Q: Can you describe what the
APIs for PDF digital signatures, with what backends it works with, what is the
technology and how the user uses it, Or perhaps you have a paper
describing this feature?
---------
A:
To briefly describe
PDFNet's digital signatures API, it is essentially a framework for signing PDF
documents. The API is designed to be flexible to allow as much fine grain
control for users. The most important component of this API is PDFNet's SignatureHandler
interface. The implementation of SignatureHandler is what will provide PDFNet
the code and logic to cryptographically sign a PDF file. The SignatureHandler
interface provides the following methods for the user to implement:
1. GetName - Gets the name of the SignatureHandler. The name of the
SignatureHandler is what identifies this SignatureHandler from all others. This
name is also added to the PDF as the value of /Filter entry in the signature
dictionary.
2. AppendData - Adds data to be signed. This data will be the raw serialized
byte buffer as the PDF is being saved to any stream.
3. Reset - Resets any data appending and signature calculations done so far.
This method should allow PDFNet to restart the whole signature calculation
process.
4. CreateSignature - Calculates the actual signature using client implemented
signing methods. The returned value (byte array) will be written as the
/Contents entry in the signature dictionary.
The general usage of PDFNet's digital signatures API will be as follows:
1. Implement the SignatureHandler interface. The implementation details are
left up to the user. The sample code that we provide uses OpenSSL to create
digital signatures using PKCS#7 standards (the recommended standard for signing
PDF files), but the user is free to use any other cryptographic libraries like
Botan, Crypto++, Common Crypto (for OSX), CryptoAPI (for Windows), and so on.
2. Open the PDF file to sign with PDFDoc class. Register the implemented
SignatureHandler to this PDFDoc instance.
3. Create or select an existing signature form field from the PDFDoc and assign
the implemented SignatureHandler to this form field.
4. Save the PDFDoc. During this stage, PDFNet will check for any signature form
fields that are associated with SignatureHandler. If there are such
associations, PDFNet will perform the necessary steps (by calling implemented
code in SignatureHandler) to add signature to the form field.
There can be more intermediary processing between steps 3 and 4 (like adding
digital signature appearance). For more details, please see the sample code below.