Signing PDF documents
Hello,
I am struggling to sign PDF documents with a certificate. I was able to follow a simple demo and sign document with a locally created certificate and which was then loaded in code using
var certificate = new X509Certificate2(data, @"0123456789");
var certificatPdf = new PdfCertificate(certificate);
pdfFactory.Sign(signature.FieldName, certificatPdf, signature.FullName...
but now I am implementing this in our application and we have a separate certificate and private key stored in PEM format. I am able to load the certificate from PEM, but then when I export the PDF, I get an exception from Syncfusion: "No private key". Any idea how to import the private key from PEM to the certificate object to be able to sign the document?
Best regards,
Daniel
SIGN IN To post a reply.
5 Replies
SL
Sowmiya Loganathan
Syncfusion Team
July 24, 2019 01:47 PM UTC
Hi Daniel,
Thank you for contacting Syncfusion support.
At present we do only support to load the certificate as in the form of .pfx file with private key, So we have created a workaround solution for generating the .pfx file from the certificate and private key (PEM format) with the help of BouncyCastle Library and signed the generated pfx to the PDF document. Please find the below sample for further details.
Sample link: https://www.syncfusion.com/downloads/support/forum/146153/ze/DigitalSignature1667051591
Kindly try the above sample in your end and let us know if it satisfies your requirement.
Regards,
Sowmiya L
DK
Daniel Kraut
July 31, 2019 07:32 AM UTC
Hi,
in my case there is still a problem, because reading the private key file using Org.BouncyCastle.OpenSsl.PemReader I get InvalidCastException at the line 34:
AsymmetricCipherKeyPair KeyPair = (AsymmetricCipherKeyPair)pmr.ReadObject();
in my case, ReadObject returns an object of type Org.BouncyCastle.Crypto.Parameters.RsaPrivateCrtKeyParameters. We have managed to create a similiar workaround for ourselves, but it still feels wrong parsing and serializing the certificates over and over and we do it for a certificate chain with certificate authorities, which is being noticed on mobile platforms. Also when you say that you support only .pfx files, why is there this PdfCertificate constructor:
public PdfCertificate(X509Certificate2 x509Certificate2);
?
Regards,
Daniel
SL
Sowmiya Loganathan
Syncfusion Team
August 1, 2019 11:19 AM UTC
Hi Daniel,
|
n my case there is still a problem, because reading the private key file using Org.BouncyCastle.OpenSsl.PemReader I get InvalidCastException at the line 34:
AsymmetricCipherKeyPair KeyPair = (AsymmetricCipherKeyPair)pmr.ReadObject();
in my case, ReadObject returns an object of type Org.BouncyCastle.Crypto.Parameters.RsaPrivateCrtKeyParameters. We have managed to create a similiar workaround for ourselves, but it still feels wrong parsing and serializing the certificates over and over and we do it for a certificate chain with certificate authorities, which is being noticed on mobile platforms.
|
The sample which we have provided in the previous update is works fine in our end. Could you please share the certificate and private key (PEM format) used in your end. It will helpful for us to provide the precise solution on this.
|
|
Also when you say that you support only .pfx files, why is there this PdfCertificate constructor:
public PdfCertificate(X509Certificate2 x509Certificate2);
|
This constructor is used to get the certificate from certificate store. If you want to get certificate from store, you can use this overload.
Note: In certificate store, the loaded certificate should have a private key. |
Regards,
Sowmiya L
DK
Daniel Kraut
August 6, 2019 06:25 AM UTC
Hi Sowmiya,
Attachment: certkey_6cc1641b.zip
I have attached a certificate and private key, which you can just replace in your demo code. These will throw the exception I described.
Regards,
Daniel
Attachment: certkey_6cc1641b.zip
SL
Sowmiya Loganathan
Syncfusion Team
August 7, 2019 12:03 PM UTC
Hi Daniel,
We have modified the sample with the provided private key and certificate file. Please find the sample for the same from below,
Please try the above sample in your end and let us know if it solves the issue.
Regards,
Sowmiya L
SIGN IN To post a reply.
- 5 Replies
- 2 Participants
-
DK Daniel Kraut
- Jul 23, 2019 11:03 AM UTC
- Aug 7, 2019 12:03 PM UTC
