FreeSpire.Pdf - Sign PDF with Timestamp Server

Post a reply
Spire.PDF is a professional PDF library applied to creating, writing, editing, handling and reading PDF files without any external dependencies. Get free and professional technical support for Spire.PDF for .NET, Java, Android, C++, Python.

Tue Jul 12, 2022 3:43 pm

Hey team - I'm currently proving out digitally signing an existing PDF with a timestamp server. I couldn't tell if this feature was available in the FreeSpire.PDF or not.
In the code below with the call to ConfigureTimestamp() - I receive an exception for lost private key.

If I comment out the timestamp I am able to digitally sign the PDF and reviewing in Adobe Review I see the signature is invalid with one of the reasons - "Signing time is from the clock on the signer's computer"

Code: Select all
        private static string ApplySignatures()
        {
            string sourceFilename = Path.Combine(_filePath, "TestPDF_20220624_0424.pdf");

            using (var pdf = new PdfDocument(sourceFilename))
            {
                try
                {
                    var client = new CertificateClient(vaultUri: new Uri(_vaultUrl), credential: new DefaultAzureCredential());
                    var cert = client.GetCertificate(_certName);

                    var pdfCert = new PdfCertificate(cert.Value.Cer);

                    //Create a PdfSignature object
                    var signature = new PdfSignature(pdf, pdf.Pages[pdf.Pages.Count - 1], pdfCert, "Authorization Signature");
                    signature.LocationInfo = "Cleveland, OH";
                    signature.Reason = "Authorized";

                    //Set the document permission to forbid changes but allow form fill
                    signature.DocumentPermissions = PdfCertificationFlags.ForbidChanges | PdfCertificationFlags.AllowFormFill;

                    signature.ConfigureTimestamp("https://freetsa.org/tsr");

                    //Save to another PDF file
                    var signedDocName = Path.Combine(_filePath, $"Spire_SignedDocument_{DateTime.UtcNow.ToString("yyyyMMdd-mmss")}.pdf");
                    pdf.SaveToFile(signedDocName);
                    pdf.Close();

                    return signedDocName;
                }
                catch (Exception ex)
                {
                    Console.WriteLine(ex.Message);
                    return "";
                }
            }
        }

virtuous_jaredb
 
Posts: 2
Joined: Tue Jul 12, 2022 3:22 pm

Wed Jul 13, 2022 6:43 am

Hi,

Thank you for your inquiry.
Our free version support signing PDF document with a timestamp server. I did an initial test, but didn't reproduce your problem. I guess your certificate may be the cause of the error, you can share it with us for investigation or try using other certificate.
In addition, I suggest you try the latest commercial version(Spire.PDF Pack(Hot Fix) Version:8.7.2) as it is more stable than the free version. If the issue still exists, please provide the following information for further investigation. You can attach your file here or send it to us via email (support@e-iceblue.com). Thanks in advance.
1) Your PDF document.
2) Test environment, such as win10, 64bit.
3) Application type, such as Console App, .NET Framework 4.8.

Sincerely,
Kylie
E-iceblue support team
User avatar

kylie.tian
 
Posts: 412
Joined: Mon Mar 07, 2022 2:30 am

Thu Aug 04, 2022 2:47 pm

I found my issue was with how I retrieved the certificate from Azure KeyVault. I need to use the DownloadCertifcate() method to get the full private cert.

"Because Cer contains only the public key, this method attempts to download the managed secret that contains the full certificate."
- per Azure SDK for .Net on Microsoft docs under CertificateClient.DownloadCertificate Method

Updated Code
Code: Select all
private static string ApplySignatures()
        {
            string sourceFilename = Path.Combine(_filePath, "TestPDF_20220624_0424.pdf");

            using (var pdf = new PdfDocument(sourceFilename))
            {
                try
                {
                    var client = new CertificateClient(vaultUri: new Uri(_vaultUrl), credential: new DefaultAzureCredential());
                    var cert = client.DownloadCertificate(_certName);
                    var pdfCert = new PdfCertificate(cert.Value);

                    //Create a PdfSignature object
                    var signature = new PdfSignature(pdf, pdf.Pages[pdf.Pages.Count - 1], pdfCert, "Authorization Signature");
                    signature.LocationInfo = "Cleveland, OH";
                    signature.Reason = "Authorized";

                    //Set the document permission to forbid changes but allow form fill
                    signature.DocumentPermissions = PdfCertificationFlags.ForbidChanges | PdfCertificationFlags.AllowFormFill;

                    signature.ConfigureTimestamp("http://timestamp.digicert.com/");

                    //Save to another PDF file
                    var signedDocName = Path.Combine(_filePath, $"Spire_SignedDocument_{DateTime.UtcNow.ToString("yyyyMMdd-mmss")}.pdf");
                    pdf.SaveToFile(signedDocName);
                    pdf.Close();

                    return signedDocName;
                }
                catch (Exception ex)
                {
                    Console.WriteLine(ex.Message);
                    return "";
                }
            }
        }

virtuous_jaredb
 
Posts: 2
Joined: Tue Jul 12, 2022 3:22 pm

Fri Aug 05, 2022 9:44 am

Hi,

Glad to hear that you solved the issue. If you need assistance in the future, please don't hesitate to contact us.
Wish you a nice day :D

Sincerely,
Kylie
E-iceblue support team
User avatar

kylie.tian
 
Posts: 412
Joined: Mon Mar 07, 2022 2:30 am
Post a reply

Return to Spire.PDF