|
THotPDF.SignPDFWithPFX
|
이전 메서드 AddPubKeyRecipient |
|
Signs an existing PDF placeholder using a PFX / PKCS#12 file, building a CMS SignedData container and writing the signed PDF in one call.
Delphi syntax (file overload): class function SignPDFWithPFX( const InputPDFPath: string; const OutputPDFPath: string; const PFXFilePath: string; const Password: AnsiString): boolean; overload; static;
Delphi syntax (stream overload): class function SignPDFWithPFX( InputStream: TStream; OutputStream: TStream; const PFXFilePath: string; const Password: AnsiString): boolean; overload; static;
설명
1. Input PDF를 로드하고 2. PFX file을 로드하고 제공된 password로 decrypt합니다. PBKDF2-HMAC-SHA-256 + AES-256-CBC를 사용하는 PBES2가 지원됩니다(OpenSSL 3.0+, Windows 11+ certutil, macOS Keychain Access가 export한 PFX file의 기본값). Legacy PBE-SHA1-3DES file은 diagnostic을 raise합니다. 3. 4. CMS DER을 hex-encode하고 5. Writes the patched bytes to the output path or stream.
Returns True on success. Raises
Typical workflow
Doc := THotPDF.Create(nil); Doc.FileName := 'unsigned.pdf'; Doc.BeginDoc; Doc.CurrentPage.AddSignedSignatureField( 'Sig1', Rect(60, 60, 260, 90), 8192, 'adbe.pkcs7.detached', 'Approved', 'Brussels', '', []); Doc.EndDoc; Doc.Free; THotPDF.SignPDFWithPFX('unsigned.pdf', 'signed.pdf', 'mykey.pfx', 'mypassword');
Notes Signature algorithm은 RSA + SHA-256(1.2.840.113549.1.1.1 + 2.16.840.1.101.3.4.2.1)입니다. Signer identifier는 X.509 certificate에서 추출한
RFC 3161 timestamp, DSS dictionary 또는 document timestamp signature가 필요한 PAdES B-T / B-LT / B-LTA workflow에는 producer-side helper(
참조: AddSignedSignatureField, PreparePDFForSigning, InsertSignatureHex, AddPAdESSignatureField |