Pkcs7Signer Class
Allows you to create PKCS#7 signatures.
Namespace: DevExpress.Pdf
Assembly: DevExpress.Pdf.v23.2.Core.dll
NuGet Package: DevExpress.Pdf.Core
Declaration
Remarks
Use a Pkcs7Signer object to create a PKCS#7 signature.
Pass the Pkcs7Signer object to the PdfSignatureBuilder object constructor to apply a PKCS#7 signature to the form field.
Tip
You can use the Pkcs7Signer object when you use PdfDocumentProcessor to sign a document. Refer to the following article for a code sample. Note that this approach has limitations: How to: Use PdfDocumentProcessor to Add a Visual Signature to a Document
Create a Signature
Specify a certificate and a password to create a signature. The PDF Document API supports .pfx files with an X.509 certificate.
You can also specify the signature’s hash algorithm. PDF Document API supports SHA1, SHA256, SHA384 and SHA512 algorithm types.
Note
The SHA1 hash type may affect the signature’s integrity, authenticity, and legal validity.
The code sample below shows how to create a PKCS#7 signature:
Pkcs7Signer pkcs7Signature =
new Pkcs7Signer("Signing Documents//testcert.pfx", "123", HashAlgorithmType.SHA256);
Add a Timestamp to a Signature
Use the TsaClient object to create a timestamp for a signature. You can create a ITsaClient implementation to use a custom timestamp client.
The code sample below shows how to create a signature with a timestamp:
ITsaClient tsaClient = new TsaClient(new Uri(@"https://freetsa.org/tsr"), HashAlgorithmType.SHA256);
Pkcs7Signer pkcs7Signature = new Pkcs7Signer("Signing Documents//testcert.pfx", "123", HashAlgorithmType.SHA256, tsaClient);
Create a PAdES Signature
Use the PdfSignatureProfile enumeration to create a signature with a PAdEs baseline profile. Pass the PdfSignatureProfile.PAdES_BES field to the Pkcs7Signer object, as shown below:
using DevExpress.Pdf;
using DevExpress.Office.DigitalSignatures;
using DevExpress.Office.Tsp;
using (var signer = new PdfDocumentSigner("Document.pdf"))
{
IOcspClient ocspClient = new OcspClient();
ICrlClient crlClient = new CrlClient();
// the freetsa client is used for demonstration purposes
ITsaClient tsaClient = new TsaClient(new Uri(@"https://freetsa.org/tsr"), PdfHashAlgorithm.SHA256);
// Create a PKCS#7 signature:
Pkcs7Signer pkcs7Signature = new Pkcs7Signer("Signing Documents//testcert.pfx", "123",
HashAlgorithmType.SHA256, tsaClient, ocspClient, crlClient, PdfSignatureProfile.PAdES_BES);
// Create a new signature field:
var signatureFieldInfo = new PdfSignatureFieldInfo(1);
signatureFieldInfo.Name = "SignatureField";
signatureFieldInfo.SignatureBounds = new PdfRectangle(10, 10, 150, 150);
// Apply a signature with a new signature:
var signature =
new PdfSignatureBuilder(pkcs7Signature, signatureFieldInfo);
// Sign and save the document:
signer.SaveDocument("SignedDocument.pdf", signature);
}