(Visual FoxPro) Sign PDF using PAdES-Baseline-B

See more PDF Signatures Examples

PAdES-Baseline-B is the most basic, entry-level profile of the PDF Advanced Electronic Signatures (PAdES) standard.

It means:

• A PDF contains a CMS/PKCS#7 detached signature over the document’s byte range.
• /SubFilter must be ETSI.CAdES.detached.
• The signer’s X.509 certificate is included inside the signature.
• The signature uses recognized secure algorithms (e.g., SHA-256 with RSA/ECDSA).
• It proves document integrity (no changes since signing) and signer authenticity (certificate identifies who signed).
• It does not include time-stamps, revocation data (CRL/OCSP), or long-term validation information — those appear only in higher levels (PAdES-Baseline-T, -LT, -LTA).

In short: Baseline-B = a standard PDF digital signature that ensures integrity and origin, but without time or revocation guarantees.

Chilkat ActiveX Downloads ActiveX for 32-bit and 64-bit Windows

LOCAL lnSuccess
LOCAL loPdf
LOCAL loJson
LOCAL loCert
LOCAL lcOutFilePath

lnSuccess = 0

loPdf = CreateObject('Chilkat.Pdf')

* Load a PDF to be signed.
lnSuccess = loPdf.LoadFile("c:/someDir/my.pdf")
IF (lnSuccess = 0) THEN
    ? loPdf.LastErrorText
    RELEASE loPdf
    CANCEL
ENDIF

* Options for signing are specified in JSON.
loJson = CreateObject('Chilkat.JsonObject')

loJson.UpdateString("subFilter","/ETSI.CAdES.detached")
loJson.UpdateBool("signingCertificateV2",1)
loJson.UpdateBool("signingTime",1)
loJson.UpdateString("signingAlgorithm","pkcs")
loJson.UpdateString("hashAlgorithm","sha256")

* -----------------------------------------------------------
* The following JSON settings define the signature appearance.
loJson.UpdateInt("page",1)
loJson.UpdateString("appearance.y","top")
loJson.UpdateString("appearance.x","left")
loJson.UpdateString("appearance.fontScale","10.0")
loJson.UpdateString("appearance.text[0]","Digitally signed by: cert_cn")
loJson.UpdateString("appearance.text[1]","current_dt")
loJson.UpdateString("appearance.text[2]","Hello 123 ABC")

* --------------------------------------------------------------
* Load the signing certificate. (Use your own certificate.)
* Note: There are other methods for using a certificate on an HSM (smartcard or token)
* or from other sources, such as a cloud HSM, a Windows installed certificate,
* or other file formats.
loCert = CreateObject('Chilkat.Cert')
lnSuccess = loCert.LoadPfxFile("c:/myPfxFiles/myPdfSigningCert.pfx","pfxPassword")
IF (lnSuccess = 0) THEN
    ? loCert.LastErrorText
    RELEASE loPdf
    RELEASE loJson
    RELEASE loCert
    CANCEL
ENDIF

* Once we have the certificate object, tell the PDF object to use it for signing
lnSuccess = loPdf.SetSigningCert(loCert)
IF (lnSuccess = 0) THEN
    ? loPdf.LastErrorText
    RELEASE loPdf
    RELEASE loJson
    RELEASE loCert
    CANCEL
ENDIF

* Sign the PDF, creating the output file.
lcOutFilePath = "c:/someDir/mySigned.pdf"
lnSuccess = loPdf.SignPdf(loJson,lcOutFilePath)
IF (lnSuccess = 0) THEN
    ? loPdf.LastErrorText
    RELEASE loPdf
    RELEASE loJson
    RELEASE loCert
    CANCEL
ENDIF

? "Success."

RELEASE loPdf
RELEASE loJson
RELEASE loCert