Signing PAdES Baseline T Signature

This guide will explain the process of creating PAdES B-T compatible digital signature for a PDF file.

Before you begin

You should get your API key from your UniCloud account.

If this is your first time using UniPDF SDK, follow this guide to set up a local development environment.

Project setup

Clone the project repository

In your terminal, clone examples repository. It contains the Go code we will be using for this guide.

git clone

Navigate to the signatures folder in the unipdf-examples directory.

cd unipdf-examples/signatures

Configure environment variables

Replace the UNIDOC_LICENSE_API_KEY with your API credentials from your UniCloud account.





How it works

In line 8-25, the import section imports the necessary UniPDF packages and other Go libraries. The init function in lines 27-34, loads the API key and sets the license.

The main function defined in lines 38-140, signs the PAdES Baseline T signature. In lines 39-44, the necessary arguments are parsed from the command line arguments using:

args := os.Args
if len(args) < 6 {
  fmt.Printf(usagef, os.Args[0])
pfxPath := args[1]
password := args[2]
pemPath := args[3]
inputPath := args[4]
outputPath := args[5]

In line 51-59, the private key and X509 certificate are loaded and decoded from the pfxPath provided via the command line arguments. Then in line 62-69, the cacert certificate is loaded from the pemPath. In line 89, a new appender is created from the PdfReader as follows:

// Create appender.
appender, err := model.NewPdfAppender(reader)
if err != nil {
  log.Fatal("Fail: %v\n", err)

Following this, the URL of the free Time Stamp Authority server is defined in line 89-92. Then a new handler is created using the NewEtsiPAdESLevelT function of the sighandler package. A new model.PdfSignature is created and initialized in lines 104-114 using:

// Create signature.
signature := model.NewPdfSignature(handler)
signature.SetName("PAdES B-T Signature PDF")
signature.SetDate(time.Now(), "")

if err := signature.Initialize(); err != nil {
  log.Fatal("Fail: %v\n", err)

The signature field and appearance are created in lines 114-127 using the annotator package. In line 129-139, the document is signed and written to file using:

if err = appender.Sign(1, field); err != nil {
  log.Fatal("Fail: %v\n", err)

// Write output PDF file.
err = appender.WriteToFile(outputPath)
if err != nil {
  log.Fatal("Fail: %v\n", err)

Run the code

To run the code use the following command.

 go run pdf_sign_pades_b_t.go <FILE.PFX> <PASSWORD> <FILE.PEM> <INPUT_PDF_PATH> <OUTPUT_PDF_PATH>

Got any Questions?

We're here to help you.