Sample code for 30+ languages & platforms
Swift

Get PDF DSS (Document Security Store)

See more PDF Signatures Examples

This example demonstrates how to extract the information from a PDF's DSS (Document Security Store), if a /DSS exists. (Just because a PDF is signed does not mean a /DSS will exists. In fact, the /DSS is typically created at the point of adding the 2nd or greater signature because the /DSS contains LTV (long term validation) information about the previous signature at the time of adding an additional signature.)

Note: This example requires Chilkat v9.5.0.85 or greater.

Chilkat Swift Downloads

Swift

func chilkatTest() {
    var success: Bool = false

    // This example requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    let pdf = CkoPdf()!

    success = pdf.loadFile(filePath: "qa_data/pdf/sign_testing_1/helloSigned2.pdf")
    if success == false {
        print("\(pdf.lastErrorText!)")
        return
    }

    let json = CkoJsonObject()!
    json.emitCompact = false

    success = pdf.getDss(json: json)
    print("\(json.emit()!)")

    // The document security store contains certificates, OCSP responses, and CRLs.
    // The following JSON is a sample of what the /DSS can contain.
    // Unfortunately, our sample contains /Certs and /OCSPs, but no /CRLs.
    // It's no problem because whatever JSON you get back, you can use the
    // following online tool to generate code to parse.
    // Generate Parsing Code from JSON

    // The code generated by the online tool for this JSON is shown below..

    // {
    //   "/VRI": {
    //     "/EC5BB34CC1F8A0C5FE674427E16E313A08C80808": {}
    //   },
    //   "/Certs": [
    //     {
    //       "serial": "02",
    //       "validFrom": "2011-08-07T19:00:00-05:00",
    //       "validTo": "2021-08-10T23:59:59-05:00",
    //       "expired": false,
    //       "subject": {
    //         "CN": "XYZ Corporation",
    //         "O": "XYZ"
    //       },
    //       "issuer": {
    //         "CN": "XYZ Corporation",
    //         "O": "XYZ"
    //       },
    //       "keyType": "RSA",
    //       "keySize": "2048",
    //       "der": "MIIDz...Q4Zt"
    //     },
    //     {
    //       "serial": "01",
    //       "validFrom": "2011-08-07T19:00:00-05:00",
    //       "validTo": "2021-08-10T23:59:59-05:00",
    //       "expired": false,
    //       "subject": {
    //         "CN": "XYZ Corporation",
    //         "O": "XYZ"
    //       },
    //       "issuer": {
    //         "CN": "XYZ Corporation",
    //         "O": "XYZ"
    //       },
    //       "keyType": "RSA",
    //       "keySize": "2048",
    //       "der": "MIID...jXYFc="
    //     },
    //     {
    //       "serial": "0AA125D6D6321B7E41E405DA3697C215",
    //       "validFrom": "2016-01-07T06:00:00-06:00",
    //       "validTo": "2031-01-07T12:00:00-06:00",
    //       "expired": false,
    //       "subject": {
    //         "CN": "DigiCert SHA2 Assured ID Timestamping CA",
    //         "OU": "www.digicert.com",
    //         "O": "DigiCert Inc",
    //         "C": "US"
    //       },
    //       "issuer": {
    //         "CN": "DigiCert Assured ID Root CA",
    //         "OU": "www.digicert.com",
    //         "O": "DigiCert Inc",
    //         "C": "US"
    //       },
    //       "keyType": "RSA",
    //       "keySize": "2048",
    //       "der": "MIIF...OUg=="
    //     },
    //     {
    //       "serial": "04CD3F8568AE76C61BB0FE7160CCA76D",
    //       "validFrom": "2019-09-30T19:00:00-05:00",
    //       "validTo": "2030-10-17T00:00:00-05:00",
    //       "expired": false,
    //       "subject": {
    //         "CN": "TIMESTAMP-SHA256-2019-10-15",
    //         "O": "DigiCert, Inc.",
    //         "C": "US"
    //       },
    //       "issuer": {
    //         "CN": "DigiCert SHA2 Assured ID Timestamping CA",
    //         "OU": "www.digicert.com",
    //         "O": "DigiCert Inc",
    //         "C": "US"
    //       },
    //       "keyType": "RSA",
    //       "keySize": "2048",
    //       "der": "MIIG...MJtPc="
    //     },
    //     {
    //       "serial": "0CE7E0E517D846FE8FE560FC1BF03039",
    //       "validFrom": "2006-11-09T18:00:00-06:00",
    //       "validTo": "2031-11-10T00:00:00-06:00",
    //       "expired": false,
    //       "subject": {
    //         "CN": "DigiCert Assured ID Root CA",
    //         "OU": "www.digicert.com",
    //         "O": "DigiCert Inc",
    //         "C": "US"
    //       },
    //       "issuer": {
    //         "CN": "DigiCert Assured ID Root CA",
    //         "OU": "www.digicert.com",
    //         "O": "DigiCert Inc",
    //         "C": "US"
    //       },
    //       "keyType": "RSA",
    //       "keySize": "2048",
    //       "der": "MIIDt...FL6Lw8g=="
    //     },
    //     {
    //       "serial": "E4D34D01798BE686424AF7F6F0C3BF41",
    //       "validFrom": "2015-03-24T10:58:16-05:00",
    //       "validTo": "2039-12-31T23:59:59-06:00",
    //       "expired": false,
    //       "subject": {
    //         "CN": "www.xyz.com"
    //       },
    //       "issuer": {
    //         "CN": "www.xyz.com"
    //       },
    //       "keyType": "RSA",
    //       "keySize": "1024",
    //       "der": "MIIB9DCCAWG...UR10lz"
    //     }
    //   ],
    //   "/OCSPs": [
    //     {
    //       "responseStatus": 0,
    //       "responseTypeOid": "1.3.6.1.5.5.7.48.1.1",
    //       "responseTypeName": "ocspBasic",
    //       "response": {
    //         "responderIdChoice": "KeyHash",
    //         "responderKeyHash": "Reuir/SSy4IxLVGLp6chnfNtyA8=",
    //         "dateTime": "20201005173921Z",
    //         "cert": [
    //           {
    //             "hashOid": "1.3.14.3.2.26",
    //             "hashAlg": "SHA-1",
    //             "issuerNameHash": "98S+C0C1w0QzPT+uuU1uONr67FE=",
    //             "issuerKeyHash": "Reuir/SSy4IxLVGLp6chnfNtyA8=",
    //             "serialNumber": "0AA125D6D6321B7E41E405DA3697C215",
    //             "status": 0,
    //             "thisUpdate": "20201005173921Z",
    //             "nextUpdate": "20201012173921Z"
    //           }
    //         ]
    //       }
    //     },
    //     {
    //       "responseStatus": 0,
    //       "responseTypeOid": "1.3.6.1.5.5.7.48.1.1",
    //       "responseTypeName": "ocspBasic",
    //       "response": {
    //         "responderIdChoice": "KeyHash",
    //         "responderKeyHash": "9LbhIB3+Ka7S5GGlsqIlssgXNW4=",
    //         "dateTime": "20201006114501Z",
    //         "cert": [
    //           {
    //             "hashOid": "1.3.14.3.2.26",
    //             "hashAlg": "SHA-1",
    //             "issuerNameHash": "+YYA+KSr7NIxRSxCjUNQo25SyD0=",
    //             "issuerKeyHash": "9LbhIB3+Ka7S5GGlsqIlssgXNW4=",
    //             "serialNumber": "04CD3F8568AE76C61BB0FE7160CCA76D",
    //             "status": 0,
    //             "thisUpdate": "20201006114501Z",
    //             "nextUpdate": "20201013110001Z"
    //           }
    //         ]
    //       }
    //     }
    //   ]
    // }

    let responseDateTime = CkoDtObj()!
    let thisUpdate = CkoDtObj()!
    let nextUpdate = CkoDtObj()!
    var serial: String?
    var validFrom: String?
    var validTo: String?
    var expired: Bool
    var subjectCN: String?
    var subjectO: String?
    var issuerCN: String?
    var issuerO: String?
    var keyType: String?
    var keySize: String?
    var der: String?
    var subjectOU: String?
    var subjectC: String?
    var issuerOU: String?
    var issuerC: String?
    var responseStatus: Int
    var responseTypeOid: String?
    var responseTypeName: String?
    var responseResponderIdChoice: String?
    var responseResponderKeyHash: String?
    var j: Int
    var count_j: Int
    var hashOid: String?
    var hashAlg: String?
    var issuerNameHash: String?
    var issuerKeyHash: String?
    var serialNumber: String?
    var status: Int

    var i: Int = 0
    var count_i: Int = json.size(ofArray: "/Certs").intValue
    while i < count_i {
        json.i = i
        serial = json.string(of: "/Certs[i].serial")
        validFrom = json.string(of: "/Certs[i].validFrom")
        validTo = json.string(of: "/Certs[i].validTo")
        expired = json.bool(of: "/Certs[i].expired")
        subjectCN = json.string(of: "/Certs[i].subject.CN")
        subjectO = json.string(of: "/Certs[i].subject.O")
        issuerCN = json.string(of: "/Certs[i].issuer.CN")
        issuerO = json.string(of: "/Certs[i].issuer.O")
        keyType = json.string(of: "/Certs[i].keyType")
        keySize = json.string(of: "/Certs[i].keySize")
        der = json.string(of: "/Certs[i].der")
        subjectOU = json.string(of: "/Certs[i].subject.OU")
        subjectC = json.string(of: "/Certs[i].subject.C")
        issuerOU = json.string(of: "/Certs[i].issuer.OU")
        issuerC = json.string(of: "/Certs[i].issuer.C")
        i = i + 1
    }

    i = 0
    count_i = json.size(ofArray: "/OCSPs").intValue
    while i < count_i {
        json.i = i
        responseStatus = json.int(of: "/OCSPs[i].responseStatus").intValue
        responseTypeOid = json.string(of: "/OCSPs[i].responseTypeOid")
        responseTypeName = json.string(of: "/OCSPs[i].responseTypeName")
        responseResponderIdChoice = json.string(of: "/OCSPs[i].response.responderIdChoice")
        responseResponderKeyHash = json.string(of: "/OCSPs[i].response.responderKeyHash")
        json.dt(of: "/OCSPs[i].response.dateTime", bLocal: false, dt: responseDateTime)
        j = 0
        count_j = json.size(ofArray: "/OCSPs[i].response.cert").intValue
        while j < count_j {
            json.j = j
            hashOid = json.string(of: "/OCSPs[i].response.cert[j].hashOid")
            hashAlg = json.string(of: "/OCSPs[i].response.cert[j].hashAlg")
            issuerNameHash = json.string(of: "/OCSPs[i].response.cert[j].issuerNameHash")
            issuerKeyHash = json.string(of: "/OCSPs[i].response.cert[j].issuerKeyHash")
            serialNumber = json.string(of: "/OCSPs[i].response.cert[j].serialNumber")
            status = json.int(of: "/OCSPs[i].response.cert[j].status").intValue
            json.dt(of: "/OCSPs[i].response.cert[j].thisUpdate", bLocal: false, dt: thisUpdate)
            json.dt(of: "/OCSPs[i].response.cert[j].nextUpdate", bLocal: false, dt: nextUpdate)
            j = j + 1
        }

        i = i + 1
    }


}