Do you own a Debenu Quick PDF Library version 7, 8, 9, 10, 11, 12, 13 or iSEDQuickPDF license? Upgrade to Debenu Quick PDF Library 14 today!

Debenu Quick PDF Library - PDF SDK Community Forum Homepage
Forum Home Forum Home > For Users of the Library > I need help - I can help
  New Posts New Posts RSS Feed - SetSignProcessTimestampURL with login and password
  FAQ FAQ  Forum Search   Register Register  Login Login

SetSignProcessTimestampURL with login and password
 Post Reply Post Reply
Author
Message
  Topic Search Topic Search  Topic Options Topic Options
Rogerio View Drop Down
Beginner
Beginner
Avatar

Joined: 22 Apr 20
Location: Brazil
Status: Offline
Points: 2 		Post Options Post Options   Thanks (0) Thanks(0)   Quote Rogerio Quote  Post ReplyReply Direct Link To This Post Topic: SetSignProcessTimestampURL with login and password
    Posted: 22 Apr 20 at 7:48PM
Hello,

In version 17, the time stamp process (windows) was implemented, excellent, as was disclosed:
"On Windows, a new function (SetSignProcessTimestampURL) allows digital signatures to be counter-signed using a timestamp server. This grants the signature validation into the future past the expiry date of the signing identity certificate."

But I have not found a reference on how to use a time stamp server URL with login and password, which normally everyone uses.

Here is my test code (VB):

Dim QP As New DebenuPDFLibraryAX1711.PDFLibrary
Dim iDf12 As Long
Dim iDf13 As Long
Dim iDfopt As Long
        
    iDf1 = QP.NewSignProcessFromFile ("C:\TEMPS\Temp01\tt\doc2sign.pdf", "")
    
    If iDf1 <> 0 Then
        
        QP.SetSignProcessPFXFromFile iDf1, "C:\Users\roger\Documents\cert_file.pfx", "mypass"
        QP.SetSignProcessInfo iDf1, "Good reason", "My location", "My info"
        QP.SetSignProcessField iDf1, "Signature_field"
        QP.SetSignProcessFieldBounds iDf1, 100, 600, 209, 191
        QP.SetSignProcessFieldImageFromFile iDf1, "C:\TEMPS\Temp01\pdfsigner.png", 0
        
        QP.SetSignProcessFieldPage iDf1, 1
        QP.SetSignProcessTimestampURL iDf1, "https://cloud.tsserversample.com.br/time-stamp/tsp", iDfopt
        QP.EndSignProcessToFile iDf1, "C:\TEMPS\Temp01\tt\file_signed.pdf"
        QP.ReleaseSignProcess iDf1 '// Releases a signature process from memory

        iDf13 = QP.GetSignProcessResult(iDf1)
        
        Select Case iDf13
            Case 1
            Debug.Print "The file was signed successfully"
            Case 2
            Debug.Print "Input PDF not found"
            Case 3
            Debug.Print "Input PDF cannot be read"
            Case 4
            Debug.Print "Input PDF password incorrect"
            Case 5
            Debug.Print "certificate Not file"
            Case 6
            Debug.Print "certificate file Is invalid"
            Case 7
            Debug.Print "Incorrect certificate password"
            Case 8
            Debug.Print "Unknown certificate format"
            Case 9
            Debug.Print "No private key found in certificate file"
            Case 10
            Debug.Print "Could not write output file"
            Case 11
            Debug.Print "Could not apply signature"
            Case 12
            Debug.Print "The signature field name was blank"
            Case 13
            Debug.Print "The input file cannot be signed because the 'NeedAppearances' flag is set to true"
            Case 14
            Debug.Print "Certificate not found in store"
            Case 15
            Debug.Print "The input file cannot be signed due to an xref table issue"
            Case 16
            Debug.Print "Could not apply timestamp to signature"
            Case Else
            Debug.Print "Unknow:" & iDf13
        End Select
        
    End If
        
--------------------------
Returns code 16.

Another test I carried out, on the SetSignProcessTimestampURL line I put the login and password in the URL:

        QP.SetSignProcessTimestampURL iDf1, "https://mylogin:mypassword@cloud.tsserversample.com.br/time-stamp/tsp", iDfopt
Returns code 16.

Another test was with the URL that does not require login and password:
 http://sha256timestamp.ws.symantec.com/sha256/timestamp

it worked, but this server does not require login password.

Does anyone know how to use time stamp servers with login and password?

Thanks.
Back to Top
LuProch View Drop Down
Beginner
Beginner
Avatar

Joined: 01 Feb 13
Status: Offline
Points: 14 		Post Options Post Options   Thanks (0) Thanks(0)   Quote LuProch Quote  Post ReplyReply Direct Link To This Post Posted: 25 Jun 20 at 3:19PM
Hello,

I have basically the same problem as Rogerio. I am currently testing Quick PDF Library version 17 on Windows to find out whether it can sign a PDF with timestamp, using time stamp authority URL, login and password. The new SetSignProcessTimestampURL function is not documented in the Function groups, but I found it in "Foxit Quick PDF Library 17.11 Reference Guide.pdf", which comes with the installation. There it says:

Quote Sets the URL of a timestamp server to use during signing. This will only work when using the default MS Crypto API on Windows. Timestamping is not currently supported when using OpenSSL or on non-Windows platforms.

Parameters:
- SignProcessID - A value returned by the NewSignProcessFromFile.
- TimestampURL - The URL, including protocol identifier, of a timestamp server. For example, "http://sha256timestamp.ws.symantec.com/sha256/timestamp".
- Options - Reserved for future use, should be set to zero.

When I try it with the example URL, it works fine. When I try it with my testing URL, which also requires login and password, then return value is 16 and the signature is broken.

So is there a way to use it with login and password, maybe in some combination with MS Crypto API? Can anyone provide sample code? Or does Quick PDF Library currently support timestamping with URL only and I have to wait for future versions for a function that accepts URL, login and password?

Thanks for any response.


Edited by LuProch - 25 Jun 20 at 3:23PM
Back to Top
tfrost View Drop Down
Senior Member
Senior Member


Joined: 06 Sep 10
Location: UK
Status: Offline
Points: 437 		Post Options Post Options   Thanks (0) Thanks(0)   Quote tfrost Quote  Post ReplyReply Direct Link To This Post Posted: 25 Jun 20 at 3:43PM
I suspect that the reason the API does not support login/password is that there are so many reputable timeserver services that do not require authentication.  I have tested at least half a dozen such, but this was for executable programs, not large production volume of PDFs. I have also looked at some that have a subscription and so require a login, but usually this could be entered in the URI. Have you enquired of your chosen service whether they can support entering credentials as part of the connection string?
Back to Top
LuProch View Drop Down
Beginner
Beginner
Avatar

Joined: 01 Feb 13
Status: Offline
Points: 14 		Post Options Post Options   Thanks (0) Thanks(0)   Quote LuProch Quote  Post ReplyReply Direct Link To This Post Posted: 26 Jun 20 at 9:46AM
I found some documentation and it says that the request has to be send to server with POST method. So no changes in URL, I guess.
Back to Top
LuProch View Drop Down
Beginner
Beginner
Avatar

Joined: 01 Feb 13
Status: Offline
Points: 14 		Post Options Post Options   Thanks (0) Thanks(0)   Quote LuProch Quote  Post ReplyReply Direct Link To This Post Posted: 02 Jul 20 at 2:23PM
I have also tried to send username and password with URL like this:
Quote url?username=myName&password=myPassword
Tried some variations, didn't work.

For now I continue testing timestamp with example URL (http://sha256timestamp.ws.symantec.com/sha256/timestamp) and combinations of timestamp with other options:
- electronic signature with PFX certificate / with USB token
- invisible / visible signature
- PDF protected by password

Works mostly fine, but there is one issue. Signature with PFX certificate + timestamp works fine. Signature with USB token + timestamp seems fine, no error code, but when I open the resulting PDF in Adobe Reader, the signature properties say "The signing time comes from the clock on the author's computer." instead of "The signature contains an embedded time stamp.".
Back to Top
 Post Reply Post Reply
  Share Topic   

Forum Jump Forum Permissions View Drop Down

Forum Software by Web Wiz Forums® version 11.01
Copyright ©2001-2014 Web Wiz Ltd.

Copyright © 2017 Debenu. Debenu Quick PDF Library is a PDF SDK. All rights reserved. AboutContactBlogSupportOnline Store