Some test text!

Loading...
Guides
Embedded timestamping

Custom Signing in Node.js

The custom signing API also allows the creation and insertion of embedded secure (signed) timestamp tokens, which is a requirement of certain higher levels of PAdES-format signature conformance.

It is necessary to add to the VerificationOptions a trusted root certificate corresponding to the chain used by the timestamp authority to sign the timestamp token, in order for the timestamp response to be verifiable during embedded timestamp creation.

By default, we only check online for revocation of certificates using the newer and lighter OCSP protocol as opposed to CRL, due to lower resource usage and greater reliability. However, it may be necessary to enable online CRL revocation checking in order to verify some timestamps (i.e. those that do not have an OCSP responder URL for all non-trusted certificates).

const tst_config = await new PDFNet.TimestampingConfiguration(in_timestamp_authority_url);
const opts = await new PDFNet.VerificationOptions(PDFNet.VerificationOptions.SecurityLevel.e_compatibility_and_archiving);
await opts.addTrustedCertificate(in_timestamp_authority_root_certificate_path);
await opts.enableOnlineCRLRevocationChecking(true);
const result = await digsig_field.generateContentsWithEmbeddedTimestamp(tst_config, opts);

if (!(await result.getStatus()))
{
	console.log(await result.getString());
	throw new Error();
}
await doc.saveCustomSignature(await result.getData(), digsig_field, in_outpath);

Get the answers you need: Support

Upcoming Webinar: PDFTron SDK Tech Review | Nov 29, 2022 at 2 pm ET

PDFTron SDK

The Platform

NEW

© 2022 PDFTron Systems Inc. All rights reserved.

Privacy

Terms of Use