How to add timestamp using external signature

Question

I follow this example: https://www.syncfusion.com/blogs/post/create-validate-pdf-digital-signatures-csharp.aspx#digitally-sign-a-PDF-document-with-an-external-signature I was able to successfully sign the PDF. I get the certificate from my smart card using X509Store store2 = new X509Store(StoreName.My); and passed instead of the certificate in the example.The PDF is singed my I need to add TIMESTAMP with the Timestamp Server http://tsa.sinpe.fi.cr/tsaHttp/ Can I get some help of how to add timestamp from server using var cmsSigner = new CmsSigner(certificate);
//Set the digest algorithm SHA256.
cmsSigner.DigestAlgorithm = new Oid("2.16.840.1.101.3.4.2.1");
signedCms.ComputeSignature(cmsSigner);
//Embed the encoded digital signature to the PDF document.
arguments.SignedData = signedCms.Encode();I already test using signature.TimeStampServer = new TimeStampServer(new Uri("http://tsa.sinpe.fi.cr/tsaHttp/")); but it doesn't work.I attached the code.Attachment: DigitalSignatureSample_a7996e79.rar

Gowthamraj Kumar · Answer

Hi GerardoWe have tried to reproduce the reported issue with the provided
sample on our end, but it is working properly. We can add a timestamp by using IPdfExternalSigner
for external signing to a PDF document We have attached the output document for
your reference, please try the sample with your registered license key on your
end and let us know the result.

Syncfusion.Licensing.SyncfusionLicenseProvider.RegisterLicense("YOUR
  LICENSE KEY");

Please find the below link,
https://help.syncfusion.com/file-formats/licensing/how-to-register-in-an-applicationDeferred signing: https://help.syncfusion.com/file-formats/pdf/working-with-digitalsignature#deferred-signing-in-pdf-documentWe have attached the generated document with licensing key, please find the output document link,Output: https://www.syncfusion.com/downloads/support/directtrac/general/pd/CreateLTVinanexternalsignature-1901089152https://www.syncfusion.com/downloads/support/directtrac/general/pd/LTV_document1672195567 Please follow the below steps to validate the digital
signature,
 Right
     click the signature and go to show signature properties.

Click
     Show Signer’s Certificate button and go to Trust tab.

In the
     trust tab, click the add to Trusted certificates

Now,
     enabled the certified documents and click OK.

Then
     right click the signature and validate it. Now the signature and timestamp
     will be valid.

Regards,Gowthamraj K

Gerardo Saborio · Answer

In the example you provide for Deferred Signing, in the article is the code and it show this:

public static string PublicCert = "MIIDFTCCAf2gAwIBAgIQMjdwZGujtplDiSGarQzO1DANBgkqhkiG9w0BAQsFADAXMRUwEwYDVQQDEwxUZXN0Q2VydFJvb3QwHhcNMTkwOTA5MDg0MzM5WhcNMzkxMjMxMjM1OTU5WjAXMRUwEwYDVQQDEwxUZXN0Q2VydFJvb3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCWs+BZKfWf5cZauYDpXPlHUZour4oNaGoAfySXUD28KLNxCI6AWlK+UV+JJWgcrJ9SpLuoxQb1384gZhQMe4RFtILQpxx9nAxtwsd7/6OLI4G9TRIdy6PJ2OHyHKL9ZqI/+XkUbgznUF9o0F2VlQwszSCQREDQ5PxcGy/GWS71ZT1tvs8iqMVi3PCUH8ERwqTwIhWvRt6weVZ/daR9rNqkEPkpT5tQPMGvmqEinxbjpO8h8gU91rXbiHaY7QlDgCmEy3zWVIROR56x3ZJv5/xjJ/ya4X51P3DcLNGgUTRre0cYXHfnyTQAVFDGxEGsTd4xOnMWrbMaoeRBt8dtBGNBAgMBAAGjXTBbMA8GA1UdEwEB/wQFMAMBAf8wSAYDVR0BBEEwP4AQk/aIkhJaRQ2nRg1ECf13f6EZMBcxFTATBgNVBAMTDFRlc3RDZXJ0Um9vdIIQMjdwZGujtplDiSGarQzO1DANBgkqhkiG9w0BAQsFAAOCAQEAbcFInTXT+08eV1JyrkMsR3HZGtPXyAGRSiZkMJJKE1MU79fFXCiQf6/UpCV76vdCCSOrZLJweUeZPLznZhOxu9aEGnA0CPEcphYUVT9J8aV8MpQJu5DKGbphdBuZNlBQvVg9Yxs0T7Ne49S3s2EUL/w6tFoBuGh1ar9rc3IRmJA8WM2orz4Q8bVhYdtlxWynfx3idCv7pQDymHmB0Wt5iSlcAfcDrZb7YSq+VYIHzAZatefjGRSsbRuVpSfz3dt+cVttKbY3mOWD4zaUvPvKs6bWznxStEBHomcWd3DymekC78aI9XKLmetddpzx6eOgf9Vju8KuO+udGDpoPy2apw==";

I have my certificate in the smart card and I cant exported the Private Key. How do I get the Public Key of the certificate to replace the above code?

Is the public code from my certificate or from the Authority Certificate?

Gerardo Saborio · Answer

Please review this video:https://drive.google.com/file/d/1mdtJecpGx3VE_Vt-w7VcBs_wj0QB_STV/view?usp=drivesdk

Irfana Jaffer Sadhik · Answer

Hi Gerardo,We request you to go with the procedure 1- “CreateSigedPDFwithLTV() ”  to add timestamp to the pdf document. This will add timestamp details properly to the pdf document. Deferred signing is not suites your requirement, so we suggest following this code signing from store certificate and add timestamp. Please refer the below code snippet to achieve this://Load existing PDF document. PdfLoadedDocument document = new PdfLoadedDocument("PDF_Succinctly.pdf"); //Load digital ID with password. X509Store store2 = new X509Store(StoreName.My); store2.Open(OpenFlags.ReadOnly); X509Certificate2 cert = store2.Certificates[8]; PdfCertificate certificate = new PdfCertificate(cert); //Create a signature with loaded digital ID. PdfSignature signature = new PdfSignature(document, document.Pages[0], certificate, "DigitalSignature");//Signature Appereancesignature.Bounds = new System.Drawing.RectangleF(40, 40, 350, 100);//PdfImage image = PdfImage.FromFile("signature.png");PdfStandardFont font = new PdfStandardFont(PdfFontFamily.Helvetica, 15);signature.Appearance.Normal.Graphics.DrawRectangle(PdfPens.Black, PdfBrushes.White, new System.Drawing.RectangleF(50, 0, 300, 100));//signature.Appearance.Normal.Graphics.DrawImage(image, 0, 0, 100, 100);signature.Appearance.Normal.Graphics.DrawString("Firmado Digitalmente por GESM", font, PdfBrushes.Black, 120, 17);signature.Appearance.Normal.Graphics.DrawString("Reason: Testing signature", font, PdfBrushes.Black, 120, 39);signature.Appearance.Normal.Graphics.DrawString("Location: USA", font, PdfBrushes.Black, 120, 60);signature.Settings.CryptographicStandard = CryptographicStandard.CADES;signature.Settings.DigestAlgorithm = DigestAlgorithm.SHA256;signature.TimeStampServer = new TimeStampServer(new Uri("http://tsa.sinpe.fi.cr/tsaHttp/"));//Enable LTV document.signature.EnableLtv = true;//Save the PDF document.document.Save("LTV_document.pdf");//Close the document.document.Close(true);For this LTV failed issue, we request to follow the updates from the Forum: https://www.syncfusion.com/forums/177233/pdf-validation-show-sucess-in-pdf-but-failed-in-server-validation-portalPlease let us know if you need any further assistance in this.Regards,Irfana J.