Category: PDFSign

PDFSignCheck – Check PDF signatures via web service (REST / SOAP)

PDFSignCheck – is a service which can be installed under MS Windows and which has a REST / SOAP web service interface to check signed PDF documents and to read out their signature parameters.

Scope – validation of electronic evidence:

In order to pay the customer for PDF invoices z.b. via a web application to give the opportunity to check whether an email sent as a PDF invoice really comes from your own company or to check whether the PDF document has not been changed or manipulated.

Using a valid PDF signature can ensure that the PDF document has not been tampered with, as any change invalidates the signature immediately.

With the help of the PDFSignCheck application, it can be checked whether the document / signature is valid and therefore unchanged and on the basis of the signature criteria stored on the PDFSignCheck server, it can also be checked whether the document was issued / signed by the company itself.

 

     

Definable criteria – AND shortcut for “Ok” / “not ok”

  • Signature status (0 – unknown, 1 – valid signature, 2 – file can not be opened, 3 – PDF not signed, 5 – signature invalid, 6 – validity unknown)
  • Issuer of the certificate / signer
  • reason
  • location
  • ContactInfo
  • Filter / Sub-Filter / algorithm
  • Revision
  • page
  • Signature Text

processing flow:

PDFSignCheck is installed under MS Windows as a service and provides a REST / SOAP web service interface for other applications. PDF files are transmitted via the web service and checked using a PDFSignCheck profile stored on the server. As a result, a file is created in JSON format that can be downloaded and processed further. The JSON file contains information about the read signature as well as the result of the check (“Ok”, or “not ok”).

In addition to the service, two C # sample programs / VS projects – one for REST and one for SOAP incl. EXE and source code are installed. Thus, the PDFSignCheck service can be easily tested or show the examples of how the functions can be integrated into your own applications.

 

     

Notice:

  1. Root certificates and revocation lists are constantly updated, therefore the computer installed on the PDFSignCheck should also have an active internet connection.
  2. By default, PDFSignCheck runs as a Windows service under the “System Account”, the user interface for configuring the application under the logged-in user. Each user and the computer itself use their own memory for the certificates. In order to use the same certificate store, the same user account should be used for the service as the logged-on user with whom the configuration is performed.

Download – PDFSignCheck – PDF Signaturen prüfen über REST / SOAP >>>

PDFSign CL – Command line application to sign PDF, PDF / A and ZUGFeRD as well as timestamp them

PDFSign CL – allows PDF, PDF / A or ZUGFeRD documents to be signed and / or timestamped. PDFSign CL is based on our PDFSign – .NET signature component and provides its functionality in the form of a command line application.

Features PDFSign CL:

  • Command line application based on the PDFSign – .NET signature component
  • PDF, PDF / A and ZUGFeRD PDFs can be provided with an electronic signature and / or an electronic time stamp.
  • PDF / A, ZUGFeRD compatibility is retained.
  • Processes – single files, lists of text files, folders, and entire folder structures.
  • Configuration and selection of signature settings via PDFSign profile files.
  • Logging the processing.

 

Download – Readme – Hilfe – Beschreibung der verfügbaren Parameter DE >>>
Download – Readme – Help – Description of the available parameters EN >>>
Download – PDFSign CL – Command line application to sign PDF >>>

PDFSign CL Client – Command line application for the PDFSign service

PDFSign CL Client – is a command line application to transfer PDF, PDF / A documents via a REST web service interface to a PDFSign service to sign and / or provided with a time stamp and then back to the calling client to transfer back.

The PDFSign CL client is free of charge, available as an add-on to our PDFSign service and can be used as a client application on any MS Windows computer.

Features PDFSign CL Client:

PDFSign Service – PDF and PDF / A via SOAP & REST – Web service with signature or timestamp

On the technical basis as the FileConverterPro (FCpro) there is now also a Windows service to provide PDF or PDF / A documents via a SOAP or REST web service interface with a timestamp or with an electronic signature.

The service is based on our PDFSign .NET signature component, is installed as a Windows service and offers the same SOAP and REST web service interface as our FileConverterPro (FCpro) or AutoOCR.

Along with the main application, two C # sample projects for SOAP and REST including source code and executable applications are being installed. With the help of these examples, all PDF signatures and PDF timestamps provided via the PDFSign service can be tested and quickly integrated into your own applications.

                    

Download – PDFSign Service  ~21MB >>>

eDocPrintPro PDFSign – Signatur Plugin Version 3.0.1 available

Based on our new PDFSign .NET signature component, we have implemented the eDocPrintPro signature plugin as the first application. This means that we are now also able to print PDF / A or ZUGFeRD printouts without losing the PDF / A & ZUGFeRD conformity.

General Features:

  • Signing (visible / invisible) of PDF, PDF / A and ZUGFeRD Output as plug-in function for all eDocPrintPro versions.
  • The eDocPrintPro plugin also supports several PDF printers with different settings.
  • Chained deployment with other plugins possible – The signature is always executed as the last processing step.
  • All settings can be saved and retrieved as PDFSign profiles. Profiles can be preselected or interrogated interactively.
  • PDFSign profiles can be exported or imported as XML (* .psnx) files.
  • Plugin SDK – incl. C # sample project – Available PDFSign profiles can be selected and activated depending on the eDocPrintPro printer.

    

Signature functions:

  • All kinds of certificates – PFX file, USB token, SmartCard, Hardware Security Module (HSM) – are supported
  • PDF/A or ZUGFeRD Documents remain valid (invoice signatures)
  • PAdES LTV Standard – Enables the long-term validation of the signature
  • Time stamp function – A time stamp helps to clearly determine whether a document has not been modified after the signature
  • Long and thus more secure keys (SHA512 algorithm and RSA2048) are supported.
  • Encryption of PDF documents.
  • Function to confirm PDF documents.
  • Visible signature – page, position, image, font, signature box, signature labels – are configurable.
  • Certificate Generator – Allows you to create self-signed software certificates.

Download – eDocPrintPro PDFSign Plugin >>>
Download – eDocPrintPro SDK & sample project PDFSign Plugin >>>

PDFSign – .NET Signature component including C # Sample project for PDF, PDF/A and ZUGFeRD

PDFSign is used to sign PDF documents with an X.509 certificate. In addition to the single signature, larger quantities of documents can also be signed in the stack in a time-saving manner. Since the signing also guarantees that a document has not been changed afterwards, the signing must always be the last step of the document creation. A subsequent change would render the signature invalid.

   

PDFSign features:

  • PKI compatibility: PDFSign is completely PKI neutral and works with PKI components from any vendor, including CAs, certificates, CRLs, SmartCards, etc. The access and use of the certificates and associated private keys can be done via SmartCards, USB Token or PFX files. Also, a signature processing is supported via Hardware Security Module (HSM), provided that they have an MS-CAPI or PKCS # 11 interface.
  • PDF/A or ZUGFERD documents remain valid: PDFSign ensures that the PDF/A or ZUGFeRD compliance is maintained even when applying the (visible) signature.

  • Billing signatures: The PDF / A and ZUGFeRD PDFSign compatible signatures can be used to digitally sign both individual (interactive) and larger quantities (batch processing) of invoices. An EU Directive states that invoices sent electronically by all Member States are to be accepted if the authenticity (origin) and integrity (unalterability) can be ensured.
  • PAdES Standard: PDFSign is compatible with PAdES part 2 and PAdES-LTV (long-term validation) standard. The revocation information of the certificates is embedded (PAdES-LTV).
  • Long-term validation: With PDFSign, a long-term validation document can be signed and stamped with a time stamp. PDFSign supports advanced digital signatures that contain embedded RFC 3161 compliant secure time stamps. Such certificates may also be verified after expiry of the validity and after revocation of the certificate.
  • CAdES-T (time stamp) Support – CMS Advanced Electronic Signature (CAdES) – CAdES-T (Timestamp), inserts trustworthy time stamps to protect against repelability. Signing and verifying very large CAdES signed files (100 MB and more)A time stamp helps to determine whether a document has not been modified after the signature. Like signatures, timestamps are easier to verify if they are associated with a certificate of a trustworthy time stamp instance.

  • SHA256, SHA512 Algorithm and RSA2048: PDFSign also supports the SHA256 and the SHA512 hash algorithm (known as SHA2) as well as RSA2048 as well as longer keys.
  • Encryption of PDF documents

  • PDF Document confirmation: This electronic confirmation can be used to indicate that the content of the document has been checked and approved.
  • Signature display configurable: PDFSign offers all possibilities to configure the visual representation of the visibly displayed signature. In addition to a number of parameters, the position as well as the pages – first, last, all – can be defined.

PDFSign – X.509 Certificate Generator:

X.509 certificates form the basis of a public-key infrastructure (PKI). These are electronic legitimations, issued by a certification body (CA) and linked to a key pair consisting of a private and public key.

Digital certificates are typically issued by a trusted and certified institution (CA) that guarantees identity. These are delivered both on secure hardware such as SmartCard’s or USB token or as software certificatesWith PDFSign it is also possible to create self-signed certificates. These can be used exactly as official certificates, but they do not have any certification or assurance. Signed documents are technically equivalent could be rejected by third parties but not as trustworthy and reliable.

Functions – Certificate Generator:

  • Self-signed certificates, root or user certificates can be created and stored either in the Microsoft certificate store or as a PFX file.
  • SHA 256, SHA 512, RSA 2048, RSA 4096 Algorithms and key lengths can be used.
  • Key usage and extended key usage can be easily configured.
  • X.509 Certificates and their properties can be displayed.

PDFSign .NET component: The PDFSign .NET component can be used to develop Windows Server and desktop applications.

  • Visual Studio 2005 – 2012
  • Visual Studio 2013
  • Visual Studio 2015

programming languages

  • C#,
  • VB.NET,
  • ASP.NET,
  • Visual C++,
  • Windows PowerShell.

Supported Operating Systems:

Windows 7 or higher, including Windows Server 2012/2016 and Windows 10. PDFSign .NET component requires .NET Framework 3.5 or higher.

Downloadexecutable PDFSign 30 days test and demo application incl. C # project in SourceCode >>>

DownloadPDFSign – X.509 Certificate Generator – Standalone Version >>>

Webshop