sign-hash-pdf v0.0.0

sign-hash-pdf

Library that supports signing PDF documents by generating a hash value, then getting its signature provided by external services

Installation

  npm install sign-hash-pdf

Usage

Declare the library and initialize the variable containing the PDF document

const fs = require("fs");
const { Pdf } = require("sign-hash-pdf");

const pdf = new Pdf(fs.readFileSync("./assets/document.pdf")); // Document as Uint8Array or Buffer

Next, create a placeholder and get the hash value to ask the external service to return the signature and certificate

const hash = await pdf.generateHexToBeSigned({
  x: 100,
  y: 100,
  width: 100,
  height: 200,
  signedBy: "your_name",
  reason: "your_reason",
  location: "your_country",
  contactInfo: "your_email",
  pageNumber: 1,
  background: fs.readFileSync("./assets/signature.png"),
  hashAlgorithm: "sha256",
});

Details about the parameters:

• x, y are the coordinates of the placeholder. x = 0, y = 0 are the bottom left position of the document
• pageNumber is the page of the document to which the placeholder will be attached
• width, height are the size of the placeholder, it can be zero
• signedBy, reason, location, contactInfo are some basic information, it can be changed - after the document has been signed
• background is the display image of the placeholder, it can be null
• hashAlgorithm is Cryptographic hash function used to create hash values ​​and also to create signatures in external services, be careful with this because hashAlgorithm does not match the algorithm returned from the external service will make the signature invalid
• hashAlgorithm is supporting: md5, sha1, sha224, sha256, sha384, sha512

generateHexToBeSigned returns a Promise that emits a hexadecimal string (e.g. 314b301806092a864886f70d010903310b06092a864886f70d010701302f06092a864886f70d01090431220420072674532b01f3043898b959bb10792d6a28322486463610c985f8ee6014a9a5)

Send the hash value in the previous step to an external service to sign it. Some libraries can support this like jsrsasign.KJUR.crypto.Signature or java.security.Signature. Finally, use the sign function to replace the placeholder with a valid signature

pdf.sign({
  signature: signature,
  signatureAlgorithm: signatureAlgorithm,
  certificate: certificate,
});

fs.writeFileSync("pdf-signed.pdf", pdf.buffer.final); //The PDF document has been signed

Details about the parameters:

• signature is the hexadecimal string received from the external service's response
• signatureAlgorithm is the signature creation algorithm used by external services, for example: SHA256withECDSA, MD5withRSA,...
• certificate is the PEM string that the external service used (along with a private key) to create a signature, for example:

-----BEGIN CERTIFICATE-----
MIIDdTCCAl2gAwIBAgIEXinimTANBgkqhkiG9w0BAQsFADBqMQswCQYDVQQGEwJC
RTEMMAoGA1UECBMDT1ZMMQ4wDAYDVQQHEwVHaGVudDEXMBUGA1UEChMOaVRleHQg
U29mdHdhcmUxCzAJBgNVBAsTAklUMRcwFQYDVQQDEw5CcnVubyBTcGVjaW1lbjAg
Fw0xMjA4MDMyMTAwMDBaGA8yMTEyMDcxMDIxMDAwMFowajELMAkGA1UEBhMCQkUx
DDAKBgNVBAgTA09WTDEOMAwGA1UEBxMFR2hlbnQxFzAVBgNVBAoTDmlUZXh0IFNv
ZnR3YXJlMQswCQYDVQQLEwJJVDEXMBUGA1UEAxMOQnJ1bm8gU3BlY2ltZW4wggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCndrp+8IyR2cDnSH3O3p3zIohW
CqaKsz2jU7iTiujYDEGqeLJ/tLk+KCZ/qzH1SsYzMp8N6NgQTcBCwKkukrtO3CJv
gRPl0ObazZIua+1hB2eSi9cpERsihdvK5ZEwGTEIx1wMTTp0uGUkXgzN5ec6Slnz
0VRwG/9HIIAA9acbmIhNAI4IMxvNBqTilHY5pOnJYyGIJHc8NptsnG+ymgI9vscg
66yCWI0r2U47YigpKBCSi9efxGnXcSXV4TpZwSYMAUA/kQrxdUZILMkZl82XI/o/
Eyc76wyTQ9SCfFsXhTujhiz4Ckg68NqNgQ6NUIIJWj/u+94fH6k+WreQdLdvAgMB
AAGjITAfMB0GA1UdDgQWBBR3r9IU9woOYNOC/j1cQ/nf9+dKBzANBgkqhkiG9w0B
AQsFAAOCAQEAEy1Wmr3tudvP1H4gZVxlw+l3CMcEuR5Odt441wx3TIHFCjSWoCt4
KeS04QZrihl72NVSAdab5QRc9XL6POSTKGNS/vVK2WYY94quGUNo/To2X82Dwquc
TigV8FYiRO8OkXYHuUgchWuVqPG5/jKnpP4Gk+oqSb9I7KorcjyoWFW1nGjhlyYe
vePDB0jqKhRRvaMfwKH5peDXGbAKaHjFeuUVB96u3pwvvda/cssPWQUKwr5/iD7T
PaBB6Ei8P+0kjA3cFWTuH+M/weZrOlpx1x/2ua0Sfxa35OnSu1UhIe8B3RbITDSB
l7PnMelzKu1eetoNems8skdHKVQs9rCcEA==
-----END CERTIFICATE-----