5,447,640 members and growing! (20,701 online)
Email Password   helpLost your password?
Web Development » ASP.NET » General     Intermediate

E-signing PDF documents with iTextSharp

By Alaa-eddine KADDOURI

an example demonstrating how to sign PDF documents with iTextSharp library
C#, .NET, WinXP, Windows, Visual Studio, ASP.NET, Dev

Posted: 17 Jun 2006
Updated: 17 Jun 2006
Views: 72,270
Bookmarked: 45 times
Announcements
Want a new Job?



Search    
Advanced Search
Sitemap
10 votes for this Article.
Popularity: 3.73 Rating: 3.73 out of 5
1 vote, 10.0%
1
2 votes, 20.0%
2
0 votes, 0.0%
3
2 votes, 20.0%
4
5 votes, 50.0%
5
Note: This is an unedited contribution. If this article is inappropriate, needs attention or copies someone else's work without reference then please Report This Article

Sample Image - Esignature.jpg

Introduction

In this article I will present a simple source code allowing you to digitally sign a PDF document and modify its Meta data. I will use the excellent and free port of iText library : iTextSharp that can be downloaded here.
You'll need Visual Studio 2005 to be able to open and build the project

If you don’t know what are digital signatures or how does they work, you can go here or here or simply ask Google :)

iTextSharp provides a lot of interesting features to create and manipulate PDF documents, but in this article we will only use digital signature functions.
I will also use some function to manipulate pkcs#12 certificates, the only thing you need to know here is that our digital signature will use a private key extracted from a pkcs#12 certificate.

Getting started

So the first thing you have to do is to install a certificate on your browser, if you don’t have one you can install demo certificate from here.
Then extract the pkcs#12 certificate as described bellow :

  • Open Internet explorer and click on tools then internet options
  • Go to 'content' tab and click 'certificats'
  • Choose a certificate from the list and click Export
  • Follow the wizard and when asked choos to include private key with extracted certificate
  • Enter a password when prompted (dont give an empty one!!!)

You are now ready to use the code provided in this article.
Using the signature example:
1 – compile and run the example
2 – browse to the PDF source file you want to sign
3 – browse and choose a destination pdf file
4 – add/modify the PDF meta data if you want
5 – browse to the certificate (the .pfx file) you just extracted and choose it
6 – give the password you used to extract the certificate
5 – add signature information if needed (reason, contact and location)
6 – click sign button
In the debug box you’ll see operaion’s progress
If everything goes well open your explorer and browse to location you entered for Target file, open this file with Adobe Acrobat reader, your document is signed! =)

Now how all this work?

In the source code provided with this article, I wrote library called PDFSigner, it’s a helper package that use iTextSharp and do everything you need for digital signatures.
It contains three classes

  • Cert class: this class is used to hold a certificate and extract needed information for signature, the most important methode in this class is processCert (will be explained bellow)
  • MetaData class : holds PDF meta data
  • PDFSigner class : the construction of this class takes a Cert object and if needed a MetaData object, the most important methode here is the sign methode (will be explained bellow)

  • processCet method

            private void processCert()
            {
                    string alias = null;                                                
                    PKCS12Store pk12;
    
                    //First we'll read the certificate file
    
                    pk12 = new PKCS12Store(new FileStream(this.Path, FileMode.Open, FileAccess.Read), this.password.ToCharArray());
    
                    //then Iterate throught certificate entries to find the private key entry
    
                    IEnumerator i = pk12.aliases();
                    while (i.MoveNext())
                    {
                        alias = ((string)i.Current);
                        if (pk12.isKeyEntry(alias))
                            break;
                    }
    
                    this.akp = pk12.getKey(alias).getKey();
                    X509CertificateEntry[] ce = pk12.getCertificateChain(alias);
                    this.chain = new org.bouncycastle.x509.X509Certificate[ce.Length];
                    for (int k = 0; k < ce.Length; ++k)
                        chain[k] = ce[k].getCertificate();
    
                }
    
    
    This methode reads the certificate and iterate throught its entries to find the private key entry then extract it.
    it also construct the certificate's chain if available

    sign method

            public void Sign(string SigReason, string SigContact, string SigLocation, bool visible)
            {
                PdfReader reader = new PdfReader(this.inputPDF);
                //Activate MultiSignatures
    
                PdfStamper st = PdfStamper.CreateSignature(reader, new FileStream(this.outputPDF, FileMode.Create, FileAccess.Write), '\0', null, true);
                //To disable Multi signatures uncomment this line : every new signature will invalidate older ones !
    
                //PdfStamper st = PdfStamper.CreateSignature(reader, new FileStream(this.outputPDF, FileMode.Create, FileAccess.Write), '\0'); 
    
    
                st.MoreInfo = this.metadata.getMetaData();
                st.XmpMetadata = this.metadata.getStreamedMetaData();
                PdfSignatureAppearance sap = st.SignatureAppearance;
                
                sap.SetCrypto(this.myCert.Akp, this.myCert.Chain, null, PdfSignatureAppearance.WINCER_SIGNED);
                sap.Reason = SigReason;
                sap.Contact = SigContact;
                sap.Location = SigLocation;            
                if (visible)
                    sap.SetVisibleSignature(new iTextSharp.text.Rectangle(100, 100, 250, 150), 1, null);
                
                st.Close();
            }
    
    this function reads the content of a given pdf , then it use the read data to create a new PDF using PDFStamper.
    PDFStamper is a PDF Writer that can sign PDF documents, the signature appearence can be configured so you can add a reason, a contact and a location attributes to the signature.
    SetCrypto methode allows us to sign the document using the private key and chain certificate we extracted from the certificate file.
    And finally, the SetVisibleSignature is used if you need to add a visible signature to the document

    PDFReader, PDFStamper and PdfSignatureAppearance are provided by iTextSharp library

    Well, that’s all for now :) I hope that you found my first article useful … if you have any question or have any problem to build/run this example don’t hesitate to post a comment.

License

This article has no explicit license attached to it but may contain usage terms in the article text or the download files themselves. If in doubt please contact the author via the discussion board below.

A list of licenses authors might use can be found here

About the Author

Alaa-eddine KADDOURI



Occupation: Software Developer
Location: France France

Other popular ASP.NET articles:

Article Top
Sign Up to vote for this article
You must Sign In to use this message board.
FAQ FAQ Noise ToleranceSearch Search Messages 
 Layout  Per page   
 Msgs 1 to 25 of 87 (Total in Forum: 87) (Refresh)FirstPrevNext
Subject  Author Date 
Generaltime stamps a date and time after signature is appliedmemberrajpura20:42 2 May '08  
GeneralHow to select certiifcate from Windows Store?memberboatek4:32 11 Apr '08  
GeneralVery nice!memberMember 294305822:21 31 Jan '08  
QuestionCertificate of windowsmembervikthorAB2:27 21 Jan '08  
GeneralRe: Certificate of windowsmemberAlaa-eddine KADDOURI3:37 21 Jan '08  
GeneralRe: Certificate of windowsmembervikthorAB0:54 22 Jan '08  
GeneralRe: Certificate of windowsmemberAlaa-eddine KADDOURI2:25 22 Jan '08  
AnswerRe: Certificate of windowsmembervikthorAB7:08 22 Jan '08  
GeneralRe: Certificate of windowsmemberAlaa-eddine KADDOURI7:17 22 Jan '08  
GeneralRe: Certificate of windowsmembervikthorAB8:39 22 Jan '08  
GeneralRe: Certificate of windowsmemberAlaa-eddine KADDOURI9:11 22 Jan '08  
QuestionRe: Certificate of windowsmembervikthorAB1:01 23 Jan '08  
GeneralRe: Certificate of windowsmemberAlaa-eddine KADDOURI2:29 23 Jan '08  
GeneralRe: Certificate of windowsmembervikthorAB2:49 23 Jan '08  
GeneralRe: Certificate of windowsmemberAlaa-eddine KADDOURI4:52 23 Jan '08  
GeneralRe: Certificate of windowsmembervikthorAB6:03 23 Jan '08  
Generalcert from card readermembercheong16:44 17 Jan '08  
GeneralRe: cert from card readermemberAlaa-eddine KADDOURI3:42 21 Jan '08  
General.cert files [modified]memberoguvenis0:02 6 Dec '07  
GeneralRe: .cert filesmemberAlaa-eddine KADDOURI3:48 21 Jan '08  
GeneralTry this for ASP.NET Websitesmemberjay_dubal19:50 7 Nov '07  
Questionsmartcard readermembercheong19:34 24 Sep '07  
AnswerRe: smartcard readermemberUnknown Ajanabi20:07 7 Nov '07  
GeneralRe: smartcard readermembercheong16:47 17 Jan '08  
GeneralCert passwordmembercheong0:25 21 Sep '07  

General General    News News    Question Question    Answer Answer    Joke Joke    Rant Rant    Admin Admin   

PermaLink | Privacy | Terms of Use
Last Updated: 17 Jun 2006
Editor:
Copyright 2006 by Alaa-eddine KADDOURI
Everything else Copyright © CodeProject, 1999-2008
Web10 | Advertise on the Code Project