How to digitally sign a PDF using X.509 certificate data from iOS application

About

Asked 11/11, 2013 at 7:58 Answered 3/7, 2014 at 20:40

I am generating PDF's in my app. I want to give the best security to these pdf's generated through my app. I have added the default security options provided by Apple, like Owner password, allow copying, allow printing etc...

But I would like to add my certificate information or call it as Digitally sign the pdf's using the custom certificate(X.509 certificate) files.

Does security framework help in any way ? or How can this be achieved?

Mendel answered 11/11, 2013 at 7:58 Comment(6)

Just search through for curiousity, is it something like this question: #16100609, it is generating from PHP, what kind of language your app is based on for development? – Hollingsworth 21/4, 2014 at 7:56

>what kind of language your app is based on for development? iOS (Objective-c) – Mendel 21/4, 2014 at 12:13

There is already and application for mac itunes.apple.com/in/app/pdf-signet-digital-signatures/… How can we do the same in iOS ?? – Mendel 31/5, 2014 at 13:8

I'm wondering and struggling since a weak about how this can be achieved on iOS. If other languages like Java, C# , C and C++ can do it why can't this be possible in Objective-c? – Mendel 27/6, 2014 at 5:36

U would expose your private key in app so it's kinda unsecure – Causation 3/7, 2014 at 13:26

Objective-C is a superset of C, so if you can do it in C then you can use that code in your iOS app. – Adulterant 3/7, 2014 at 18:17

Unfortunately, iOS doesn't seem to provide this feature natively. Searching for a library that will apply a digital signature to a PDF is difficult, as many tools apply pictures of handwritten signatures. There doesn't seem to be any in C or Objective-C that you could use on iOS, most implementations are in Java or C#, or are not available for iPhone (e.g. Acrobat SDK or PLOP DS).

You can nevertheless implement the digital signature yourself, this is quite straightforward and documented. You will need to serialize your PDF as mentioned in this document, make some room for the signature object (this requires a minimum parsing of the PDF layout), then compute the signature and store it in the file.

For the cryptographic part, it seems that Security Framework does not provide an API to generate the required PKCS#7 signature. So you could use OpenSSL instead.

Donohue answered 3/7, 2014 at 20:40 Comment(2)

I believe one should sign something with private key. So if you want to do it in phone you'll expose it at least in operating memory – Causation 4/7, 2014 at 14:2

Indeed, this requires a private key. This is not a real issue if the application uses the user's private key like the MacOS X application OP referred to. The main problem would be how to get and how to store the private key on the iOS device. – Donohue 4/7, 2014 at 15:33

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

Recommended topics

Hot tags