Signing PAdES Baseline T Signature

This guide will explain the process of creating PAdES B-T compatible digital signature for a PDF file.

Before you begin

You should get your API key from your UniCloud account.

If this is your first time using UniPDF SDK, follow this guide to set up a local development environment.

Project setup

Clone the project repository

In your terminal, clone examples repository. It contains the Go code we will be using for this guide.

git clone https://github.com/unidoc/unipdf-examples.git

Navigate to the signatures folder in the unipdf-examples directory.

cd unipdf-examples/signatures

Configure environment variables

Replace the UNIDOC_LICENSE_API_KEY with your API credentials from your UniCloud account.

Linux/Mac 

export UNIDOC_LICENSE_API_KEY=PUT_YOUR_API_KEY_HERE

Windows 

set UNIDOC_LICENSE_API_KEY=PUT_YOUR_API_KEY_HERE

How it works

In line 8-25, the import section imports the necessary UniPDF packages and other Go libraries. The init function in lines 27-34, loads the API key and sets the license.

The main function defined in lines 38-140, signs the PAdES Baseline T signature. In lines 39-44, the necessary arguments are parsed from the command line arguments using:

args := os.Args
if len(args) < 6 {
  fmt.Printf(usagef, os.Args[0])
  return
}
pfxPath := args[1]
password := args[2]
pemPath := args[3]
inputPath := args[4]
outputPath := args[5]

In line 51-59, the private key and X509 certificate are loaded and decoded from the pfxPath provided via the command line arguments. Then in line 62-69, the cacert certificate is loaded from the pemPath. In line 89, a new appender is created from the PdfReader as follows:

// Create appender.
appender, err := model.NewPdfAppender(reader)
if err != nil {
  log.Fatal("Fail: %v\n", err)
}

Following this, the URL of the free Time Stamp Authority server is defined in line 89-92. Then a new handler is created using the NewEtsiPAdESLevelT function of the sighandler package. A new model.PdfSignature is created and initialized in lines 104-114 using:

// Create signature.
signature := model.NewPdfSignature(handler)
signature.SetName("PAdES B-T Signature PDF")
signature.SetReason("TestPAdESPDF")
signature.SetDate(time.Now(), "")

if err := signature.Initialize(); err != nil {
  log.Fatal("Fail: %v\n", err)
}

The signature field and appearance are created in lines 114-127 using the annotator package. In line 129-139, the document is signed and written to file using:

if err = appender.Sign(1, field); err != nil {
  log.Fatal("Fail: %v\n", err)
}

// Write output PDF file.
err = appender.WriteToFile(outputPath)
if err != nil {
  log.Fatal("Fail: %v\n", err)
}

Run the code

To run the code use the following command.

 go run pdf_sign_pades_b_t.go <FILE.PFX> <PASSWORD> <FILE.PEM> <INPUT_PDF_PATH> <OUTPUT_PDF_PATH>

Got any Questions?

We're here to help you.

Contact us