Digitally sign PDF files in c#

I have a digital certificate that identifies an user. I need to use it to Digitally sign pdf files using c# code.

Does anyone have an example that does not uses a third party component? I need to get this done but it would be nice to fully understand how things are done.

The open source iTextSharp library will allow you to do this. Here‘s a post explaining how to digitally sign a pdf file. If you don’t want to use a third party library then you can implement it yourself but it could be a tough task -> you can start by reading the pdf specification.

Proper PDF signing is a very sophisticated task. There exist a number of files that don’t conform to the PDF specification (broken xrefs etc) and your code must handle all of them. Then various Acrobat versions treat certain things in signed fields differently. So if you need to do the task (rather than study how it works) you should rely on third-party solution, such as our PDFBlackbox components.

Digitally signing a PDF document without using a third-party component entails a great deal of work and is generally best avoided.

Components do all the hard work for you, so you don’t have to. You should find there are some excellent free PDF components available that will suit your needs.

The following example written in C# shows how simple it is to digitally sign a PDF document using ABCpdf

And please note the comments of the iText folks that this is an outdated version – today there are newer standards like PAdES etc.

I need to sign a PDF document using a certificate that exists in the Windows Certificate Store. I have been digging around all day trying to figure it out, and I am so close yet so far away.

All that is missing is this: How do I get an IExternalSignature object to sign the PDF file with?

Rahul Singla has written a beautiful example of how to sign a PDF document using the new iText 5.3.0 API – as long as you can access a .pfx file sitting around on your PC somewhere.

There is a previous question on signing using a certificate from the Windows Cert Store, except it was using a version of the API where SetCrypto still exists, and the signature was apparently optional. In iText 5.3.0, the API has changed, and SetCrypto is no longer a thing.

I have a c# winform app that generates some PDF memos.

Every logged user into the system can generate the PDFs. Right now each memo has a signature space where a digital sign (image) of the real ink user signature is placed.

Using that certificate would be the best one. If you currently don’t have a certificate perhaps you should talk with the local IT about setting a certificate system up. It should not be your programs responsibility to generate a new certificate, you need to make sure the infrastructure is in place that each user will have a certificate already in their store assigned to them.

Leave a Reply

Your email address will not be published. Required fields are marked *