We use cookies to give you the best experience on our website. If you continue to browse, then you agree to our privacy policy and cookie policy. Image for the cookie policy date

Signing PDF documents

Hello,
I am struggling to sign PDF documents with a certificate. I was able to follow a simple demo and sign document with a locally created certificate and which was then loaded in code using
var certificate = new X509Certificate2(data, @"0123456789");
var certificatPdf = new PdfCertificate(certificate);
pdfFactory.Sign(signature.FieldName, certificatPdf, signature.FullName...
but now I am implementing this in our application and we have a separate certificate and private key stored in PEM format. I am able to load the certificate from PEM, but then when I export the PDF, I get an exception from Syncfusion: "No private key". Any idea how to import the private key from PEM to the certificate object to be able to sign the document?
Best regards,
Daniel

5 Replies

SL Sowmiya Loganathan Syncfusion Team July 24, 2019 05:47 AM

Hi Daniel, 
 
Thank you for contacting Syncfusion support. 
 
At present we do only support to load the certificate as in the form of .pfx file with private key, So we have created a workaround solution for generating the .pfx file from the certificate and private key (PEM format) with the help of BouncyCastle Library and signed the generated pfx to the PDF document. Please find the below sample for further details.  
  
 
Kindly try the above sample in your end and let us know if it satisfies your requirement.  
 
Regards, 
Sowmiya L 



DK Daniel Kraut July 30, 2019 11:32 PM

Hi,

in my case there is still a problem, because reading the private key file using Org.BouncyCastle.OpenSsl.PemReader I get InvalidCastException at the line 34:

AsymmetricCipherKeyPair KeyPair = (AsymmetricCipherKeyPair)pmr.ReadObject();

in my case, ReadObject returns an object of type Org.BouncyCastle.Crypto.Parameters.RsaPrivateCrtKeyParameters. We have managed to create a similiar workaround for ourselves, but it still feels wrong parsing and serializing the certificates over and over and we do it for a certificate chain with certificate authorities, which is being noticed on mobile platforms. Also when you say that you support only .pfx files, why is there this PdfCertificate constructor:

public PdfCertificate(X509Certificate2 x509Certificate2);

?

Regards,
Daniel



SL Sowmiya Loganathan Syncfusion Team August 1, 2019 03:19 AM

Hi Daniel, 
 
n my case there is still a problem, because reading the private key file using Org.BouncyCastle.OpenSsl.PemReader I get InvalidCastException at the line 34: 
 
AsymmetricCipherKeyPair KeyPair = (AsymmetricCipherKeyPair)pmr.ReadObject(); 
 
in my case, ReadObject returns an object of type Org.BouncyCastle.Crypto.Parameters.RsaPrivateCrtKeyParameters. We have managed to create a similiar workaround for ourselves, but it still feels wrong parsing and serializing the certificates over and over and we do it for a certificate chain with certificate authorities, which is being noticed on mobile platforms.  
 
The sample which we have provided in the previous update is works fine in our end. Could you please share the certificate and private key (PEM format) used in your end. It will helpful for us to provide the precise solution on this. 
 
 
Also when you say that you support only .pfx files, why is there this PdfCertificate constructor: 
 
public PdfCertificate(X509Certificate2 x509Certificate2); 
 
This constructor is used to get the certificate from certificate store. If you want to get certificate from store, you can use this overload.  
 
Note: In certificate store, the loaded certificate should have a private key.  
 
Regards, 
Sowmiya L 



DK Daniel Kraut August 5, 2019 10:25 PM

Hi Sowmiya,

I have attached a certificate and private key, which you can just replace in your demo code. These will throw the exception I described.

Regards,
Daniel

Attachment: certkey_6cc1641b.zip


SL Sowmiya Loganathan Syncfusion Team August 7, 2019 04:03 AM

Hi Daniel, 
 
We have modified the sample with the provided private key and certificate file. Please find the sample for the same from below, 
 
 
 
Please try the above sample in your end and let us know if it solves the issue. 
 
Regards, 
Sowmiya L 



Loader.
Live Chat Icon For mobile
Up arrow icon