0.1.2 • Published 1 year ago

myspdf v0.1.2

Weekly downloads
-
License
MIT
Repository
github
Last release
1 year ago

is ?

Digital signatures of PDF and Encrypt/Decrypt PDF, on JavaScript.

Notice

This library override pdf-lib some functions. Maybe comatible with original ,but not limited to the warranties. Using "@ts-ignore" to access pdf-lib private properties | functions, which may not fit your policy. Not adequately tested,"NOT LIMITED TO THE WARRANTIES"

Thanks

The issue post at pdf-lib on how to sign was helpful. PR#1015 on pdf-lib about encryption was helpful.

Usage

pdfSigner Class

import {pdfSigner} from "spdf";
const signer = new pdfSigner();

Member

Global

import {decryptPDF, encryptPDF} from "spdf";

Member

newSign

  • Create a signed PDF.
pdfSigner.newSing: (pdf:string | Uint8Array | ArrayBuffer, certs: CERTIFICATEs, options?: newSignOptions) => Promise<Uint8Array>

CERTIFICATEs

NameTypeAttributeDescription
signer.certstring|Uint8ArrayRequestedX509 PEM or DER
signer.keystring|Uint8ArrayRequestedRSA,DSA,ECDSA private key PKCS#5,#8 PEM or DER
signer.keyPassstringOptionIf key is encrypted,set this.
caCertsArray<string|Uint8Array>OptionalIf embedded CA certificates in signature, set this.

Import Certificate and Key is dependency on jsrsasign,Support format look jsrsasign reference.

newSignOptions

NameTypeAttributeDescription
openPasswordstringIf pdf is encryptedRequestedOwnerPassword required
hashAlg'sha1''sha256''sha384''sha512'OptionDEFAULT:'sha256'Sign hash algorithm.
encryptEncryptOptionsOptionalIf request PDF output encrypt,set this.
signerSignerOptionsOptionalSet of the signing.
signaturesignatureOptionalVisible signature.
embeddedTimeStampTSASarverOptionalIf request embedded TimeStamp in signature, set this.
DocMDP1|2|3OptionalThe access permissions granted for document.

The value of DocMDP is quoted to the ISO-32000-1. 1.No changes to the document shall be permitted; any change to the document shall invalidate the signature.2.Permitted changes shall be filling in forms, instantiating page templates, and signing; other changes shall invalidate the signature.3.Permitted changes shall be the same as for 2, as well as annotation creation, deletion, and modification; other changes shall invalidate the signature.

EncryptOptions

see

SignerOptions

NameTypeAttributeDescription
NamestringOptionalThe name of the person or authority signing the document.
LocationstringOptionalThe CPU host name or physical location of the signing.
ReasonstringOptionalThe reason for the signing.
ContactInfostringOptionalInformation provided by the signer to enable a recipient to contact the signer to verify the signature.

signature

Visible signature.

NameTypeAttributeDescription
pagenumberRequestedone-based,0 is invalid.
rectRECTRequestedSignature area-rect.
textSignTextOptionalVisible text.
imageUint8ArrayOptionalJPEG or PNG visible image.
reverseImgTxtbooleanOptionalDEFAULT:falsefalse:Text above imagetrue:Image above text.

RECT

NameTypeAttributeDescription
xnumberRequestedDistance left mm
ynumberRequestedDistance top mm
wnumberRequestedWidth mm
wnumberRequestedHeight mm

SignText

NameTypeAttributeDescription
txtstringRequestedVisible text.
sizenumberOptionalDEFAULT:10Text size.
xnumberOptionalDEFAULT:0Distance signatureRect-Left.
ynumberOptionalDEFAULT:0Distance signatureRect-Bouttom.
fontdataUint8ArrayOptionalDEFAULT:CourierText font data.

TSASarver

NameTypeAttributeDescription
urlstringRequestedTSA Sarver URL
hashAlg'sha1''sha256''sha384''sha512'OptionalDEFAULT:'sha256'TimeStamp hash algorithm.
certSizenumberOptionalDEFAULT:6144Size to be allocated for Timestamp certificate

Not available in web browsers due to CORS.

  • Allocate Size PDF signatures must be pre-allocated space. The size of the space is estimated from the certificate and allocated, but the timestamp cannot check the size of the certificate in advance. If there is not enough space, the timestamp will be set to a sufficient size based on the results obtained once, but it will need to be signed again. In other words, if there is not enough space, the timestamping will be requested twice. If the area is large enough, it cannot be reduced.

Add sign

  • Add(inculumental) a signature. Add a new signature without modifying the PDF document. Existing content, including signatures, will be maintained. If encrypted,encryption is maintained.
pdfSigner.pdfSigner.inculumentalSign: (pdf:string | Uint8Array | ArrayBuffer, certs: CERTIFICATEs, options?: inclumentalSignOptions) => Promise<Uint8Array>

CERTIFICATEs

See

inclumentalSignOptions

NameTypeAttributeDescription
openPasswordstringIf pdf is encryptedRequestedIf userpassword,allowed create signature fields.
hashAlg'sha1''sha256''sha384''sha512'OptionDEFAULT:'sha256'Sign hash algorithm.
signerSignerOptionsOptionalSet of the signing.
signaturesignatureOptionalVisible signature.
embeddedTimeStampTSASarverOptionalIf request embedded TimeStamp in signature, set this.

Add TimeStamp

  • Add(inculumental) a Timestamp. Add a new timestamp without modifying the PDF document. Existing content, including signatures, will be maintained. If encrypted,encryption is maintained.
pdfSigner.inculumentalTimeStamp: (pdf:string | Uint8Array | ArrayBuffer, tsaPram: timeStampOptions) => Promise<Uint8Array>

timeStampOptions

NameTypeAttributeDescription
TSATSASarverRequested
openPasswordstringIf pdf is encryptedRequestedIf userpassword,allowed create signature fields.

Add DSS

  • Add(inculumental) a DSS. Embeds the verification information of the currently embedded certificate. Add a DSS without modifying the PDF document. Existing content, including signatures, will be maintained. If encrypted,encryption is maintained. Simply, it enables LTV. Processes all signatures, if you have already embedded the DSS, you will need to embed the DSS for the added timestamp only. See ADD LastTimeStamp-DSS
pdfSigner.addDSSAllCerts: (pdf:string | Uint8Array | ArrayBuffer, options?: addDssOptions) => Promise<Uint8Array>

addDssOptions

NameTypeAttributeDescription
TSATSASarverRequested
openPasswordstringIf pdf is encryptedRequestedIf userpassword,allowed create signature fields.
caCertsArray<string|Uint8Array>OptionalAdd CA Certificates
crlsArray<string|Uint8Array>OptionalAdd CRLs
ignoreMissingTrustChainbooleanOptionalIf true, If trust chain cannot traced,not throw error.
ignoreRevokedCertbooleanOptionalIf true, If verification fails or is unknown,not throw error.

To obtain verification information, CRLs are obtained, OCSP queries are made, and CA certificates are acquired. Not available in web browsers due to CORS.

ADD LastTimeStamp-DSS

  • Add(inculumental) a LastTimeStamp-DSS. Embeds the verification information of the currently embedded certificate. Add a DSS without modifying the PDF document. Existing content, including signatures, will be maintained. If encrypted,encryption is maintained. Simply, Extended document Time-stamp.
pdfSigner.addDSSLastTimeStamp: (pdf:string | Uint8Array | ArrayBuffer, options?: addDssOptions) => Promise<Uint8Array>

addDssOptions

see

encryptPDF

const encryptPDF: (pdf: string | Uint8Array | ArrayBuffer, encryptOptions: encryptOptions) => Promise<Uint8Array>

encryptOptions

NameTypeAttributeDescription
userPasswordstringRequestedIf no-userpassword, value is ''(0 length string)
ownerPasswordstringRequested
permissionUserPermissionsRequestedIf all deny,value is {}
keyBits128|256OptionalDEFAULT:256Support AES only.

UserPermission

UserPermission default all deny. | Name | Type | Attribute | Description | | --- | --- | --- | --- | | printing | false|'lowResolution' | 'highResolution' | Optional | Printing Permission | | modifying | boolean | Optional | Modify Content Permission | | copying | boolean | Optional | Copy or otherwise extract text and graphics from document | | annotating | boolean | Optional | Permission to add or modify text annotations | | fillingForms | boolean | Optional | Fill in existing interactive form fields (including signature fields) | | contentAccessibility | boolean | Optional | Extract text and graphics (in support of accessibility to users with disabilities or for other purposes) | | documentAssembly | boolean | Optional | Assemble the document (insert, rotate or delete pages and create bookmarks or thumbnail images) |

decryptPDF

decryptPDF: (pdf: string | Uint8Array | ArrayBuffer, ownerPassword: string) => Promise<Uint8Array>

Use pdf-lib with encryption support.

Import "PDFDocument" from 'pdf-lib_patch' instead of 'pdf-lib'.

exsample

This then,is 

import { PDFDocument, rgb} from "pdf-lib";
const pdfData = await PDFDocument.load(readFileSync("input.pdf"));
const page1 = pdfData.getPage(0);
page1.drawCircle({ "opacity":1, x:100, y:740,size:100,color:rgb(0.8,0.2,0.2)});
page1.drawCircle({ "opacity":1, x:150, y:740,size:100,color:rgb(0.2,0.8,0.2)});
writeFileSync("output.pdf",await pdfData.save());

do this.

import {rgb} from "pdf-lib";
import {PDFDocument} from "pdf-lib_patch";
const pdfData = await PDFDocument.load(readFileSync("input.pdf"),{"password":"ownerpassword"});
const page1 = pdfData.getPage(0);
page1.drawCircle({ "opacity":1, x:100, y:740,size:100,color:rgb(0.8,0.2,0.2)});
page1.drawCircle({ "opacity":1, x:150, y:740,size:100,color:rgb(0.2,0.8,0.2)});
pdfData.encrypt({
  "keyBits":256,
  "userPassword":"",
  "ownerPassword":"newownerpassword",
  "permission":{"printing":"highResolution"}
});
writeFileSync("output.pdf",await pdfData.save({"useObjectStreams":false}));
//{"useObjectStreams":false} is requested,because pdf broken.
@pdf-lib/fontkitaxioscrypto-jsjsrsasignpdf-libsaslprep
0.1.2

1 year ago

0.1.1

1 year ago

0.1.0

1 year ago