Skip to content
/ pdfsign Public

Add/verify Advanced Electronic Signature (AES) and Qualified Electronic Signature (QES) in PDF (usign pure Go)

License

BSD-2-Clause license
74 stars 16 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

digitorus/pdfsign

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

148 Commits
.github
.github
 
 
revocation
revocation
 
 
sign
sign
 
 
testfiles
testfiles
 
 
verify
verify
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
sign.go
sign.go
 
 

Repository files navigation

Signing PDF files with Go

Build & Test golangci-lint Go Report Card Coverage Status Go Reference

This PDF signing library is written in Go. The library is in development, might not work for all PDF files and the API might change, bug reports, contributions and suggestions are welcome.

See also our PDFSigner, a more advanced digital signature server that is using this project.

From the command line

Usage of ./pdfsign:
  -contact string
        Contact information for signatory
  -location string
        Location of the signatory
  -name string
        Name of the signatory
  -reason string
        Reason for signig
  -tsa string
        URL for Time-Stamp Authority (default "https://freetsa.org/tsr")

Example usage:
        ./pdfsign -name "Jon Doe" sign input.pdf output.pdf certificate.crt private_key.key [chain.crt]
        ./pdfsignverify input.pdf

As library

import "github.com/digitorus/pdf"

input_file, err := os.Open(input)
if err != nil {
    return err
}
defer input_file.Close()

output_file, err := os.Create(output)
if err != nil {
    return err
}
defer output_file.Close()

finfo, err := input_file.Stat()
if err != nil {
    return err
}
size := finfo.Size()

rdr, err := pdf.NewReader(input_file, size)
if err != nil {
    return err
}

err = sign.Sign(input_file, output_file, rdr, size, sign.SignData{
    Signature: sign.SignDataSignature{
        Info: sign.SignDataSignatureInfo{
            Name:        "John Doe",
            Location:    "Somewhere on the globe",
            Reason:      "My season for siging this document",
            ContactInfo: "How you like",
            Date:        time.Now().Local(),
        },
        CertType:   sign.CertificationSignature,
        DocMDPPerm: sign.AllowFillingExistingFormFieldsAndSignaturesPerms,
    },
    Signer:            privateKey,         // crypto.Signer
    DigestAlgorithm:   crypto.SHA256,      // hash algorithm for the digest creation
    Certificate:       certificate,        // x509.Certificate
    CertificateChains: certificate_chains, // x509.Certificate.Verify()
    TSA: sign.TSA{
        URL: "https://freetsa.org/tsr",
        Username: "",
        Password: "",
    },

    // The follow options are likely to change in a future release
    //
    // cache revocation data when bulk signing
    RevocationData:     revocation.InfoArchival{}, 
    // custom revocation lookup
    RevocationFunction: sign.DefaultEmbedRevocationStatusFunction,
})
if err != nil {
    log.Println(err)
} else {
    log.Println("Signed PDF written to " + output)
}

About

Add/verify Advanced Electronic Signature (AES) and Qualified Electronic Signature (QES) in PDF (usign pure Go)

Topics

go golang pdf aes signing signature pades esignature qes eseal advanced-electronic-signature qualified-electronic-signature

Resources

Readme

License

BSD-2-Clause license
Activity
Custom properties

Stars

74 stars

Watchers

3 watching

Forks

16 forks
Report repository

Releases

No releases published

Sponsor this project

  •  
Learn more about GitHub Sponsors

Packages

No packages published

Contributors 2

Languages