(Unicode C) Sign PDF in PAdES (ETSI EN 319 142) standard

See more PDF Signatures Examples

Chilkat can sign PDF's to satisfy any of the different PDF signing levels, such as:

PAdES-Baseline: This is the basic level of PAdES compliance. It specifies the minimum requirements for creating an advanced electronic signature in a PDF document. PAdES-Baseline signatures typically include the signature itself, signer's identity information, and certificate validation data.

PAdES-B: PAdES-B is an extension of PAdES-Baseline that adds support for time-stamping the signature. Time-stamping ensures that the signature remains valid even after the expiration of the signer's certificate.

PAdES-LTV (Long-Term Validation), PAdES-LTA: PAdES-LTV adds additional features to ensure the long-term validity and integrity of signatures. It includes mechanisms for embedding validation-related information, such as certificate revocation status and validation policies, directly into the PDF document. This allows the signature to be validated even if the signer's certificate has expired or been revoked.

PAdES-T: PAdES-T is similar to PAdES-B, but it requires the use of a secure time-stamp from a trusted time-stamping authority. This provides additional assurance of the signature's time validity.

PAdES-C: PAdES-C adds support for multiple signers to sign the same PDF document sequentially or concurrently.

PAdES-X: PAdES-X is an extension of PAdES-Baseline that adds support for the use of external signature policies. External signature policies define additional requirements and constraints for creating and validating signatures.

Chilkat C/C++ Library Downloads
MS Visual C/C++ Linux/CentOS C/C++ Alpine Linux C/C++ MAC OS X C/C++	armhf/aarch64 C/C++ C++ Builder iOS C/C++ Android C/C++	Solaris C/C++ MinGW C/C++

#include <C_CkPdfW.h>
#include <C_CkJsonObjectW.h>
#include <C_CkCertW.h>

void ChilkatSample(void)
    {
    HCkPdfW pdf;
    BOOL success;
    HCkJsonObjectW json;
    HCkCertW cert;
    const wchar_t *outFilePath;

    pdf = CkPdfW_Create();

    // Load a PDF to be signed.
    success = CkPdfW_LoadFile(pdf,L"c:/someDir/my.pdf");
    if (success == FALSE) {
        wprintf(L"%s\n",CkPdfW_lastErrorText(pdf));
        CkPdfW_Dispose(pdf);
        return;
    }

    // Options for signing are specified in JSON.
    json = CkJsonObjectW_Create();

    // ---------------------------------------------------------------------
    // The JSON signing attributes are what controls the level of 
    // PAdES signature produced (i.e. PAdES-LTV, PAdES-B-LTA, etc)
    // 
    // The best way to know what attributes to provide, and the values for
    // for each attribute, is to find an already signed PDF that meets your 
    // requirements, and pass it to Chilkat's online tool at Generate PDF Signing Code
    // The online tool will analyze the signed PDF and will generate code with the
    // JSON signing attributes that will produce a signed PDF with the same features.
    CkJsonObjectW_UpdateString(json,L"subFilter",L"/ETSI.CAdES.detached");
    CkJsonObjectW_UpdateBool(json,L"signingCertificateV2",TRUE);
    CkJsonObjectW_UpdateString(json,L"signingAlgorithm",L"pkcs");
    CkJsonObjectW_UpdateString(json,L"hashAlgorithm",L"sha256");

    // -----------------------------------------------------------
    // The following JSON settings define the signature appearance.
    CkJsonObjectW_UpdateInt(json,L"page",1);
    CkJsonObjectW_UpdateString(json,L"appearance.y",L"top");
    CkJsonObjectW_UpdateString(json,L"appearance.x",L"left");
    CkJsonObjectW_UpdateString(json,L"appearance.fontScale",L"10.0");
    CkJsonObjectW_UpdateString(json,L"appearance.text[0]",L"Digitally signed by: cert_cn");
    CkJsonObjectW_UpdateString(json,L"appearance.text[1]",L"current_dt");
    CkJsonObjectW_UpdateString(json,L"appearance.text[2]",L"Hello 123 ABC");

    // --------------------------------------------------------------
    // Load the signing certificate. (Use your own certificate.)
    // Note: There are other methods for using a certificate on an HSM (smartcard or token)
    // or from other sources, such as a cloud HSM, a Windows installed certificate,
    // or other file formats.
    cert = CkCertW_Create();
    success = CkCertW_LoadPfxFile(cert,L"c:/myPfxFiles/myPdfSigningCert.pfx",L"pfxPassword");
    if (success == FALSE) {
        wprintf(L"%s\n",CkCertW_lastErrorText(cert));
        CkPdfW_Dispose(pdf);
        CkJsonObjectW_Dispose(json);
        CkCertW_Dispose(cert);
        return;
    }

    // Once we have the certificate object, tell the PDF object to use it for signing
    success = CkPdfW_SetSigningCert(pdf,cert);
    if (success == FALSE) {
        wprintf(L"%s\n",CkPdfW_lastErrorText(pdf));
        CkPdfW_Dispose(pdf);
        CkJsonObjectW_Dispose(json);
        CkCertW_Dispose(cert);
        return;
    }

    // Sign the PDF, creating the output file.
    outFilePath = L"c:/someDir/mySigned.pdf";
    success = CkPdfW_SignPdf(pdf,json,outFilePath);
    if (success == FALSE) {
        wprintf(L"%s\n",CkPdfW_lastErrorText(pdf));
        CkPdfW_Dispose(pdf);
        CkJsonObjectW_Dispose(json);
        CkCertW_Dispose(cert);
        return;
    }

    wprintf(L"Success.\n");


    CkPdfW_Dispose(pdf);
    CkJsonObjectW_Dispose(json);
    CkCertW_Dispose(cert);

    }