Skip to content
/ pdfsign Public

Add/verify Advanced Electronic Signature (AES) and Qualified Electronic Signature (QES) in PDF (usign pure Go)

License

BSD-2-Clause license
57 stars 13 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

digitorus/pdfsign

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

138 Commits

.github

.github

 
 

revocation

revocation

 
 

sign

sign

 
 

testfiles

testfiles

 
 

verify

verify

 
 

.gitignore

.gitignore

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

go.mod

go.mod

 
 

go.sum

go.sum

 
 

sign.go

sign.go

 
 

Repository files navigation

Signing PDF files with Go

Build & Test golangci-lint Go Report Card Coverage Status Go Reference

This PDF signing library is written in Go. The library is in development, might not work for all PDF files and the API might change, bug reports, contributions and suggestions are welcome.

See also our PDFSigner, a more advanced digital signature server that is using this project.

From the command line

Usage of ./pdfsign:
  -contact string
        Contact information for signatory
  -location string
        Location of the signatory
  -name string
        Name of the signatory
  -reason string
        Reason for signig
  -tsa string
        URL for Time-Stamp Authority (default "https://freetsa.org/tsr")

Example usage:
        ./pdfsign -name "Jon Doe" sign input.pdf output.pdf certificate.crt private_key.key [chain.crt]
        ./pdfsignverify input.pdf

As library

import "github.com/digitorus/pdf"

input_file, err := os.Open(input)
if err != nil {
    return err
}
defer input_file.Close()

output_file, err := os.Create(output)
if err != nil {
    return err
}
defer output_file.Close()

finfo, err := input_file.Stat()
if err != nil {
    return err
}
size := finfo.Size()

rdr, err := pdf.NewReader(input_file, size)
if err != nil {
    return err
}

err = sign.Sign(input_file, output_file, rdr, size, sign.SignData{
    Signature: sign.SignDataSignature{
        Info: sign.SignDataSignatureInfo{
            Name:        "John Doe",
            Location:    "Somewhere on the globe",
            Reason:      "My season for siging this document",
            ContactInfo: "How you like",
            Date:        time.Now().Local(),
        },
        CertType:   sign.CertificationSignature,
        DocMDPPerm: sign.AllowFillingExistingFormFieldsAndSignaturesPerms,
    },
    Signer:            privateKey,         // crypto.Signer
    DigestAlgorithm:   crypto.SHA256,      // hash algorithm for the digest creation
    Certificate:       certificate,        // x509.Certificate
    CertificateChains: certificate_chains, // x509.Certificate.Verify()
    TSA: sign.TSA{
        URL: "https://freetsa.org/tsr",
        Username: "",
        Password: "",
    },

    // The follow options are likely to change in a future release
    //
    // cache revocation data when bulk signing
    RevocationData:     revocation.InfoArchival{}, 
    // custom revocation lookup
    RevocationFunction: sign.DefaultEmbedRevocationStatusFunction,
})
if err != nil {
    log.Println(err)
} else {
    log.Println("Signed PDF written to " + output)
}

About

Add/verify Advanced Electronic Signature (AES) and Qualified Electronic Signature (QES) in PDF (usign pure Go)

Topics

go golang pdf aes signing signature pades esignature qes eseal advanced-electronic-signature qualified-electronic-signature

Resources

Readme

License

BSD-2-Clause license
Activity
Custom properties

Stars

57 stars

Watchers

3 watching

Forks

13 forks
Report repository

Releases

No releases published

Sponsor this project

  •  
Learn more about GitHub Sponsors

Packages

No packages published

Contributors 2

Languages