ExternalSignature with SignData

bakelong · October 9, 2025, 9:26am

Dear Aspose Support Team,

Hello,

I have an external signing service that uses the RSA.SignData method for digital signatures. I’m trying to integrate this service with Aspose.PDF using the ExternalSignature functionality.

My current signing service implementation looks like this:
This is my sign service
public string SignData(PSE3Request request)
{
byte[] data = Convert.FromBase64String(request.Data);
using (RSA rsa = Cert.GetRSAPrivateKey())
{
var signature = rsa.SignData(data, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1);
string database64 = Convert.ToBase64String(signature);
return Convert.ToBase64String(signature);
}
}

Professionalize.Discourse · October 9, 2025, 9:27am

@bakelong

To integrate your external signing service with Aspose.PDF using the ExternalSignature functionality, you can implement the IExternalSignature interface and utilize the SignData method from your RSA signing service. Below is a basic example demonstrating how to achieve this:

using Aspose.Pdf;
using System.Security.Cryptography;

public class MyExternalSignature : IExternalSignature
{
    private RSA _rsa;

    public MyExternalSignature(RSA rsa)
    {
        _rsa = rsa;
    }

    public string GetAlgorithmName()
    {
        return "RSA";
    }

    public byte[] Sign(byte[] data)
    {
        return _rsa.SignData(data, HashAlgorithmName.SHA256, RSASignatureFormat.Pkcs1);
    }

    public bool Verify(byte[] data, byte[] signature)
    {
        return _rsa.VerifyData(data, signature, HashAlgorithmName.SHA256, RSASignatureFormat.Pkcs1);
    }
}

// Usage
var pdfDocument = new Document("input.pdf");
var signature = new MyExternalSignature(yourRsaInstance);
var signatureField = pdfDocument.Form["signatureFieldName"];
pdfDocument.SignatureSign(signatureField, signature);
pdfDocument.Save("signedOutput.pdf");

In this example, replace yourRsaInstance with your actual RSA instance. This code illustrates how to create a custom external signature class that implements the IExternalSignature interface, enabling you to use your RSA signing service with Aspose.PDF.

If you have any further questions or need additional assistance, feel free to ask!

bakelong · October 9, 2025, 9:32am

The IExternalSignature interface is not found in the Aspose.PDF library

I’m getting an error that IExternalSignature does not exist in the Aspose namespace

asad.ali · October 9, 2025, 9:11pm

@bakelong

We need to investigate this scenario further. Can you please share complete code sample that you have been using to sign the PDF using Aspose.PDF with this external signature? We will log an investigation ticket and share the ID with you.

bakelong · October 10, 2025, 4:17am

This is function process pdf
public static string SignPdfInvoice(string unsignedPdfPath, string companyName, bool isCompany, string dateSign, string signedPdfPath, System.Drawing.Rectangle rectangle)
{

 string tempPdfPath = "";
 string finalPdfPath = "";

 try
 {
     // 1. Lấy certificate
     var cer = GetCer(new PSE3Request());
     if (cer == null || string.IsNullOrEmpty(cer.Data))
     {
         logger.Trace("❌ Không lấy được certificate");
         return "False";
     }
     var cer2 = new X509Certificate2(Convert.FromBase64String(cer.Data));
     
     using (var document = new Aspose.Pdf.Document(unsignedPdfPath))
     {
         
         // SignatureField signatureField = CreateVisibleSignatureField(document, companyName, dateSign);
         using (var sign = new Aspose.Pdf.Facades.PdfFileSignature(document))
         {
             var signature = new Aspose.Pdf.Forms.ExternalSignature(cer2, DigestHashAlgorithm.Sha256)
             {
                 Authority = companyName,
                 Reason = "phát hành hóa đơn",
                 ContactInfo = companyName,
                 Location = "Hà nội",
                 ShowProperties=false
             };
             signature.CustomSignHash = (hash, alo) =>
             {
                
                 string base64Filehash = Convert.ToBase64String(hash);                          
                 logger.Trace($"base64Filehash:{base64Filehash}");
                // var request = new PSE3Request { Data = Convert.ToBase64String(hash) };
                 var request = new PSE3Request { Data = base64Filehash };
                 var response = CallSignFile(request);
                 return Convert.FromBase64String(response.Data);
             };
             StringBuilder buf = new StringBuilder();
             buf.Append("signature valid\n");
             buf.Append("đã được ký điện tử bởi\n");
             buf.Append(companyName).Append('\n');
             buf.Append("ngày ký: ").Append(dateSign);
             string text = buf.ToString();                       
             sign.Sign(1, "Ký số hóa đơn điện tử", companyName, "Chi nhánh Chu Lai",true, rectangle, signature);

             sign.Save(signedPdfPath);
         }
     }
     return "True";
   
 }
 catch (Exception ex)
 {
     logger.Error("SignPdfInvoice", ex);
 }
 return "True";

}
This is function request signature
private static PSE3Response CallSignFile(PSE3Request request)
{
// Implementation từ code gốc của bạn
Logger logger = new Logger();
PSE3Response result = new PSE3Response();
try
{
string cerLabel = ConfigurationManager.AppSettings[“Sign:CER_LABEL”];
string cerSerial = ConfigurationManager.AppSettings[“Sign:CER_SERIAL”];

     if (string.IsNullOrEmpty(request.SsoId))
         request.SsoId = cerLabel;
     if (string.IsNullOrEmpty(request.KeyName))
         request.KeyName = cerSerial;
     if (request.SignMode == 0)
         request.SignMode = 4;
     request.SignMode = SIGNMODE;
     if (string.IsNullOrEmpty(request.DataFormat))
         request.DataFormat = "base64";
     if (string.IsNullOrEmpty(request.ResponseFormat))
         request.ResponseFormat = "base64";

     string json = Newtonsoft.Json.JsonConvert.SerializeObject(request);
     string url = SERVER_SIGN_URL + URL_SIGN_FILE;

     HttpWebRequest httpRequest = (HttpWebRequest)WebRequest.Create(url);
     httpRequest.Method = "POST";
     httpRequest.ContentType = "application/json";
     httpRequest.Timeout = 300000;

     byte[] byteArray = System.Text.Encoding.UTF8.GetBytes(json);
     httpRequest.ContentLength = byteArray.Length;

     using (Stream webStream = httpRequest.GetRequestStream())
     {
         webStream.Write(byteArray, 0, byteArray.Length);
     }

     using (WebResponse webResponse = httpRequest.GetResponse())
     using (Stream webStream = webResponse.GetResponseStream() ?? Stream.Null)
     using (StreamReader responseReader = new StreamReader(webStream))
     {
         string response = responseReader.ReadToEnd();
         result = JsonConvert.DeserializeObject<PSE3Response>(response);
     }
 }
 catch (Exception ex)
 {
     logger.Error("[CallSignFile] Exception", ex);
 }
 return result;

}

This is function make signature
public string SignData(PSE3Request request)
{
byte[] data = Convert.FromBase64String(request.Data);
using (RSA rsa = Cert.GetRSAPrivateKey())
{
var signature = rsa.SignData(data, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1);
string database64 = Convert.ToBase64String(signature);
return Convert.ToBase64String(signature);
}
}

asad.ali · October 10, 2025, 4:09pm

@bakelong

We have opened the following new ticket(s) in our internal issue tracking system and will deliver their fixes according to the terms mentioned in Free Support Policies.

Issue ID(s): PDFNET-60887

You can obtain Paid Support Services if you need support on a priority basis, along with the direct access to our Paid Support management team.

bakelong · October 11, 2025, 3:51pm

you have solution for this issues?