Hello,
Converted code from your sample to sign Pdf files when saving:
Dim MyCertHolder As CertificateHolder = CertificateHolder.Create("D:\cert.pfx", "pass")
ASPSaveSetPDFX.DigitalSignatureDetails = New Words.Saving.PdfDigitalSignatureDetails(MyCertHolder, "Test Signing", "My Office", Date.Now)
ASPSaveSetPDFX.DigitalSignatureDetails.HashAlgorithm = Words.Saving.PdfDigitalSignatureHashAlgorithm.Sha512
I don’t get Date part, signing time is not get from timestamping server when signing or it’s done offline?
“Test Signing”, “My Office”, reason and location, can be set string empty? And will be shown and visible to the end user somewhere?
No idea why including the above code in PdfSaveOptions will render “Object reference not set to an instance of an object.” on Document.Save?
Kindly advise if the same certificate can be used to sign all PDF and Doc/Docx and XPS?
I never signed pdf, DigitalSignatureDetails.TimestampSettings, do you know if there is a free timestamp server by Adobe or VeriSign or else for use when signing pdf?
Update, found the reason for “Object reference not set to an instance of an object.” on Document.Save with sign:
PFX certificate was a code signing, not for document signing, also tested a S/mime certificate with no luck.
Suggestion: When a pfx with mismatched OID is set, show a proper message to user, not null ref exception.
Yes, you can set these values to empty string or null, which is the default values for them. Yes, reason and location are shown in the Signatures panel:
Thanks, last request would be that if this DigitalSignatureUtil.Sign method is our way for Doc/docx/xps signing, can you please kindly consider adding a feature request ticket for them to have a save options counterpart too?
I mean to be able to sign them on save time using save options?
Maybe not a bad idea if you merge it with PdfSaveOptions.DigitalSignatureDetails to have a unified sign/save options for all supported formats
@australian.dev.nerds
We have opened the following new ticket(s) in our internal issue tracking system and will deliver their fixes according to the terms mentioned in Free Support Policies.
Issue ID(s): WORDSNET-25896
You can obtain Paid Support Services if you need support on a priority basis, along with the direct access to our Paid Support management team.
@australian.dev.nerds No, unfortunately, there is no timestamping feature in DigitalSignatureUtil.Sign, but you can specify sign time using SignOptions.SignTime.
We have opened the following new ticket(s) in our internal issue tracking system and will deliver their fixes according to the terms mentioned in Free Support Policies.
Issue ID(s): WORDSNET-25897
You can obtain Paid Support Services if you need support on a priority basis, along with the direct access to our Paid Support management team.
Thanks, if WORDSNET-25897 is for DigitalSignatureUtil.Sign time stamping, it has no priority for me, at least now.
My highest priority goes to WORDSNET-25896 if it’s for adding .DigitalSignatureDetails to Xps/Doc/Docx at their SaveOptions. To be able to set the sign details in save options.
This is my last request as the part of my project working with Words seems to be finished, until the above feature is implemented (and in case it’s rejected), kindly advise:
When converting an mhtml to xps/doc/docx I will use Document.Save(MyMemoryStream)
Then:
DigitalSignatureUtil.Sign(MyMemoryStream, streamOut, MyCertHolder)
Can you please consider adding an overload:
When using DigitalSignatureUtil.Sign to sign xps,doc,docx in the SignOptions we have:
SignOptions.DecryptionPassword property
This is just for Docx? And Doc or Xps will not need this?
You can easily achieve writing the result directly to file using code like this:
using (FileStream outFile = File.Create(@"C:\Temp\out.docx"))
DigitalSignatureUtil.Sign(MyMemoryStream, outFile, MyCertHolder);
I have logged a feature request for this as WORDSNET-25900. We will consider providing such feature in one of future version.
Thank you for pointing this. I have logged the problem as WORDSNET-25901. We will update the documentation and let you know once done.
SignOptions.DecryptionPassword is not required for documents in binary DOC format. But theoretically, XPS and ODT documents might be encrypted the same way as DOCX, since these formats are OPC documents (ZIP archives) and document encryption is encryption if ZIP archive.
Unfortunately, I cannot reproduce the problem on my side. i have used the following code for testing:
In case this feature is implemented, one of these formats, OoxmlSaveOptions.DigitalSignatureDetails which needs to pass the encryption password to signoptions when signing if it’s encrypted too, will be possible to handle internally in save options?
@australian.dev.nerdsOoxmlSaveOptions.Password = “blah” is for saving document, while password in DigitalSignatureUtil is required to open encrypted DOCX document. So there will no sense to specify password in SignOptions if it will be passed into SaveOptions, since document is already loaded.
Thanks, yes, but in case we need to both sign and encrypt the docx, currently we specify the encryption password in save options:
OoxmlSaveOptions.Password = “blah”
And save to stream, then using DigitalSignatureUtil.Sign will sign it which will need the above password again.
I meant just in case document signing support is added to saveoptions…
Thanks and have a great night ahead
@australian.dev.nerds If document is signed using DigitalSignatureUtil the process looks like this:
Decrypt document if encrypted (password is required)
Sign document
Save and encrypt document is required.
On other hand if document is already loaded into the DOM the fist step is not required, since there is nothing to decrypt.
