by: cert_cn")
    json.update("appearance.text[1]", value: "current_dt")
    json.update("appearance.text[2]", value: "Hello 123 ABC")

    // --------------------------------------------------------------
    // Load the signing certificate. (Use your own certificate.)
    // Note: There are other methods for using a certificate on an HSM (smartcard or token)
    // or from other sources, such as a cloud HSM, a Windows installed certificate,
    // or other file formats.
    let cert = CkoCert()!
    success = cert.loadPfxFile("c:/myPfxFiles/myPdfSigningCert.pfx", password: "pfxPassword")
    if success == false {
        print("\(cert.lastErrorText!)")
        return
    }

    // Once we have the certificate object, tell the PDF object to use it for signing
    success = pdf.setSigning(cert)
    if success == false {
        print("\(pdf.lastErrorText!)")
        return
    }

    // Sign the PDF, creating the output file.
    var outFilePath: String? = "c:/someDir/mySigned.pdf"
    success = pdf.sign(json, outFilePath: outFilePath)
    if success == false {
        print("\(pdf.lastErrorText!)")
        return
    }

    print("Success.")

}