Changed to allow TSA feature in web browser

Fix EU signature. Thanks marsanla!

.github/workflows/build.yml

@@ -0,0 +1,16 @@
+name: Build
+run-name: Build for browser and GAS
+on: [push]
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        node-version: ['lts/*']
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-node@v4
+        with:
+          node-version: ${{ matrix.node-version }}
+      - run: npm ci
+      - run: npm run build

README.md

@@ -1,6 +1,12 @@
+<div align="center"><img src="logo.png" title="zgapdfsigner"></div>
+
 # ZgaPdfSigner
+![version](https://img.shields.io/github/package-json/v/zboris12/zgapdfsigner)
+![license](https://img.shields.io/github/license/zboris12/zgapdfsigner)
+![build status](https://github.com/zboris12/zgapdfsigner/actions/workflows/build.yml/badge.svg)
+
 A javascript tool to sign a pdf or set protection of a pdf in web browser.  
-And it also can be used in Google Apps Script and nodejs.  
+And it is more powerful when used in [Google Apps Script](https://developers.google.com/apps-script) or [nodejs](https://nodejs.org/).  
 
 PS: __ZGA__ is the abbreviation of my father's name.  
 And I use this name to hope the merits from this application will be dedicated to my parents.
@@ -8,11 +14,13 @@ And I use this name to hope the merits from this application will be dedicated t
 ## Main features
 
 * Sign a pdf with an invisible pkcs#7 signature.
-* Sign a pdf with a visible pkcs#7 signature by drawing an image.
-* Sign a pdf and set DocMDP(document modification detection and prevention).
+* Sign a pdf with a visible pkcs#7 signature by drawing an image or a text or both.
+* A visible signature can be placed on multiple pages. (In the same position)
+* Sign a pdf and set [DocMDP](https://github.com/zboris12/zgapdfsigner/wiki/API#note).
 * Add a new signature to a pdf if it has been signed already. (An incremental update)
-* Add a document timestamp from TSA(Time Stamp Authority). (Only in Google Apps Script and nodejs)
-* Sign a pdf with a timestamp from TSA. (Only in Google Apps Script and nodejs)
+* Add a document timestamp from [TSA](https://github.com/zboris12/zgapdfsigner/wiki/API#note). ( :no_entry_sign:__Not__ available in web browser :sunflower:)
+* Sign a pdf with a timestamp from [TSA](https://github.com/zboris12/zgapdfsigner/wiki/API#note). ( :no_entry_sign:__Not__ available in web browser :sunflower:)
+* Enable signature's [LTV](https://github.com/zboris12/zgapdfsigner/wiki/API#note). ( :no_entry_sign:__Not__ available in web browser :sunflower:)
 * Set password protection to a pdf. Supported algorithms:
   * 40bit RC4 Encryption
   * 128bit RC4 Encryption
@@ -21,23 +29,89 @@ And I use this name to hope the merits from this application will be dedicated t
 * Set public-key certificate protection to a pdf.
   Supported algorithms are as same as the password protection.
 
-## About signing with TSA
+## About signing with [TSA](https://github.com/zboris12/zgapdfsigner/wiki/API#note) and [LTV](https://github.com/zboris12/zgapdfsigner/wiki/API#note)
 
-Because of the CORS security restrictions in web browser,
-signing with a timestamp from TSA can only be used in Google Apps Script.
+Because of the [CORS](https://github.com/zboris12/zgapdfsigner/wiki/API#note) security restrictions in web browser,
+signing with a timestamp from [TSA](https://github.com/zboris12/zgapdfsigner/wiki/API#note) or enabling [LTV](https://github.com/zboris12/zgapdfsigner/wiki/API#note) can only be used in [Google Apps Script](https://developers.google.com/apps-script) or [nodejs](https://nodejs.org/).  
+:sunflower: However, if you can avoid the [CORS](https://github.com/zboris12/zgapdfsigner/wiki/API#note) security restrictions
+by creating your own service or providing a reverse proxy server, these features are also available in web browser.
 
 ## The Dependencies
 
 * [pdf-lib](https://pdf-lib.js.org/)
 * [node-forge](https://github.com/digitalbazaar/forge)
+* [follow-redirects](https://github.com/follow-redirects/follow-redirects)
+* [pako](https://github.com/nodeca/pako) - For drawing text
+* [pdf-fontkit](https://github.com/znacloud/pdf-fontkit) - For drawing text
 
 ## How to use this tool
 
+:question: For more details please see the [wiki](https://github.com/zboris12/zgapdfsigner/wiki/API).
+
+### Web Browser
 Just import the dependencies and this tool.
 ```html
 <script src="https://unpkg.com/pdf-lib@1.17.1/dist/pdf-lib.min.js" type="text/javascript"></script>
 <script src="https://unpkg.com/node-forge@1.3.1/dist/forge.min.js" type="text/javascript"></script>
-<script src="https://github.com/zboris12/zgapdfsigner/releases/download/2.2.0/zgapdfsigner.min.js" type="text/javascript"></script>
+<script src="https://cdn.jsdelivr.net/npm/zgapdfsigner/dist/zgapdfsigner.min.js" type="text/javascript"></script>
+```
+When drawing text for signature, importing fontkit and pako library is necessary.
+```html
+<script src="https://unpkg.com/pdf-fontkit@1.8.9/dist/fontkit.umd.min.js" type="text/javascript"></script>
+<script src="https://unpkg.com/pako@1.0.11/dist/pako_inflate.min.js" type="text/javascript"></script>
+```
+Thanks to [znacloud](https://github.com/znacloud/pdf-fontkit) for fixing the font subsetting issue in [@pdf-lib/fontkit](https://github.com/Hopding/fontkit).
+
+### [Google Apps Script](https://developers.google.com/apps-script)
+Load the dependencies and this tool.
+```js
+// Simulate setTimeout function for pdf-lib
+function setTimeout(func, sleep){
+  Utilities.sleep(sleep);
+  func();
+}
+// Simulate clearTimeout function for pdf-fontkit
+function clearTimeout(timeoutID){
+  // Do nothing
+}
+// Simulate window for node-forge
+var window = globalThis;
+// Load pdf-lib
+eval(UrlFetchApp.fetch("https://unpkg.com/pdf-lib@1.17.1/dist/pdf-lib.min.js").getContentText());
+// It is necessary for drawing text for signature.
+eval(UrlFetchApp.fetch("https://unpkg.com/pdf-fontkit@1.8.9/dist/fontkit.umd.min.js").getContentText());
+// Load pako, It is necessary for drawing text for signature.
+eval(UrlFetchApp.fetch("https://unpkg.com/pako@1.0.11/dist/pako_inflate.min.js").getContentText());
+// Load node-forge
+eval(UrlFetchApp.fetch("https://unpkg.com/node-forge@1.3.1/dist/forge.min.js").getContentText());
+// Load ZgaPdfSigner
+eval(UrlFetchApp.fetch("https://cdn.jsdelivr.net/npm/zgapdfsigner/dist/zgapdfsigner.min.js").getContentText());
+```
+Or simply import the library of [ZgaPdfToolkit](https://script.google.com/macros/library/d/1T0UPf50gGp2fJ4dR1rZfEFgKYC5VpCwUVooCRNySiL7klvIUVsFBCZ9m/7)
+1. Add the library of ZgaPdfToolkit to your project, and suppose the id of library you defined is "pdfkit".  
+   Script id: `1T0UPf50gGp2fJ4dR1rZfEFgKYC5VpCwUVooCRNySiL7klvIUVsFBCZ9m`
+2. Load the library.
+```js
+pdfkit.loadZga(globalThis);
+```
+
+### [nodejs](https://nodejs.org/)
+1. Install
+```
+npm install zgapdfsigner
+```
+If using [typescript](https://www.typescriptlang.org/) for development, installation of [definitely typed for node-forge](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/node-forge) is necessary.
+```
+npm install --save-dev @types/node-forge
+```
+2. Import
+```js
+// CommonJS Mode
+const Zga = require("zgapdfsigner");
+// ES Module Mode
+import { default as Zga } from "zgapdfsigner";
+// Typescript
+import * as Zga from "zgapdfsigner";
 ```
 
 ## Let's sign
@@ -87,8 +161,10 @@ async function sign2(pdf, cert, pwd, imgdat, imgtyp){
         w: 60,  // width
         h: 60,  // height
       },
-      imgData: imgdat,
-      imgType: imgtyp,
+      imgInfo: {
+        imgData: imgdat,
+        imgType: imgtyp,
+      },
     },
   };
   var signer = new Zga.PdfSigner(sopt);
@@ -97,85 +173,178 @@ async function sign2(pdf, cert, pwd, imgdat, imgtyp){
 }
 ```
 
-Sign with a visible signature of drawing a text.
+Sign with a visible signature by drawing a text.
 
 ```js
-//TODO
-```
-
-Use it in Google Apps Script
-
-```js
-// Simulate setTimeout function for pdf-lib
-function setTimeout(func, sleep){
-  Utilities.sleep(sleep);
-  func();
+/**
+ * @param {ArrayBuffer} pdf
+ * @param {ArrayBuffer} cert
+ * @param {string} pwd
+ * @param {string} txt
+ * @param {ArrayBuffer} fontdat
+ * @return {Promise<Blob>}
+ */
+async function sign3(pdf, cert, pwd, txt, fontdat){
+  /** @type {SignOption} */
+  var sopt = {
+    p12cert: cert,
+    pwd: pwd,
+    drawinf: {
+      area: {
+        x: 25,  // left
+        y: 150, // top
+        w: 60,  // width
+        h: 60,  // height
+      },
+      textInfo: {
+        text: txt,
+        fontData: fontdat,
+        color: "#00f0f1",
+        size: 16,
+      },
+    },
+  };
+  var signer = new Zga.PdfSigner(sopt);
+  var u8arr = await signer.sign(pdf);
+  return new Blob([u8arr], {"type" : "application/pdf"});
 }
-// Simulate window for node-forge
-var window = globalThis;
-// Load pdf-lib
-eval(UrlFetchApp.fetch("https://unpkg.com/pdf-lib@1.17.1/dist/pdf-lib.min.js").getContentText());
-// Load node-forge
-eval(UrlFetchApp.fetch("https://unpkg.com/node-forge@1.3.1/dist/forge.min.js").getContentText());
-// Load ZgaPdfSigner
-eval(UrlFetchApp.fetch("https://github.com/zboris12/zgapdfsigner/releases/download/2.2.0/zgapdfsigner.min.js").getContentText());
-
-// Load pdf, certificate
-var pdfBlob = DriveApp.getFilesByName("_test.pdf").next().getBlob();
-var certBlob = DriveApp.getFilesByName("_test.pfx").next().getBlob();
-// Sign the pdf
-/** @type {SignOption} */
-var sopt = {
-  p12cert: certBlob.getBytes(),
-  pwd: "some passphrase",
-  signdate: "1",
-};
-var signer = new Zga.PdfSigner(sopt);
-var u8arr = await signer.sign(pdfBlob.getBytes());
-// Save the result pdf to some folder
-var fld = DriveApp.getFolderById("a folder's id");
-fld.createFile(Utilities.newBlob(u8arr, "application/pdf").setName("signed_test.pdf"));
 ```
 
-## Detail of SignOption
+Use it in [Google Apps Script](https://developers.google.com/apps-script)
 
-* __p12cert__: Array<number>|Uint8Array|ArrayBuffer|string :point_right: (Optional) Certificate's data. In the case of adding a document timestamp, it must be omitted.
-* __pwd__: string :point_right: (Optional) The passphrase of the certificate. In the case of adding a document timestamp, it must be omitted.
-* __permission__: number :point_right: (Optional) The modification permissions granted for this document.
-  This is a setting of DocMDP(document modification detection and prevention). Valid values are:
-  * 1: No changes to the document are permitted; any change to the document invalidates the signature.
-  * 2: Permitted changes are filling in forms, instantiating page templates, and signing; other changes invalidate the signature.
-  * 3: Permitted changes are the same as for 2, as well as annotation creation, deletion, and modification; other changes invalidate the signature.
-* __reason__: string :point_right: (Optional) The reason for signing
-* __location__: string :point_right: (Optional) Your location
-* __contact__: string :point_right: (Optional) Your contact information
-* __signdate__: Date|string|_TsaServiceInfo_ :point_right: (Optional) In the case of adding a document timestamp, it can't be omitted and can't be a Date.
-  * When it is a Date, it means the date and time of signing.
-  * When it is a string, it can be an url of TSA or an index of the preset TSAs as below:
-    * "1": http://ts.ssl.com
-    * "2": http://timestamp.digicert.com
-    * "3": http://timestamp.sectigo.com
-    * "4": http://timestamp.entrust.net/TSS/RFC3161sha2TS
-    * "5": http://timestamp.apple.com/ts01
-    * "6": http://www.langedge.jp/tsa
-    * "7": https://freetsa.org/tsr
-  * When it is a _TsaServiceInfo_, it means a full customized information of a TSA.
-    * __url__: string :point_right: The url of TSA
-    * __len__: number :point_right: (Optional) The length of signature's placeholder
-    * __headers__: Object<string, *> :point_right: (Optional) The customized headers for sending to tsa server
-  * When it is omitted, the system timestamp will be used.
-* __signame__: string :point_right: (Optional) The name of the signature
-* __drawinf__: _SignDrawInfo_ :point_right: (Optional) Visible signature's information
-  * __area__: _SignAreaInfo_ :point_right: The signature's drawing area, these numbers are dots on 72dpi.
-    * __x__: number :point_right: Distance from left
-    * __y__: number :point_right: Distance from top
-    * __w__: number :point_right: Width
-    * __h__: number :point_right: Height
-  * __pageidx__: number :point_right: (Optional) The index of a page where the signature will be drawn.
-  * __imgData__: Array<number>|Uint8Array|ArrayBuffer|string :point_right: (Optional) The image's data
-  * __imgType__: string :point_right: (Optional) The image's type, <ins>only support jpg and png</ins>
-  * __text__: string :point_right: (Optional) A text drawing for the signature, <ins>not implemented yet</ins>
-  * __fontData__: PDFLib.StandardFonts|Array<number>|Uint8Array|ArrayBuffer|string :point_right: (Optional) The font's data for drawing text, <ins>not implemented yet</ins>
+```js
+/**
+ * @param {string} pwd Passphrase of certificate
+ * @return {Promise}
+ */
+async function createPdf(pwd){
+  // Load pdf, certificate
+  var pdfBlob = DriveApp.getFilesByName("_test.pdf").next().getBlob();
+  var certBlob = DriveApp.getFilesByName("_test.pfx").next().getBlob();
+  // Sign the pdf
+  /** @type {SignOption} */
+  var sopt = {
+    p12cert: certBlob.getBytes(),
+    pwd,
+    signdate: "1",
+    ltv: 1,
+  };
+  var signer = new Zga.PdfSigner(sopt);
+  var u8arr = await signer.sign(pdfBlob.getBytes());
+  // Save the result pdf to some folder
+  var fld = DriveApp.getFolderById("a folder's id");
+  fld.createFile(Utilities.newBlob(u8arr, "application/pdf").setName("signed_test.pdf"));
+}
+```
+
+Use queryPassword function in [ZgaPdfToolkit](https://script.google.com/macros/library/d/1T0UPf50gGp2fJ4dR1rZfEFgKYC5VpCwUVooCRNySiL7klvIUVsFBCZ9m/5).
+
+```js
+function myfunction(){
+  var spd = SpreadsheetApp.getActiveSpreadsheet();
+  pdfkit.queryPassword("createPdf", "Please input the passphrase", spd.getName());
+}
+```
+
+Use it in [nodejs](https://nodejs.org/)
+```js
+const m_fs = require("fs");
+const m_path = require("path");
+async function main(){
+  /** @type {string} */
+  var pdfPath = m_path.join(__dirname, "_test.pdf");
+  /** @type {string} */
+  var pfxPath = m_path.join(__dirname, "_test.pfx");
+  /** @type {string} */
+  var ps = "";
+  /** @type {string} */
+  var imgPath = m_path.join(__dirname, "_test.png");
+  /** @type {string} */
+  var txt = "I am a test string!";
+  /** @type {string} */
+  var fontPath = m_path.join(__dirname, "_test.ttf");
+
+  if(process.argv.length > 3){
+    pfxPath = process.argv[2];
+    ps = process.argv[3];
+  }else if(process.argv[2]){
+    ps = process.argv[2];
+  }
+
+  if(!ps){
+    // throw new Error("The passphrase is not specified.");
+    pfxPath = "";
+  }
+
+  /** @type {Buffer} */
+  var pdf = m_fs.readFileSync(pdfPath);
+  /** @type {Buffer} */
+  var pfx = null;
+  if(pfxPath){
+    pfx = m_fs.readFileSync(pfxPath);
+  }
+  /** @type {Buffer} */
+  var img = null;
+  /** @type {string} */
+  var imgType = "";
+  if(imgPath){
+    img = m_fs.readFileSync(imgPath);
+    imgType = m_path.extname(imgPath).slice(1);
+  }
+  /** @type {Buffer} */
+  var font = null;
+  if(fontPath){
+    font = m_fs.readFileSync(fontPath);
+  }
+
+  /** @type {SignOption} */
+  var sopt = {
+    p12cert: pfx,
+    pwd: ps,
+    permission: pfx ? 2 : 0,
+    signdate: "1",
+    reason: "I have a test reason.",
+    location: "I am on the earth.",
+    contact: "zga@zga.com",
+    ltv: 1,
+    debug: true,
+  };
+  if(img || txt){
+    sopt.drawinf = {
+      area: {
+        x: 25, // left
+        y: 50, // top
+        w: txt ? undefined : 60,
+        h: txt ? undefined : 100,
+      },
+      pageidx: "2-3", // Placed the signature on the 3rd page and the 4th page. (Indexes of pages start from 0)
+      imgInfo: img ? {
+        imgData: img,
+        imgType: imgType,
+      } : undefined,
+      textInfo: txt ? {
+        text: txt,
+        fontData: font,
+        size: 16,
+      } : undefined,
+    };
+  }
+
+  /** @type {Zga.PdfSigner} */
+  var ser = new Zga.PdfSigner(sopt);
+  /** @type {Uint8Array} */
+  var u8dat = await ser.sign(pdf);
+
+  if(u8dat){
+    /** @type {string} */
+    var outPath = m_path.join(__dirname, "test_signed.pdf");
+    m_fs.writeFileSync(outPath, u8dat);
+    console.log("Output file: " + outPath);
+  }
+
+  console.log("Done");
+}
+```
 
 ## Let's protect the pdf
 
@@ -282,30 +451,6 @@ async function signAndProtect2(pdf, cert, pwd){
 }
 ```
 
-## Detail of EncryptOption
-
-* __mode__: Zga.Crypto.Mode :point_right: The values of Zga.Crypto.Mode
-  * RC4_40: 40bit RC4 Encryption
-  * RC4_128: 128bit RC4 Encryption
-  * AES_128: 128bit AES Encryption
-  * AES_256: 256bit AES Encryption
-* __permissions__: Array<string> :point_right: (Optional) The set of permissions to be blocked
-  * "copy": (Only valid on public-key mode) Copy text and graphics from the document;
-  * "print": Print the document;
-  * "modify": Modify the contents of the document by operations other than those controlled by 'fill-forms', 'extract' and 'assemble';
-  * "copy-extract": Copy or otherwise extract text and graphics from the document;
-  * "annot-forms": Add or modify text annotations, fill in interactive form fields, and, if 'modify' is also set, create or modify interactive form fields (including signature fields);
-  * "fill-forms": Fill in existing interactive form fields (including signature fields), even if 'annot-forms' is not specified;
-  * "extract": Extract text and graphics (in support of accessibility to users with disabilities or for other purposes);
-  * "assemble": Assemble the document (insert, rotate, or delete pages and create bookmarks or thumbnail images), even if 'modify' is not set;
-  * "print-high": Print the document to a representation from which a faithful digital copy of the PDF content could be generated. When this is not set, printing is limited to a low-level representation of the appearance, possibly of degraded quality.
-* __userpwd__: string :point_right: (Optional) User password. Used when opening the pdf.
-* __ownerpwd__: string :point_right: (Optional) Owner password. If not specified, a random value is used.
-* __pubkeys__: Array<_PubKeyInfo_> :point_right: (Optional) Array of recipients containing public-key certificates ('c') and permissions ('p').
-  * __c__: Array<number>|Uint8Array|ArrayBuffer|string|forge_cert :point_right: (Optional) A public-key certificate.
-           Only when you want to encrypt the pdf by the certificate used in signing, the c can be omitted.
-  * __p__: Array<string> :point_right: (Optional) Permissions
-
 ## Thanks
 * The module of setting protection was almost migrated from [TCPDF](http://www.tcpdf.org).
 

build.sh

@@ -0,0 +1,58 @@
+# !/bin/sh
+# set -x
+
+OUTFLDR=dist
+if [ -d ${OUTFLDR} ]
+then
+	rm -f ${OUTFLDR}/*
+else
+	mkdir ${OUTFLDR}
+fi
+
+VER=$(sed -n -r "s/^.*\"version\": ?\"([0-9.]+)\".*$/\1/p" package.json)
+
+GCCOPT="--charset UTF-8 --compilation_level SIMPLE_OPTIMIZATIONS --warning_level VERBOSE"
+GCCEXT="--externs closure/google-ext.js --externs closure/forge-ext.js --externs closure/pdflib-ext.js --externs closure/zb-externs.js"
+jss=""
+while read js
+do
+	if [ -n "${js}" ]
+	then
+		c=$(echo "${js}" | cut -b1)
+		if [ "$c" != "#" ]
+		then
+			outf="${OUTFLDR}/_${js}"
+			if [ "${js}" = "zgaindex.js" ]
+			then
+				sed -e "s/\/\/Only for nodejs Start\/\//\/*/g" -e "s/\/\/Only for nodejs End\/\//*\//g" -e "s/ver: \"\"/ver: \"${VER}\"/" "lib/${js}" > "${outf}"
+			else
+				sed -e "s/\/\/Only for nodejs Start\/\//\/*/g" -e "s/\/\/Only for nodejs End\/\//*\//g" "lib/${js}" > "${outf}"
+			fi
+			if [ $? -eq 0 ]
+			then
+				echo "Created js file: ${outf}"
+				jss="${jss} --js ${outf}"
+			else
+				echo "Failed create js file: ${outf}"
+				exit 10
+			fi
+		fi
+	fi
+done <<EOF
+zgafetch.js
+zgacertsutil.js
+zgapdfcryptor.js
+zgapdfsigner.js
+zgaindex.js
+EOF
+npx google-closure-compiler ${GCCOPT} ${GCCEXT} ${jss} --js_output_file ${OUTFLDR}/zgapdfsigner.min.js
+if [ $? -eq 0 ]
+then
+	echo "Build result:"
+	ls -l ${OUTFLDR}/*.min.js
+else
+	echo "google-closure-compiler failed."
+	exit 20
+fi
+
+exit 0

closure/build.bat

@@ -1,16 +0,0 @@
-@echo off
-
-set csr=\java\8\jre\bin\java.exe -jar \closure-compiler\closure-compiler-v20220104.jar --charset UTF-8 --compilation_level SIMPLE_OPTIMIZATIONS --warning_level VERBOSE
-doskey csr=%csr% $*
-set externs=--externs closure\google-ext.js --externs closure\forge-ext.js --externs closure\pdflib-ext.js --externs closure\zb-externs.js
-
-rem main
-set src=.
-set jss=--js %src%\zgapdfcryptor.js --js %src%\zgapdfsigner.js
-echo $
-set chkj=%%externs%% --checks_only %%jss%%
-echo chkj=csr %chkj%
-doskey chkj=%csr% %chkj%
-set csrj=%%externs%% %%jss%% --js_output_file %src%\dist\zgapdfsigner.min.js
-echo csrj=csr %csrj%
-doskey csrj=%csr% %csrj%

closure/forge-ext.js

@@ -67,6 +67,13 @@ forge.util.hexToBytes = function(hex){};
  * @return {string}
  */
 forge.util.decodeUtf8 = function(value){};
+forge.util.binary = {};
+forge.util.binary.hex = {};
+/**
+ * @param {string} str
+ * @return {Uint8Array}
+ */
+forge.util.binary.hex.decode = function(str){};
 
 /** @constructor */
 forge.asn1 = function(){};
@@ -119,6 +126,12 @@ forge.asn1.Type.OID;
 forge.asn1.Type.NULL;
 /** @type {number} */
 forge.asn1.Type.OCTETSTRING;
+/** @type {number} */
+forge.asn1.Type.PRINTABLESTRING;
+/** @type {number} */
+forge.asn1.Type.ENUMERATED;
+/** @type {number} */
+forge.asn1.Type.BITSTRING;
 forge.asn1.Class = {};
 /** @type {number} */
 forge.asn1.Class.UNIVERSAL;
@@ -133,8 +146,21 @@ forge.asn1.Class.CONTEXT_SPECIFIC;
  * @return {forge.asn1}
  */
 forge.asn1.create = function(tagClass, type, constructed, value, options){};
-/** @type {Array<forge.asn1>} */
+/**
+ * @param {forge.asn1} obj
+ * @param {Object<string, *>} v
+ * @param {Object<string, *>} capture
+ * @param {Array<string>} errors
+ */
+forge.asn1.validate = function(obj, v, capture, errors){};
+/** @type {Array<forge.asn1>|string} */
 forge.asn1.prototype.value;
+/** @type {number} */
+forge.asn1.prototype.tagClass;
+/** @type {number} */
+forge.asn1.prototype.type;
+/** @type {boolean} */
+forge.asn1.prototype.constructed;
 
 /** @constructor */
 const forge_BigInteger = function(){};
@@ -149,6 +175,20 @@ const forge_cert = function(){};
 forge_cert.prototype.publicKey;
 /** @type {forge_cert_issuer} */
 forge_cert.prototype.issuer;
+/** @type {string} */
+forge_cert.prototype.serialNumber;
+/** @type {forge_cert_issuer} */
+forge_cert.prototype.subject;
+/**
+ * @param {forge_cert} parent
+ * @return {boolean}
+ */
+forge_cert.prototype.isIssuer = function(parent){};
+/**
+ * @param {string|forge_cert_extension} nm
+ * @return {forge_cert_extension}
+ */
+forge_cert.prototype.getExtension = function(nm){};
 /** @constructor */
 const forge_key = function(){};
 /** @type {forge_BigInteger} */
@@ -159,6 +199,23 @@ forge_key.prototype.e;
 const forge_cert_issuer = function(){};
 /** @type {Array<forge_cert_attr>} */
 forge_cert_issuer.prototype.attributes;
+/**
+ * @param {string} sn
+ * @return {forge.asn1}
+ */
+forge_cert_issuer.prototype.getField = function(sn){};
+/**
+ * @typedef
+ * {{
+ *    id: (string|undefined),
+ *    name: (string|undefined),
+ *    critical: (boolean|undefined),
+ *    value: (string|undefined),
+ *    cA: (boolean|undefined),
+ * }}
+ */
+var forge_cert_extension;
+
 /**
  * @typedef
  * {{
@@ -263,9 +320,6 @@ var P12Bag;
  */
 forge.pkcs12.prototype.getBags = function(filter){};
 
-forge.oids = {};
-/** @type {string} */
-forge.oids.sha256;
 forge.pki = {};
 forge.pki.oids = {};
 /** @type {string} */
@@ -273,6 +327,8 @@ forge.pki.oids.certBag;
 /** @type {string} */
 forge.pki.oids.pkcs8ShroudedKeyBag;
 /** @type {string} */
+forge.pki.oids.sha1;
+/** @type {string} */
 forge.pki.oids.sha256;
 /** @type {string} */
 forge.pki.oids.contentType;
@@ -282,12 +338,35 @@ forge.pki.oids.data;
 forge.pki.oids.messageDigest;
 /** @type {string} */
 forge.pki.oids.signingTime;
+/** @type {string} */
+forge.pki.oids.rsaEncryption;
+/** @type {string} */
+forge.pki.oids.sha256WithRSAEncryption;
+/** @type {string} */
+forge.pki.oids.commonName;
+/** @lends {forge.pki.oids} */
+forge.oids = forge.pki.oids;
 /**
  * @param {forge.asn1} obj
  * @param {boolean=} computeHash
  * @return {forge_cert}
  */
 forge.pki.certificateFromAsn1 = function(obj, computeHash){};
+/**
+ * @param {forge_cert} cert
+ * @return {forge.asn1}
+ */
+forge.pki.certificateToAsn1 = function(cert){};
+/**
+ * @param {forge_cert_issuer} obj
+ * @return {forge.asn1}
+ */
+forge.pki.distinguishedNameToAsn1 = function(obj){};
+/**
+ * @param {forge_key} key
+ * @return {forge.asn1}
+ */
+forge.pki.publicKeyToRSAPublicKey = function(key){};
 
 forge.md = {};
 /** @constructor */

closure/pdflib-ext.js

@@ -8,6 +8,19 @@
  */
 var PdfLoadOptions;
 
+/** @const */
+var pako = {};
+/**
+ * @param {Uint8Array} input
+ * @return {Uint8Array}
+ */
+pako.inflate = function(input){};
+
+/** @constructor */
+var Fontkit = function(){};
+/** @const {Fontkit} */
+var fontkit;
+
 /** @const */
 var PDFLib = {};
 
@@ -23,6 +36,26 @@ PDFLib.copyStringIntoBuffer = function(str, buffer, offset){};
  * @return {Uint8Array}
  */
 PDFLib.toUint8Array = function(input){};
+/**
+ * @param {string} text
+ * @return {string}
+ */
+PDFLib.cleanText = function(text){};
+/**
+ * @param {string} text
+ * @return {Array<string>}
+ */
+PDFLib.lineSplit = function(text){};
+/**
+ * @param {string} text
+ * @return {boolean}
+ */
+PDFLib.isNewlineChar = function(text){};
+/**
+ * @param {string} fntnm
+ * @return {boolean}
+ */
+PDFLib.isStandardFont = function(fntnm){};
 
 /** @constructor */
 PDFLib.PDFDocument = function(){};
@@ -50,6 +83,10 @@ PDFLib.PDFDocument.prototype.save = function(options){};
  * @returns {Array<PDFLib.PDFPage>}
  */
 PDFLib.PDFDocument.prototype.getPages = function(){};
+/**
+ * @returns {number}
+ */
+PDFLib.PDFDocument.prototype.getPageCount = function(){};
 /**
  * @param {ArrayBuffer|Uint8Array|string} png
  * @returns {Promise<PDFLib.PDFImage>}
@@ -60,6 +97,32 @@ PDFLib.PDFDocument.prototype.embedPng = function(png){};
  * @returns {Promise<PDFLib.PDFImage>}
  */
 PDFLib.PDFDocument.prototype.embedJpg = function(jpg){};
+
+/**
+ * @typedef
+ * {{
+ *    customName: (string|undefined),
+ *    features: (Object<string, boolean>|undefined),
+ *    subset: (boolean|undefined),
+ * }}
+ */
+var EmbedFontOptions;
+/**
+ * @param {ArrayBuffer|Uint8Array} font
+ * @param {EmbedFontOptions=} options
+ * @returns {Promise<PDFLib.PDFFont>}
+ */
+PDFLib.PDFDocument.prototype.embedFont = function(font, options){};
+/**
+ * @param {string} font
+ * @param {string=} customName
+ * @returns {PDFLib.PDFFont}
+ */
+PDFLib.PDFDocument.prototype.embedStandardFont = function(font, customName){};
+/**
+ * @param {Fontkit} fkt
+ */
+PDFLib.PDFDocument.prototype.registerFontkit = function(fkt){};
 /**
  * @returns {Promise<number>}
  */
@@ -108,7 +171,10 @@ PDFLib.PDFAcroForm.prototype.addField = function(field){};
 /** @type {PDFLib.PDFDict} */
 PDFLib.PDFAcroForm.prototype.dict;
 
-/** @constructor */
+/**
+ * @constructor
+ * @extends {PDFLib.PDFDict}
+ */
 PDFLib.PDFCatalog = function(){};
 /**
  * @param {PDFLib.PDFName} name
@@ -196,6 +262,7 @@ PDFLib.PDFContext.prototype.enumerateIndirectObjects = function(){};
  * @typedef
  * {{
  *    Root: PDFLib.PDFRef,
+ *    Info: PDFLib.PDFRef,
  *    ID: (PDFLib.PDFArray|undefined),
  * }}
  */
@@ -221,6 +288,12 @@ PDFLib.PDFContext.prototype.nextRef = function(){};
  * @return {PDFLib.PDFObject}
  */
 PDFLib.PDFContext.prototype.obj = function(literal){};
+/**
+ * @param {string|Uint8Array} contents
+ * @param {PDFLib.PDFDict=} dict
+ * @return {PDFLib.PDFRawStream}
+ */
+PDFLib.PDFContext.prototype.flateStream = function(contents, dict){};
 /**
  * @param {PDFLib.PDFRef} ref
  * @return {PDFLib.PDFObject}
@@ -258,6 +331,8 @@ PDFLib.PDFName.Annots;
  * @return {PDFLib.PDFName}
  */
 PDFLib.PDFName.of = function(value){};
+/** @return {string} */
+PDFLib.PDFName.prototype.asString = function(){};
 /** @type {string} */
 PDFLib.PDFName.prototype.encodedName;
 /** @type {number} */
@@ -280,10 +355,20 @@ PDFLib.PDFArray.prototype.push = function(object){};
  * @return {PDFLib.PDFObject}
  */
 PDFLib.PDFArray.prototype.get = function(idx){};
+/**
+ * @return {number}
+ */
+PDFLib.PDFArray.prototype.size = function(){};
 /**
  * @return {Array<PDFLib.PDFObject>}
  */
 PDFLib.PDFArray.prototype.asArray = function(){};
+/**
+ * @param {number} idx
+ * @param {*} typ
+ * @return {PDFLib.PDFObject}
+ */
+PDFLib.PDFArray.prototype.lookupMaybe = function(idx, typ){};
 
 /**
  * @constructor
@@ -345,12 +430,55 @@ PDFLib.PDFImage.prototype.size = function(){};
 /** @type {PDFLib.PDFRef} */
 PDFLib.PDFImage.prototype.ref;
 
+/** @constructor */
+PDFLib.StandardFontEmbedder = function(){};
+/**
+ * @param {string} fontName
+ * @param {string=} customName
+ * @return {PDFLib.StandardFontEmbedder}
+ */
+PDFLib.StandardFontEmbedder.for = function(fontName, customName){};
+
+/** @constructor */
+PDFLib.CustomFontEmbedder = function(){};
+/**
+ * @param {Fontkit} fontkit
+ * @param {Uint8Array} fontData
+ * @param {string=} customName
+ * @return {PDFLib.CustomFontEmbedder}
+ */
+PDFLib.CustomFontEmbedder.for = function(fontkit, fontData, customName){};
+
 /** @constructor */
 PDFLib.PDFFont = function(){};
+/**
+ * @param {PDFLib.PDFRef} ref
+ * @param {PDFLib.PDFDocument} doc
+ * @param {PDFLib.StandardFontEmbedder|PDFLib.CustomFontEmbedder} embedder
+ * @return {PDFLib.PDFFont}
+ */
+PDFLib.PDFFont.of = function(ref, doc, embedder){};
 /** @type {PDFLib.PDFRef} */
 PDFLib.PDFFont.prototype.ref;
-/** @constructor */
-PDFLib.StandardFonts = function(){};
+/** @type {string} */
+PDFLib.PDFFont.prototype.name;
+/**
+ * @param {string} text
+ * @return {PDFLib.PDFHexString }
+ */
+PDFLib.PDFFont.prototype.encodeText = function(text){};
+/**
+ * @param {number} size
+ * @param {Object<string, boolean>=} options
+ * @return {number}
+ */
+PDFLib.PDFFont.prototype.heightAtSize = function(size, options){};
+/**
+ * @param {string} text
+ * @param {number} size
+ * @return {number}
+ */
+PDFLib.PDFFont.prototype.widthOfTextAtSize = function(text, size){};
 
 PDFLib.RotationTypes = {};
 /** @type {string} */
@@ -382,14 +510,49 @@ PDFLib.PDFOperator = function(){};
  *    rotate: (PDFLib.Rotation|undefined),
  *    xSkew: (PDFLib.Rotation|undefined),
  *    ySkew: (PDFLib.Rotation|undefined),
+ *    graphicsState: (string|undefined),
  * }}
  */
 var PdfDrawimgOption;
 /**
  * @param {string} name
  * @param {PdfDrawimgOption} options
+ * @return {Array<PDFLib.PDFOperator>}
  */
 PDFLib.drawImage = function(name, options){};
+/**
+ * @constructor
+ */
+PDFLib.Color = function(){};
+/**
+ * @typedef
+ * {{
+ *    color: PDFLib.Color,
+ *    font: string,
+ *    graphicsState: (string|undefined),
+ *    lineHeight: number,
+ *    size: number,
+ *    rotate: (PDFLib.Rotation|undefined),
+ *    xSkew: (PDFLib.Rotation|undefined),
+ *    ySkew: (PDFLib.Rotation|undefined),
+ *    x: number,
+ *    y: number,
+ * }}
+ */
+var DrawLinesOfTextOptions;
+/**
+ * @param {Array<PDFLib.PDFHexString>} lines
+ * @param {DrawLinesOfTextOptions} options
+ * @return {Array<PDFLib.PDFOperator>}
+ */
+PDFLib.drawLinesOfText = function(lines, options){};
+/**
+ * @param {number} red
+ * @param {number} green
+ * @param {number} blue
+ * @return {PDFLib.Color}
+ */
+PDFLib.rgb = function(red, green, blue){};
 
 /**
  * @constructor
@@ -425,6 +588,17 @@ PDFLib.PDFContentStream = function(){};
  * @return {PDFLib.PDFContentStream}
  */
 PDFLib.PDFContentStream.of = function(dict, operators, encode){};
+/**
+ * @constructor
+ * @extends {PDFLib.PDFStream}
+ */
+PDFLib.PDFRawStream = function(){};
+/** @type {PDFLib.PDFDict} */
+PDFLib.PDFRawStream.prototype.dict;
+/**
+ * @return {Uint8Array}
+ */
+PDFLib.PDFRawStream.prototype.getContents = function(){};
 
 /**
  * @constructor

closure/zb-externs.js

@@ -9,24 +9,75 @@
 var TsaServiceInfo;
 /**
  * the base point of x, y is top left corner.
+ * wDraw, hDraw: Only for internal process.
  * @typedef
  * {{
  *    x: number,
  *    y: number,
- *    w: number,
- *    h: number,
+ *    w: (number|undefined),
+ *    h: (number|undefined),
+ *    wDraw: (number|undefined),
+ *    hDraw: (number|undefined),
  * }}
  */
 var SignAreaInfo;
 /**
+ * fontData:   default: StandardFonts.Helvetica
+ * color:      A Hex string of color. default: #000
+ * opacity:    valid value is from 0 to 1. default: 1 // Not implemented
+ * blendMode:  https://pdf-lib.js.org/docs/api/enums/blendmode // Not implemented
+ * lineHeight: default is the height of the font at the given size
+ * xOffset:    An offset from SignAreaInfo's x
+ * yOffset:    An offset from SignAreaInfo's y
+ * align:      Text alignment: 0 left, 1 center, 2 right. default: 0
+ * noBreaks:   A regular expression string that indicates which characters should not be used to break a word. default: [A-Za-z0-9]
+ *
+ * @typedef
+ * {{
+ *    text: string,
+ *    fontData: (Array<number>|Uint8Array|ArrayBuffer|string|undefined),
+ *    subset: (boolean|undefined),
+ *    color: (string|undefined),
+ *    opacity: (number|undefined),
+ *    blendMode: (string|undefined),
+ *    lineHeight: (number|undefined),
+ *    size: number,
+ *    xOffset: (number|undefined),
+ *    yOffset: (number|undefined),
+ *    wMax: (number|undefined),
+ *    align: (number|undefined),
+ *    noBreaks: (string|undefined),
+ * }}
+ */
+var SignTextInfo;
+/**
+ * opacity:    valid value is from 0 to 1. default: 1 // Not implemented
+ * blendMode:  https://pdf-lib.js.org/docs/api/enums/blendmode // Not implemented
+ *
+ * @typedef
+ * {{
+ *    imgData: (Array<number>|Uint8Array|ArrayBuffer|string|undefined),
+ *    imgType: (string|undefined),
+ *    opacity: (number|undefined),
+ *    blendMode: (string|undefined),
+ * }}
+ */
+var SignImageInfo;
+/**
+ * The signature can be placed in the same position on multiple pages, but all pages must have the same size and rotation angle.
+ * pageidx: Can be a string to indicate placing the signature on multiple pages.
+ *   For example: A pdf contains 17 pages and specify "-3,5-7,9,12,15-" means [0,1,2,3,5,6,7,9,12,15,16]
+ * imgData, imgType: Deprecated, use imgInfo instead.
+ * img, font: Only for internal process.
+ *
  * @typedef
  * {{
  *    area: SignAreaInfo,
- *    pageidx: (number|undefined),
+ *    pageidx: (number|string|undefined),
  *    imgData: (Array<number>|Uint8Array|ArrayBuffer|string|undefined),
  *    imgType: (string|undefined),
- *    text: (string|undefined),
- *    fontData: (PDFLib.StandardFonts|Array<number>|Uint8Array|ArrayBuffer|string|undefined),
+ *    imgInfo: (SignImageInfo|undefined),
+ *    textInfo: (SignTextInfo|undefined),
  *    img: (PDFLib.PDFImage|undefined),
  *    font: (PDFLib.PDFFont|undefined),
  * }}
@@ -34,12 +85,16 @@ var SignAreaInfo;
 var SignDrawInfo;
 /**
  * In the case of adding a document timestamp, the p12cert and pwd must be omitted. But meanwhile the tsa must be provided.
- *
+ * 
  * permission: (DocMDP) The modification permissions granted for this document. Valid values are:
  *  1 : No changes to the document are permitted; any change to the document invalidates the signature.
  *  2 : Permitted changes are filling in forms, instantiating page templates, and signing; other changes invalidate the signature.
  *  3 : Permitted changes are the same as for 2, as well as annotation creation, deletion, and modification; other changes invalidate the signature.
  *
+ * ltv: Type of Long-Term Validation. Valid values are:
+ *  1 : auto; Try using ocsp only to enable the LTV first; If can't, try using crl to enable the LTV.
+ *  2 : crl only; Only try using crl to enable the LTV.
+ *
  * @typedef
  * {{
  *    p12cert: (Array<number>|Uint8Array|ArrayBuffer|string|undefined),
@@ -51,6 +106,7 @@ var SignDrawInfo;
  *    signdate: (Date|TsaServiceInfo|string|undefined),
  *    signame: (string|undefined),
  *    drawinf: (SignDrawInfo|undefined),
+ *    ltv: (number|undefined),
  *    debug: (boolean|undefined),
  * }}
  */
@@ -110,6 +166,23 @@ var CFType;
  * }}
  */
 var RC4LastInfo;
+/**
+ * @typedef
+ * {{
+ *    certs: (Array<forge_cert>|undefined),
+ *    ocsps: (Array<Uint8Array>|undefined),
+ *    crls: (Array<Uint8Array>|undefined),
+ * }}
+ */
+var DSSInfo;
+/**
+ * @typedef
+ * {{
+ *    resp: (Uint8Array|undefined),
+ *    cchainIdx: (number|undefined),
+ * }}
+ */
+var OcspData;
 
 var Zga = {};
 /**
@@ -142,6 +215,64 @@ Zga.PdfCryptor = function(encopt){};
  * @return {Promise<PDFLib.PDFDocument>}
  */
 Zga.PdfCryptor.prototype.encryptPdf = function(pdf, ref){};
+/**
+ * @param {number} num
+ * @param {PDFLib.PDFObject} val
+ */
+Zga.PdfCryptor.prototype.encryptObject = function(num, val){};
+/**
+ * @constructor
+ * @param {Array<forge_cert|forge.asn1|string>=} certs
+ */
+Zga.CertsChain = function(certs){};
+/**
+ * @return {forge_cert}
+ */
+Zga.CertsChain.prototype.getSignCert = function(){};
+/**
+ * @public
+ * @return {boolean}
+ */
+Zga.CertsChain.prototype.isSelfSignedCert = function(){};
+/**
+ * @return {Array<forge_cert>}
+ */
+Zga.CertsChain.prototype.getAllCerts = function(){};
+/**
+ * @public
+ * @param {forge_cert} cert
+ * @return {Promise<boolean>}
+ */
+Zga.CertsChain.prototype.buildChain = function(cert){};
+/**
+ * @param {boolean=} crlOnly
+ * @return {Promise<DSSInfo>}
+ */
+Zga.CertsChain.prototype.prepareDSSInf = function(crlOnly){};
+/**
+ * @constructor
+ * @param {TsaServiceInfo} inf
+ */
+Zga.TsaFetcher = function(inf){};
+/** @type {string} */
+Zga.TsaFetcher.prototype.url;
+/** @type {number} */
+Zga.TsaFetcher.prototype.len;
+/**
+ * @param {string=} data
+ * @return {Promise<string>}
+ */
+Zga.TsaFetcher.prototype.queryTsa = function(data){};
+/**
+ * @param {boolean=} forP7
+ * @return {forge.asn1}
+ */
+Zga.TsaFetcher.prototype.getToken = function(forP7){};
+/**
+ * @return {Zga.CertsChain}
+ */
+Zga.TsaFetcher.prototype.getCertsChain = function(){};
+
 /**
  * @constructor
  * @param {SignOption} signopt

lib/zgafetch.js

@@ -0,0 +1,140 @@
+/**
+ * @param {Object<string, *>} z
+ */
+function supplyZgaUrlFetch(z){
+
+//Only for nodejs Start//
+const m_urlparser = require("url");
+const m_h = {
+	"http:": require('follow-redirects').http,
+	"https:": require('follow-redirects').https,
+};
+// @type {boolean}
+z.isNode = function(){return this === globalThis.global;}();
+//Only for nodejs End//
+
+/** @type {boolean} */
+z.isBrowser = function(){return this === globalThis.self;}();
+
+/**
+ * @param {string} url
+ * @param {UrlFetchParams} params
+ * @return {Promise<Uint8Array>}
+ */
+z.urlFetch = function(url, params){
+
+//Only for nodejs Start//
+	if(z.isNode){
+		return new Promise(function(resolve, reject){
+			// @type {URL}
+			var opts = m_urlparser.parse(url);
+			var http = m_h[opts.protocol];
+			// @type {string|Buffer}
+			var dat = null;
+			var encoding = undefined;
+			opts.method = "GET";
+			if(params){
+				if(params.payload instanceof Buffer){
+					dat = params.payload;
+				}else if(params.payload instanceof Uint8Array){
+					dat = Buffer.from(params.payload.buffer);
+				}else if(params.payload instanceof ArrayBuffer){
+					dat = Buffer.from(params.payload);
+				}else{
+					dat = params.payload;
+					encoding = "binary";
+				}
+				if(params.headers){
+					opts.headers = params.headers;
+				}
+				if(params.method){
+					opts.method = params.method;
+				}
+				if(params.validateHttpsCertificates === false){
+					opts.rejectUnauthorized = false;
+				}
+			}
+
+			// @type {http.ClientRequest}
+			var hreq = http.request(opts, function(a_res){ // @type {http.IncomingMessage} a_res
+				if(a_res.statusCode !== 200){
+					var a_err = new Error("Failed to request url. " + url +  "\n Status Code: " + a_res.statusCode);
+					a_res.resume();
+					throw a_err;
+				}
+				// @type {Array<Buffer>}
+				var a_bufs = [];
+				var a_bufs_len = 0;
+				a_res.on("data", function(b_chunk){ // @type {Buffer} b_chunk
+					a_bufs.push(b_chunk);
+					a_bufs_len += b_chunk.length;
+				});
+				a_res.on("end", function(){
+					// @type {Buffer}
+					var b_bdat = Buffer.concat(a_bufs, a_bufs_len);
+					resolve(b_bdat);
+				});
+			});
+			hreq.on("error", function(a_err){
+				throw a_err;
+			});
+			hreq.end(dat, encoding);
+		});
+	}
+//Only for nodejs End//
+
+	// Google Apps Script
+	if(globalThis.UrlFetchApp){
+		return new Promise(function(resolve){
+			/** @type {GBlob} */
+			var tblob = UrlFetchApp.fetch(url, params).getBlob();
+			resolve(new Uint8Array(tblob.getBytes()));
+		});
+	}
+
+	// browser
+	if(z.isBrowser && globalThis.self.fetch){
+		/**
+		 * @return {Promise<Uint8Array>}
+		 */
+		var func = async function(){
+			/** @type {!RequestInit} */
+			var reqinf = {
+				method: "GET",
+				redirect: "follow",
+			};
+			if(params){
+				if(params.payload){
+					reqinf.body = params.payload;
+				}
+				if(params.headers){
+					reqinf.headers = params.headers;
+				}
+				if(params.method){
+					reqinf.method = params.method;
+				}
+			}
+			/** @type {Response} */
+			var resp = await fetch(url, reqinf);
+			if(resp.ok){
+				/** @type {ArrayBuffer} */
+				var abdat = await resp.arrayBuffer();
+				return new Uint8Array(abdat);
+			}else{
+				/** @type {string} */
+				var msg = await resp.text();
+				throw new Error("Fetch failed." + resp.status + ": " + msg);
+			}
+		};
+		return func();
+	}
+	return null;
+};
+
+}
+
+//Only for nodejs Start//
+if(typeof exports === "object" && typeof module !== "undefined"){
+	module.exports = supplyZgaUrlFetch;
+}
+//Only for nodejs End//

lib/zgaindex.js

@@ -0,0 +1,64 @@
+'use strict';
+
+/**
+ * @return {Object<string, *>}
+ */
+function genZga(){
+	/** @const {Object<string, *>} */
+	const z = {
+		ver: "",
+	};
+
+	/**
+	 * @param {...string} msg
+	 */
+	z.log = function(...msg){
+		if(z.debug){
+			console.log(...msg);
+		}
+	};
+
+	/**
+	 * @param {Uint8Array} uarr
+	 * @return {string}
+	 */
+	z.u8arrToRaw = function(uarr){
+		/** @type {Array<string>} */
+		var arr = [];
+		for(var i=0; i<uarr.length; i++){
+			arr.push(String.fromCharCode(uarr[i]));
+		}
+		return arr.join("");
+	};
+
+	/**
+	 * @param {string} raw
+	 * @return {Uint8Array}
+	 */
+	z.rawToU8arr = function(raw){
+		/** @type {Uint8Array} */
+		var arr = new Uint8Array(raw.length);
+		for(var i=0; i<raw.length; i++){
+			arr[i] = raw.charCodeAt(i);
+		}
+		return arr;
+	};
+
+	return z;
+}
+
+//Only for nodejs Start//
+if(typeof exports === "object" && typeof module !== "undefined"){
+	module.exports = genZga();
+}else{
+//Only for nodejs End//
+	if(!globalThis.Zga){
+		globalThis.Zga = genZga();
+		supplyZgaUrlFetch(globalThis.Zga);
+		supplyZgaCertsChain(globalThis.Zga);
+		supplyZgaCryptor(globalThis.Zga);
+		supplyZgaSigner(globalThis.Zga);
+	}
+//Only for nodejs Start//
+}
+//Only for nodejs End//

lib/zganode.d.ts

@@ -0,0 +1,117 @@
+import * as forge from "node-forge";
+import * as PDFLib from "pdf-lib";
+export * as forge from "node-forge";
+export * as PDFLib from "pdf-lib";
+
+export declare function u8arrToRaw(uarr: Uint8Array): string;
+export declare function rawToU8arr(raw: string): Uint8Array;
+export declare namespace Crypto {
+  enum Mode {
+    RC4_40,
+    RC4_128,
+    AES_128,
+    AES_256,
+  }
+}
+export type DSSInfo = {
+  certs?: Array<forge.pki.Certificate>;
+  ocsps?: Array<Uint8Array>;
+  crls?: Array<Uint8Array>;
+};
+export type EncryptOption = {
+  mode: Crypto.Mode;
+  permissions?: Array<string>;
+  userpwd?: string;
+  ownerpwd?: string;
+  pubkeys?: Array<PubKeyInfo>;
+};
+export type PubKeyInfo = {
+  c?: Array<number> | Uint8Array | ArrayBuffer | string | forge.pki.Certificate;
+  p?: Array<string>;
+};
+export type SignAreaInfo = {
+  x: number;
+  y: number;
+  w?: number;
+  h?: number;
+};
+export type SignTextInfo = {
+  text: string,
+  fontData?: Array<number> | Uint8Array | ArrayBuffer | PDFLib.StandardFonts;
+  subset?: boolean;
+  color?: string;
+  opacity?: number;
+  blendMode?: string;
+  lineHeight?: number;
+  size: number,
+  xOffset?: number;
+  yOffset?: number;
+  wMax?: number;
+  align?: number;
+  noBreaks?: string;
+};
+export type SignImageInfo = {
+  imgData: Array<number> | Uint8Array | ArrayBuffer | string;
+  imgType: string;
+  opacity?: number;
+  blendMode?: string;
+};
+export type SignDrawInfo = {
+  area: SignAreaInfo;
+  pageidx?: number | string;
+  /** @deprecated use imgInfo instead */
+  imgData?: Array<number> | Uint8Array | ArrayBuffer | string;
+  /** @deprecated use imgInfo instead */
+  imgType?: string;
+  imgInfo?: SignImageInfo;
+  textInfo?: SignTextInfo;
+};
+export type SignOption = {
+  p12cert?: Array<number> | Uint8Array | ArrayBuffer | string;
+  pwd?: string;
+  permission?: number;
+  reason?: string;
+  location?: string;
+  contact?: string;
+  signdate?: Date | TsaServiceInfo | string;
+  signame?: string;
+  drawinf?: SignDrawInfo;
+  ltv?: number;
+  debug?: boolean;
+};
+export type TsaServiceInfo = {
+  url: string;
+  len?: number;
+  headers?: Record<string, any>;
+};
+
+export declare class CertsChain {
+  constructor(certs?: Array<forge.pki.Certificate | forge.asn1.Asn1 | string>);
+  buildChain(cert: forge.pki.Certificate): Promise<boolean>;
+  getAllCerts(): Array<forge.pki.Certificate>;
+  getSignCert(): forge.pki.Certificate;
+  isSelfSignedCert(): boolean;
+  prepareDSSInf(crlOnly?: boolean): Promise<DSSInfo>;
+}
+export declare class PdfCryptor {
+  constructor(encopt: EncryptOption);
+  encryptPdf(pdf: PDFLib.PDFDocument | Array<number> | Uint8Array | ArrayBuffer | string, ref?: PDFLib.PDFRef): Promise<PDFLib.PDFDocument>;
+  encryptObject(num: number, val: PDFLib.PDFObject): void;
+}
+export declare class PdfSigner {
+  constructor(signopt: SignOption);
+  sign(pdf: PDFLib.PDFDocument | Array<number> | Uint8Array | ArrayBuffer | string, cypopt?: EncryptOption): Promise<Uint8Array>;
+}
+export declare class TsaFetcher {
+  constructor(inf: TsaServiceInfo);
+  url: string;
+  len: number;
+  getCertsChain(): CertsChain;
+  getToken(forP7?: boolean): forge.asn1.Asn1;
+  queryTsa(data?: string): Promise<string>;
+}
+export declare class PdfFonts {
+  private constructor();
+  static from(pdfdoc: PDFLib.PDFDocument): Promise<PdfFonts>;
+  getEmbeddedFont(fontData?: Array<number> | Uint8Array | ArrayBuffer | PDFLib.StandardFonts, subset?: boolean): Promise<PDFLib.PDFFont>;
+}

lib/zganode.js

@@ -0,0 +1,17 @@
+const m_urlparser = require("url");
+const m_h = {
+	"http:": require('follow-redirects').http,
+	"https:": require('follow-redirects').https,
+};
+const z = require("./zgaindex.js");
+z.forge = require("node-forge");
+z.PDFLib = require("pdf-lib");
+// z.fontkit = require("@pdf-lib/fontkit");
+z.fontkit = require("pdf-fontkit");
+z.pako = require("pako");
+
+require("./zgafetch.js")(z);
+require("./zgacertsutil.js")(z);
+require("./zgapdfcryptor.js")(z);
+require("./zgapdfsigner.js")(z);
+module.exports = z;

lib/zgapdfcryptor.js

@@ -6,6 +6,15 @@
  */
 function supplyZgaCryptor(z){
 
+//Only for nodejs Start//
+if(z.forge){
+	var forge = z.forge;
+}
+if(z.PDFLib){
+	var PDFLib = z.PDFLib;
+}
+//Only for nodejs End//
+
 /**
  * @param {PDFLib.PDFDocument|Array<number>|Uint8Array|ArrayBuffer|string} pdf
  * @return {Promise<PDFLib.PDFDocument>}
@@ -23,47 +32,6 @@ z.loadPdf = async function(pdf){
 	return pdfdoc;
 };
 
-/**
- * @param {Uint8Array} uarr
- * @return {string}
- */
-z.u8arrToRaw = function(uarr){
-	/** @type {Array<string>} */
-	var arr = [];
-	for(var i=0; i<uarr.length; i++){
-		arr.push(String.fromCharCode(uarr[i]));
-	}
-	return arr.join("");
-};
-
-/**
- * @param {string} raw
- * @return {Uint8Array}
- */
-z.rawToU8arr = function(raw){
-	/** @type {Uint8Array} */
-	var arr = new Uint8Array(raw.length);
-	for(var i=0; i<raw.length; i++){
-		arr[i] = raw.charCodeAt(i);
-	}
-	return arr;
-};
-
-/**
- * When converting to asn1, forge will encode the value of issuer to utf8 if the valueTagClass is UTF8.
- * But the value load from a file which is DER format, is already utf8 encoded,
- * so the encoding action will break the final data.
- * To avoid the broken data issue, we decode the value before the later actions.
- * @param {forge_cert} cert
- */
-z.fixCertAttributes = function(cert){
-	cert.issuer.attributes.forEach(function(a_ele){
-		if(a_ele.valueTagClass === forge.asn1.Type.UTF8){
-			a_ele.value = forge.util.decodeUtf8(a_ele.value);
-		}
-	});
-};
-
 z.Crypto = {
 	/**
 	 * @enum {number}
@@ -462,6 +430,8 @@ z.PdfCryptor = class{
 	 * @return {Promise<PDFLib.PDFDocument>}
 	 */
 	async encryptPdf(pdf, ref){
+		/** @const {z.PdfCryptor} */
+		const _this = this;
 		/** @type {PDFLib.PDFDocument} */
 		var pdfdoc = await z.loadPdf(pdf);
 		if(pdfdoc === pdf && !ref){
@@ -471,45 +441,10 @@ z.PdfCryptor = class{
 		/** @type {PDFLib.PDFContext} */
 		var pdfcont = pdfdoc.context;
 		/** @type {PDFLib.PDFObject} */
-		var trobj = this.prepareEncrypt(pdfcont);
+		var trobj = _this.prepareEncrypt(pdfcont);
 
-		/**
-		 * @param {number} a_num
-		 * @param {PDFLib.PDFObject} a_val
-		 */
-		var func = function(a_num, a_val){
-			if(a_val instanceof PDFLib.PDFContentStream){
-				/** @type {Uint8Array} */
-				var a_dat = a_val.contentsCache.access();
-				if(a_dat){
-					a_val.contentsCache.value = this.encryptU8arr(a_num, a_dat);
-				}
-			}else if(a_val instanceof PDFLib.PDFStream){
-				if(a_val.contents){
-					a_val.contents = this.encryptU8arr(a_num, a_val.contents);
-				}
-			}else if(a_val instanceof PDFLib.PDFHexString){
-				if(a_val.value){
-					a_val.value = this.encryptHexstr(a_num, a_val.value);
-				}
-			}else if(a_val instanceof PDFLib.PDFString){
-				if(a_val.value){
-					a_val.value = z.Crypto._escape(this._encrypt_data(a_num, a_val.value));
-				}
-			}
-			if(a_val.dict instanceof Map){
-				/** @type {Iterator} */
-				var a_es = a_val.dict.entries();
-				/** @type {IIterableResult<PdfObjEntry>} */
-				var a_res = a_es.next();
-				while(!a_res.done){
-					func(a_num, a_res.value[1]);
-					a_res = a_es.next();
-				}
-			}
-		}.bind(this);
 		pdfcont.enumerateIndirectObjects().forEach(function(/** @type {PdfObjEntry} */a_arr){
-			func(a_arr[0].objectNumber, a_arr[1]);
+			_this.encryptObject(a_arr[0].objectNumber, a_arr[1]);
 		});
 
 		if(ref){
@@ -522,6 +457,43 @@ z.PdfCryptor = class{
 		return pdfdoc;
 	}
 
+	/**
+	 * @public
+	 * @param {number} num
+	 * @param {PDFLib.PDFObject} val
+	 */
+	encryptObject(num, val){
+		if(val instanceof PDFLib.PDFContentStream){
+			/** @type {Uint8Array} */
+			var dat = val.contentsCache.access();
+			if(dat){
+				val.contentsCache.value = this.encryptU8arr(num, dat);
+			}
+		}else if(val instanceof PDFLib.PDFStream){
+			if(val.contents){
+				val.contents = this.encryptU8arr(num, val.contents);
+			}
+		}else if(val instanceof PDFLib.PDFHexString){
+			if(val.value){
+				val.value = this.encryptHexstr(num, val.value);
+			}
+		}else if(val instanceof PDFLib.PDFString){
+			if(val.value){
+				val.value = z.Crypto._escape(this._encrypt_data(num, val.value));
+			}
+		}
+		if(val.dict instanceof Map){
+			/** @type {Iterator} */
+			var es = val.dict.entries();
+			/** @type {IIterableResult<PdfObjEntry>} */
+			var res = es.next();
+			while(!res.done){
+				this.encryptObject(num, res.value[1]);
+				res = es.next();
+			}
+		}
+	}
+
 	/**
 	 * Prepare for encryption and create the object for saving in trailer.
 	 *
@@ -953,9 +925,7 @@ z.PdfCryptor = class{
 						}else{
 							a_cerstr = z.u8arrToRaw(new Uint8Array(/** @type {Array<number>|ArrayBuffer|Uint8Array} */(a_pubkey.c)));
 						}
-						/** @type {forge.asn1} */
-						var a_asn1 = forge.asn1.fromDer(a_cerstr);
-						a_cert = forge.pki.certificateFromAsn1(a_asn1);
+						a_cert = z.loadCert(a_cerstr);
 						z.fixCertAttributes(a_cert);
 					}
 				}else{
@@ -991,7 +961,8 @@ z.PdfCryptor = class{
 
 }
 
-if(!globalThis.Zga){
-	globalThis.Zga = {};
+//Only for nodejs Start//
+if(typeof exports === "object" && typeof module !== "undefined"){
+	module.exports = supplyZgaCryptor;
 }
-supplyZgaCryptor(globalThis.Zga);
+//Only for nodejs End//

package-lock.json

@@ -1,17 +1,22 @@
 {
   "name": "zgapdfsigner",
-  "version": "2.3.0",
-  "lockfileVersion": 2,
+  "version": "2.7.2",
+  "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "zgapdfsigner",
-      "version": "2.3.0",
+      "version": "2.7.2",
+      "license": "MIT",
       "dependencies": {
+        "follow-redirects": "1.15.6",
         "node-forge": "1.3.1",
+        "pdf-fontkit": "1.8.9",
         "pdf-lib": "1.17.1"
       },
-      "devDependencies": {}
+      "devDependencies": {
+        "google-closure-compiler": "^20231112.0.0"
+      }
     },
     "node_modules/@pdf-lib/standard-fonts": {
       "version": "1.0.0",
@@ -29,6 +34,189 @@
         "pako": "^1.0.10"
       }
     },
+    "node_modules/ansi-styles": {
+      "version": "4.3.0",
+      "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz",
+      "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==",
+      "dev": true,
+      "dependencies": {
+        "color-convert": "^2.0.1"
+      },
+      "engines": {
+        "node": ">=8"
+      },
+      "funding": {
+        "url": "https://github.com/chalk/ansi-styles?sponsor=1"
+      }
+    },
+    "node_modules/chalk": {
+      "version": "4.1.2",
+      "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz",
+      "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==",
+      "dev": true,
+      "dependencies": {
+        "ansi-styles": "^4.1.0",
+        "supports-color": "^7.1.0"
+      },
+      "engines": {
+        "node": ">=10"
+      },
+      "funding": {
+        "url": "https://github.com/chalk/chalk?sponsor=1"
+      }
+    },
+    "node_modules/clone": {
+      "version": "2.1.2",
+      "resolved": "https://registry.npmjs.org/clone/-/clone-2.1.2.tgz",
+      "integrity": "sha512-3Pe/CF1Nn94hyhIYpjtiLhdCoEoz0DqQ+988E9gmeEdQZlojxnOb74wctFyuwWQHzqyf9X7C7MG8juUpqBJT8w==",
+      "dev": true,
+      "engines": {
+        "node": ">=0.8"
+      }
+    },
+    "node_modules/clone-buffer": {
+      "version": "1.0.0",
+      "resolved": "https://registry.npmjs.org/clone-buffer/-/clone-buffer-1.0.0.tgz",
+      "integrity": "sha512-KLLTJWrvwIP+OPfMn0x2PheDEP20RPUcGXj/ERegTgdmPEZylALQldygiqrPPu8P45uNuPs7ckmReLY6v/iA5g==",
+      "dev": true,
+      "engines": {
+        "node": ">= 0.10"
+      }
+    },
+    "node_modules/clone-stats": {
+      "version": "1.0.0",
+      "resolved": "https://registry.npmjs.org/clone-stats/-/clone-stats-1.0.0.tgz",
+      "integrity": "sha512-au6ydSpg6nsrigcZ4m8Bc9hxjeW+GJ8xh5G3BJCMt4WXe1H10UNaVOamqQTmrx1kjVuxAHIQSNU6hY4Nsn9/ag==",
+      "dev": true
+    },
+    "node_modules/cloneable-readable": {
+      "version": "1.1.3",
+      "resolved": "https://registry.npmjs.org/cloneable-readable/-/cloneable-readable-1.1.3.tgz",
+      "integrity": "sha512-2EF8zTQOxYq70Y4XKtorQupqF0m49MBz2/yf5Bj+MHjvpG3Hy7sImifnqD6UA+TKYxeSV+u6qqQPawN5UvnpKQ==",
+      "dev": true,
+      "dependencies": {
+        "inherits": "^2.0.1",
+        "process-nextick-args": "^2.0.0",
+        "readable-stream": "^2.3.5"
+      }
+    },
+    "node_modules/color-convert": {
+      "version": "2.0.1",
+      "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz",
+      "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==",
+      "dev": true,
+      "dependencies": {
+        "color-name": "~1.1.4"
+      },
+      "engines": {
+        "node": ">=7.0.0"
+      }
+    },
+    "node_modules/color-name": {
+      "version": "1.1.4",
+      "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz",
+      "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==",
+      "dev": true
+    },
+    "node_modules/core-util-is": {
+      "version": "1.0.3",
+      "resolved": "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.3.tgz",
+      "integrity": "sha512-ZQBvi1DcpJ4GDqanjucZ2Hj3wEO5pZDS89BWbkcrvdxksJorwUDDZamX9ldFkp9aw2lmBDLgkObEA4DWNJ9FYQ==",
+      "dev": true
+    },
+    "node_modules/follow-redirects": {
+      "version": "1.15.6",
+      "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.6.tgz",
+      "integrity": "sha512-wWN62YITEaOpSK584EZXJafH1AGpO8RVgElfkuXbTOrPX4fIfOyEpW/CsiNd8JdYrAoOvafRTOEnvsO++qCqFA==",
+      "funding": [
+        {
+          "type": "individual",
+          "url": "https://github.com/sponsors/RubenVerborgh"
+        }
+      ],
+      "engines": {
+        "node": ">=4.0"
+      },
+      "peerDependenciesMeta": {
+        "debug": {
+          "optional": true
+        }
+      }
+    },
+    "node_modules/google-closure-compiler": {
+      "version": "20231112.0.0",
+      "resolved": "https://registry.npmjs.org/google-closure-compiler/-/google-closure-compiler-20231112.0.0.tgz",
+      "integrity": "sha512-C/MPRThIxRAFomGhpEwXyVcWRIVnmqGraJ5BTJ+EQcfAiPNBvl+Q5nKU2J/lICPcx+YQ+3c+FJ/gBJsTXPjcwg==",
+      "dev": true,
+      "dependencies": {
+        "chalk": "4.x",
+        "google-closure-compiler-java": "^20231112.0.0",
+        "minimist": "1.x",
+        "vinyl": "2.x",
+        "vinyl-sourcemaps-apply": "^0.2.0"
+      },
+      "bin": {
+        "google-closure-compiler": "cli.js"
+      },
+      "engines": {
+        "node": ">=10"
+      },
+      "optionalDependencies": {
+        "google-closure-compiler-linux": "^20231112.0.0",
+        "google-closure-compiler-osx": "^20231112.0.0",
+        "google-closure-compiler-windows": "^20231112.0.0"
+      }
+    },
+    "node_modules/google-closure-compiler-java": {
+      "version": "20231112.0.0",
+      "resolved": "https://registry.npmjs.org/google-closure-compiler-java/-/google-closure-compiler-java-20231112.0.0.tgz",
+      "integrity": "sha512-E45cJD6/xLJlL8pL6HEoxu8nEKp87CnrojUK0UuHiT7ZjCsrJfR4WhZwNNCq2+/6gYD9unGgMsunV4DDtBbvaA==",
+      "dev": true
+    },
+    "node_modules/google-closure-compiler-windows": {
+      "version": "20231112.0.0",
+      "resolved": "https://registry.npmjs.org/google-closure-compiler-windows/-/google-closure-compiler-windows-20231112.0.0.tgz",
+      "integrity": "sha512-wbN5EOCGz53HVENVtOEO1brn/G3ZmCV1ULiJljNuASQc62vQ36QHA6XnAZOAGTEpAoMnYRv3dtXtBKd07wBdsA==",
+      "cpu": [
+        "x32",
+        "x64"
+      ],
+      "dev": true,
+      "optional": true,
+      "os": [
+        "win32"
+      ]
+    },
+    "node_modules/has-flag": {
+      "version": "4.0.0",
+      "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz",
+      "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==",
+      "dev": true,
+      "engines": {
+        "node": ">=8"
+      }
+    },
+    "node_modules/inherits": {
+      "version": "2.0.4",
+      "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz",
+      "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==",
+      "dev": true
+    },
+    "node_modules/isarray": {
+      "version": "1.0.0",
+      "resolved": "https://registry.npmjs.org/isarray/-/isarray-1.0.0.tgz",
+      "integrity": "sha512-VLghIWNM6ELQzo7zwmcg0NmTVyWKYjvIeM83yjp0wRDTmUnrM678fQbcKBo6n2CJEF0szoG//ytg+TKla89ALQ==",
+      "dev": true
+    },
+    "node_modules/minimist": {
+      "version": "1.2.8",
+      "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.8.tgz",
+      "integrity": "sha512-2yyAR8qBkN3YuheJanUpWC5U3bb5osDywNB8RzDVlDwDHbocAJveqqj1u8+SVD7jkWT4yvsHCpWqqWqAxb0zCA==",
+      "dev": true,
+      "funding": {
+        "url": "https://github.com/sponsors/ljharb"
+      }
+    },
     "node_modules/node-forge": {
       "version": "1.3.1",
       "resolved": "https://registry.npmjs.org/node-forge/-/node-forge-1.3.1.tgz",
@@ -42,6 +230,14 @@
       "resolved": "https://registry.npmjs.org/pako/-/pako-1.0.11.tgz",
       "integrity": "sha512-4hLB8Py4zZce5s4yd9XzopqwVv/yGNhV1Bl8NTmCq1763HeK2+EwVTv+leGeL13Dnh2wfbqowVPXCIO0z4taYw=="
     },
+    "node_modules/pdf-fontkit": {
+      "version": "1.8.9",
+      "resolved": "https://registry.npmjs.org/pdf-fontkit/-/pdf-fontkit-1.8.9.tgz",
+      "integrity": "sha512-TTq+umfhlFjUuQYOq6dCKT/wLslCrX4zVr5gqrIvrGHfo+vJ3ETapZTb4YLOCErohX7pF+HxlXSZuiToSRhNmA==",
+      "dependencies": {
+        "pako": "^1.0.6"
+      }
+    },
     "node_modules/pdf-lib": {
       "version": "1.17.1",
       "resolved": "https://registry.npmjs.org/pdf-lib/-/pdf-lib-1.17.1.tgz",
@@ -53,54 +249,114 @@
         "tslib": "^1.11.1"
       }
     },
+    "node_modules/process-nextick-args": {
+      "version": "2.0.1",
+      "resolved": "https://registry.npmjs.org/process-nextick-args/-/process-nextick-args-2.0.1.tgz",
+      "integrity": "sha512-3ouUOpQhtgrbOa17J7+uxOTpITYWaGP7/AhoR3+A+/1e9skrzelGi/dXzEYyvbxubEF6Wn2ypscTKiKJFFn1ag==",
+      "dev": true
+    },
+    "node_modules/readable-stream": {
+      "version": "2.3.8",
+      "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-2.3.8.tgz",
+      "integrity": "sha512-8p0AUk4XODgIewSi0l8Epjs+EVnWiK7NoDIEGU0HhE7+ZyY8D1IMY7odu5lRrFXGg71L15KG8QrPmum45RTtdA==",
+      "dev": true,
+      "dependencies": {
+        "core-util-is": "~1.0.0",
+        "inherits": "~2.0.3",
+        "isarray": "~1.0.0",
+        "process-nextick-args": "~2.0.0",
+        "safe-buffer": "~5.1.1",
+        "string_decoder": "~1.1.1",
+        "util-deprecate": "~1.0.1"
+      }
+    },
+    "node_modules/remove-trailing-separator": {
+      "version": "1.1.0",
+      "resolved": "https://registry.npmjs.org/remove-trailing-separator/-/remove-trailing-separator-1.1.0.tgz",
+      "integrity": "sha512-/hS+Y0u3aOfIETiaiirUFwDBDzmXPvO+jAfKTitUngIPzdKc6Z0LoFjM/CK5PL4C+eKwHohlHAb6H0VFfmmUsw==",
+      "dev": true
+    },
+    "node_modules/replace-ext": {
+      "version": "1.0.1",
+      "resolved": "https://registry.npmjs.org/replace-ext/-/replace-ext-1.0.1.tgz",
+      "integrity": "sha512-yD5BHCe7quCgBph4rMQ+0KkIRKwWCrHDOX1p1Gp6HwjPM5kVoCdKGNhN7ydqqsX6lJEnQDKZ/tFMiEdQ1dvPEw==",
+      "dev": true,
+      "engines": {
+        "node": ">= 0.10"
+      }
+    },
+    "node_modules/safe-buffer": {
+      "version": "5.1.2",
+      "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz",
+      "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==",
+      "dev": true
+    },
+    "node_modules/source-map": {
+      "version": "0.5.7",
+      "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.5.7.tgz",
+      "integrity": "sha512-LbrmJOMUSdEVxIKvdcJzQC+nQhe8FUZQTXQy6+I75skNgn3OoQ0DZA8YnFa7gp8tqtL3KPf1kmo0R5DoApeSGQ==",
+      "dev": true,
+      "engines": {
+        "node": ">=0.10.0"
+      }
+    },
+    "node_modules/string_decoder": {
+      "version": "1.1.1",
+      "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.1.1.tgz",
+      "integrity": "sha512-n/ShnvDi6FHbbVfviro+WojiFzv+s8MPMHBczVePfUpDJLwoLT0ht1l4YwBCbi8pJAveEEdnkHyPyTP/mzRfwg==",
+      "dev": true,
+      "dependencies": {
+        "safe-buffer": "~5.1.0"
+      }
+    },
+    "node_modules/supports-color": {
+      "version": "7.2.0",
+      "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz",
+      "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==",
+      "dev": true,
+      "dependencies": {
+        "has-flag": "^4.0.0"
+      },
+      "engines": {
+        "node": ">=8"
+      }
+    },
     "node_modules/tslib": {
       "version": "1.14.1",
       "resolved": "https://registry.npmjs.org/tslib/-/tslib-1.14.1.tgz",
       "integrity": "sha512-Xni35NKzjgMrwevysHTCArtLDpPvye8zV/0E4EyYn43P7/7qvQwPh9BGkHewbMulVntbigmcT7rdX3BNo9wRJg=="
-    }
-  },
-  "dependencies": {
-    "@pdf-lib/standard-fonts": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/@pdf-lib/standard-fonts/-/standard-fonts-1.0.0.tgz",
-      "integrity": "sha512-hU30BK9IUN/su0Mn9VdlVKsWBS6GyhVfqjwl1FjZN4TxP6cCw0jP2w7V3Hf5uX7M0AZJ16vey9yE0ny7Sa59ZA==",
-      "requires": {
-        "pako": "^1.0.6"
+    },
+    "node_modules/util-deprecate": {
+      "version": "1.0.2",
+      "resolved": "https://registry.npmjs.org/util-deprecate/-/util-deprecate-1.0.2.tgz",
+      "integrity": "sha512-EPD5q1uXyFxJpCrLnCc1nHnq3gOa6DZBocAIiI2TaSCA7VCJ1UJDMagCzIkXNsUYfD1daK//LTEQ8xiIbrHtcw==",
+      "dev": true
+    },
+    "node_modules/vinyl": {
+      "version": "2.2.1",
+      "resolved": "https://registry.npmjs.org/vinyl/-/vinyl-2.2.1.tgz",
+      "integrity": "sha512-LII3bXRFBZLlezoG5FfZVcXflZgWP/4dCwKtxd5ky9+LOtM4CS3bIRQsmR1KMnMW07jpE8fqR2lcxPZ+8sJIcw==",
+      "dev": true,
+      "dependencies": {
+        "clone": "^2.1.1",
+        "clone-buffer": "^1.0.0",
+        "clone-stats": "^1.0.0",
+        "cloneable-readable": "^1.0.0",
+        "remove-trailing-separator": "^1.0.1",
+        "replace-ext": "^1.0.0"
+      },
+      "engines": {
+        "node": ">= 0.10"
       }
     },
-    "@pdf-lib/upng": {
-      "version": "1.0.1",
-      "resolved": "https://registry.npmjs.org/@pdf-lib/upng/-/upng-1.0.1.tgz",
-      "integrity": "sha512-dQK2FUMQtowVP00mtIksrlZhdFXQZPC+taih1q4CvPZ5vqdxR/LKBaFg0oAfzd1GlHZXXSPdQfzQnt+ViGvEIQ==",
-      "requires": {
-        "pako": "^1.0.10"
+    "node_modules/vinyl-sourcemaps-apply": {
+      "version": "0.2.1",
+      "resolved": "https://registry.npmjs.org/vinyl-sourcemaps-apply/-/vinyl-sourcemaps-apply-0.2.1.tgz",
+      "integrity": "sha512-+oDh3KYZBoZC8hfocrbrxbLUeaYtQK7J5WU5Br9VqWqmCll3tFJqKp97GC9GmMsVIL0qnx2DgEDVxdo5EZ5sSw==",
+      "dev": true,
+      "dependencies": {
+        "source-map": "^0.5.1"
       }
-    },
-    "node-forge": {
-      "version": "1.3.1",
-      "resolved": "https://registry.npmjs.org/node-forge/-/node-forge-1.3.1.tgz",
-      "integrity": "sha512-dPEtOeMvF9VMcYV/1Wb8CPoVAXtp6MKMlcbAt4ddqmGqUJ6fQZFXkNZNkNlfevtNkGtaSoXf/vNNNSvgrdXwtA=="
-    },
-    "pako": {
-      "version": "1.0.11",
-      "resolved": "https://registry.npmjs.org/pako/-/pako-1.0.11.tgz",
-      "integrity": "sha512-4hLB8Py4zZce5s4yd9XzopqwVv/yGNhV1Bl8NTmCq1763HeK2+EwVTv+leGeL13Dnh2wfbqowVPXCIO0z4taYw=="
-    },
-    "pdf-lib": {
-      "version": "1.17.1",
-      "resolved": "https://registry.npmjs.org/pdf-lib/-/pdf-lib-1.17.1.tgz",
-      "integrity": "sha512-V/mpyJAoTsN4cnP31vc0wfNA1+p20evqqnap0KLoRUN0Yk/p3wN52DOEsL4oBFcLdb76hlpKPtzJIgo67j/XLw==",
-      "requires": {
-        "@pdf-lib/standard-fonts": "^1.0.0",
-        "@pdf-lib/upng": "^1.0.1",
-        "pako": "^1.0.11",
-        "tslib": "^1.11.1"
-      }
-    },
-    "tslib": {
-      "version": "1.14.1",
-      "resolved": "https://registry.npmjs.org/tslib/-/tslib-1.14.1.tgz",
-      "integrity": "sha512-Xni35NKzjgMrwevysHTCArtLDpPvye8zV/0E4EyYn43P7/7qvQwPh9BGkHewbMulVntbigmcT7rdX3BNo9wRJg=="
     }
   }
 }

package.json

@@ -1,15 +1,46 @@
 {
   "name": "zgapdfsigner",
-  "version": "2.3.0",
+  "version": "2.7.3",
+  "author": "zboris12",
+  "description": "A javascript tool to sign a pdf or set protection to a pdf in web browser, Google Apps Script and nodejs.",
+  "homepage": "https://github.com/zboris12/zgapdfsigner",
   "private": false,
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/zboris12/zgapdfsigner.git"
+  },
+  "bugs": {
+    "url": "https://github.com/zboris12/zgapdfsigner/issues"
+  },
+  "license": "MIT",
+  "main": "lib/zganode.js",
+  "unpkg": "dist/zgapdfsigner.min.js",
+  "files": [
+    "dist/*.min.js",
+    "lib/*.d.ts",
+    "lib/*.js"
+  ],
+  "keywords": [
+    "pdf-sign",
+    "pdf-signature",
+    "pdf-protection",
+    "pdf-encryption",
+    "google-apps-script",
+    "LTV",
+    "TSA",
+    "長期署名"
+  ],
   "scripts": {
-    "dev": "",
-    "build": ""
+    "build": "./build.sh",
+    "test": "node test4node.js ${pfxpwd}"
   },
   "dependencies": {
-    "pdf-lib": "1.17.1",
-    "node-forge": "1.3.1"
+    "follow-redirects": "1.15.6",
+    "node-forge": "1.3.1",
+    "pdf-fontkit": "1.8.9",
+    "pdf-lib": "1.17.1"
   },
   "devDependencies": {
+    "google-closure-compiler": "^20231112.0.0"
   }
 }

test-ts/.vscode/settings.json

@@ -0,0 +1,5 @@
+{
+  "editor.tabSize": 2,
+  "editor.formatOnSave": true,
+  "files.eol": "\n"
+}

test-ts/package.json

@@ -0,0 +1,20 @@
+{
+  "name": "zgapdfsigner-test-ts",
+  "version": "1.0.0",
+  "author": "zboris12",
+  "description": "A typescript program to test zgapdfsigner.",
+  "private": false,
+  "license": "MIT",
+  "main": "index.js",
+  "scripts": {
+    "build": "tsc",
+    "test": "node test/index.js ${pfxpwd}"
+  },
+  "dependencies": {
+    "zgapdfsigner": "^2.7.1"
+  },
+  "devDependencies": {
+    "@types/node-forge": "^1.3.11",
+    "typescript": "~4.9"
+  }
+}

test-ts/src/index.ts

@@ -0,0 +1,149 @@
+import * as m_fs from "node:fs";
+import * as  m_path from "node:path";
+import * as Zga from "zgapdfsigner";
+
+const workpath = "./";
+
+async function sign_protect(pdfPath: string, pfxPath: string, ps: string, perm: number, imgPath?: string, txt?: string, fontPath?: string): Promise<string> {
+  let pdf: Buffer = m_fs.readFileSync(pdfPath);
+  let pfx: Buffer = m_fs.readFileSync(pfxPath);
+  let img: Buffer | undefined = undefined;
+  let imgType: string = "";
+  let font: Buffer | Zga.PDFLib.StandardFonts | undefined = undefined;
+
+  if (perm == 1) {
+    console.log("\nTest signing pdf with full protection. (permission 1 and password encryption)");
+  } else {
+    console.log("\nTest signing pdf with permission " + perm);
+  }
+
+  if (imgPath) {
+    img = m_fs.readFileSync(imgPath);
+    imgType = m_path.extname(imgPath).slice(1);
+  }
+  if (fontPath) {
+    if (Zga.PDFLib.isStandardFont(fontPath)) {
+      font = fontPath as string as Zga.PDFLib.StandardFonts;
+    } else {
+      font = m_fs.readFileSync(fontPath);
+    }
+  }
+  let sopt: Zga.SignOption = {
+    p12cert: pfx,
+    pwd: ps,
+    permission: perm,
+    signdate: "1",
+    reason: "I have a test reason " + perm + ".",
+    location: "I am on the earth " + perm + ".",
+    contact: "zga" + perm + "@zga.com",
+    ltv: 1,
+    debug: true,
+  };
+  if (img || txt) {
+    sopt.drawinf = {
+      area: {
+        x: perm ? 25 : 200, // left
+        y: 50, // top
+        w: txt ? undefined : 60,
+        h: txt ? undefined : 100,
+      },
+      pageidx: "-",
+      imgInfo: img ? {
+        imgData: img,
+        imgType: imgType,
+      } : undefined,
+      textInfo: txt ? {
+        text: txt,
+        fontData: font,
+        color: "00f0f1",
+        lineHeight: 20,
+        size: 16,
+        align: 1,
+        wMax: 80,
+        yOffset: 10,
+        xOffset: 20,
+        noBreaks: "[あいうえおA-Za-z0-9]",
+      } : undefined,
+    };
+  }
+
+  let eopt: Zga.EncryptOption | undefined = undefined;
+  if (perm == 1) {
+    eopt = {
+      mode: Zga.Crypto.Mode.AES_256,
+      permissions: ["copy", "copy-extract", "print-high"],
+      userpwd: "123",
+    };
+  }
+
+  let ser: Zga.PdfSigner = new Zga.PdfSigner(sopt);
+  let u8dat: Uint8Array = await ser.sign(pdf, eopt);
+  let outPath: string = "";
+  if (u8dat) {
+    outPath = m_path.join(__dirname, workpath + "test_perm" + perm + m_path.basename(pdfPath));
+    m_fs.writeFileSync(outPath, u8dat);
+    console.log("Output file: " + outPath);
+  }
+  return outPath;
+}
+
+async function addtsa(pdfPath: string): Promise<string> {
+  console.log("\nTest signing pdf by a timestamp.");
+
+  let pdf: Buffer = m_fs.readFileSync(pdfPath);
+  let sopt: Zga.SignOption = {
+    signdate: "2",
+    reason: "I have a test reason tsa.",
+    location: "I am on the earth tsa.",
+    contact: "zgatsa@zga.com",
+    ltv: 1,
+    debug: true,
+  };
+  let ser: Zga.PdfSigner = new Zga.PdfSigner(sopt);
+  let u8dat: Uint8Array = await ser.sign(pdf);
+  let outPath: string = m_path.join(__dirname, workpath + "tsa_" + m_path.basename(pdfPath));
+  m_fs.writeFileSync(outPath, u8dat);
+  console.log("Output file: " + outPath);
+  return outPath;
+}
+
+async function main1(angle: number): Promise<void> {
+  let pdfPath: string = m_path.join(__dirname, workpath + "_test" + (angle ? "_" + angle : "") + ".pdf");
+  let pfxPath: string = m_path.join(__dirname, workpath + "_test.pfx");
+  let ps: string = "";
+  let imgPath: string = m_path.join(__dirname, workpath + "_test.png");
+  let fontPath: string = angle ? Zga.PDFLib.StandardFonts.TimesRomanBold : m_path.join(__dirname, workpath + "_test.ttf");
+
+  if (process.argv.length > 3) {
+    pfxPath = process.argv[2];
+    ps = process.argv[3];
+  } else if (process.argv[2]) {
+    ps = process.argv[2];
+  }
+
+  if (!ps) {
+    // throw new Error("The passphrase is not specified.");
+    pfxPath = "";
+  }
+
+  if (pfxPath) {
+    await sign_protect(pdfPath, pfxPath, ps, 1, imgPath, "あいうえおあいうえおか\r\n\nThis is a test of text!\n");
+    pdfPath = await sign_protect(pdfPath, pfxPath, ps, 2, imgPath, (angle ? "" : "ありがとうご\r\n\n") + "This is an another test of text!\n", fontPath);
+    pdfPath = await sign_protect(pdfPath, pfxPath, ps, 0, undefined, (angle ? "" : "たちつて得\n\n") + "This is a test for same font!\n", fontPath);
+    await addtsa(pdfPath);
+  } else {
+    await addtsa(pdfPath);
+  }
+
+  console.log("Done");
+}
+
+async function main(): Promise<void> {
+  let arr: Array<number> = [0, 90, 180, 270];
+  for (let i = 0; i < arr.length; i++) {
+    await main1(arr[i]);
+    // break;
+  }
+}
+
+main();

test-ts/tsconfig.json

@@ -0,0 +1,24 @@
+{
+  "compilerOptions": {
+    "target": "es2015",
+    "module": "commonjs",
+    "newLine": "LF",
+    "declaration": true,
+    "sourceMap": true,
+    "esModuleInterop": true,
+    "forceConsistentCasingInFileNames": true,
+    "strict": true,
+    "noImplicitThis": true,
+    "rootDir": "./src",
+    "outDir": "./test",
+    "typeRoots": [
+      "node_modules/@types"
+    ]
+  },
+  "include": [
+    "src/**/*"
+  ],
+  "exclude": [
+    "node_modules"
+  ]
+}

test.html

@@ -5,6 +5,8 @@
 <meta name="viewport" content="width=device-width, initial-scale=1.0">
 <title> Test for ZgaPdfSigner </title>
 <script src="https://unpkg.com/pdf-lib@1.17.1/dist/pdf-lib.min.js" type="text/javascript"></script>
+<script src="https://unpkg.com/pdf-fontkit@1.8.9/dist/fontkit.umd.min.js" type="text/javascript"></script>
+<script src="https://unpkg.com/pako@1.0.11/dist/pako_inflate.min.js" type="text/javascript"></script>
 <script src="https://unpkg.com/node-forge@1.3.1/dist/forge.min.js" type="text/javascript"></script>
 <script src="dist/zgapdfsigner.min.js" type="text/javascript"></script>
 <script type="text/javascript">
@@ -63,6 +65,10 @@ async function testMe(){
 	if(img){
 		imgType = getFilExt("img");
 	}
+	/** @type {string} */
+	var txt = document.getElementById("txt").value;
+	/** @type {ArrayBuffer} */
+	var font = await readFile("font");
 
 	/** @type {ArrayBuffer} */
 	var pubcert = await readFile("pubcert");
@@ -81,17 +87,31 @@ async function testMe(){
 			contact: document.getElementById("tContact").value,
 			debug: true,
 		};
-		if(img){
+		if(img || txt){
 			sopt.drawinf = {
 				area: {
-					x: 25, // left
+					x: parseInt(document.getElementById("drawx").value), // left
 					y: 150, // top
-					w: 60,
-					h: 60,
+					w: txt ? undefined : 60,
+					h: txt ? undefined : 100,
 				},
-//				pageidx: 2,
-				imgData: img,
-				imgType: imgType,
+				pageidx: "-",
+				imgInfo: img ? {
+					imgData: img,
+					imgType: imgType,
+				} : undefined,
+				textInfo: txt ? {
+					text: txt,
+					fontData: font,
+					subset: true,
+					color: "f00",
+					size: 16,
+					align: 2,
+					wMax: 80,
+					yOffset: 10,
+					xOffset: 20,
+					noBreaks: "[あいうえおA-Za-z0-9]",
+				} : undefined,
 			};
 		}
 	}
@@ -145,7 +165,7 @@ function test(){
 	});
 }
 function clearFiles(){
-	["fff","kkk","img","pubcert"].forEach((a_id) => {
+	["fff","kkk","img","font","pubcert"].forEach((a_id) => {
 		document.getElementById(a_id).value = "";
 	});
 }
@@ -187,6 +207,9 @@ span.header {
 <label>certificate </label><input type="file" id="kkk" /><br />
 <label>passphrase </label><input type="password" id="pwd" /><br />
 <label>signature image </label><input type="file" id="img" /><br />
+<label>signature text </label><input type="text" id="txt" /><br />
+<label>text font </label><input type="file" id="font" /><br />
+<label>left </label><input type="text" id="drawx" value="25" /><br />
 <label>permission </label>
 <select id="sperm" onchange="changeSperm()">
 <option value="0">No DocMDP</option>

test4node.js

@@ -1,86 +1,162 @@
+// ES Module Mode
+// import * as m_fs from "node:fs";
+// import * as m_path from "node:path";
+// import { fileURLToPath } from "node:url";
+// import { default as Zga } from "./lib/zganode.js";
+// const __dirname = m_path.dirname(fileURLToPath(import.meta.url));
+
 const m_fs = require("fs");
 const m_path = require("path");
-const m_urlparser = require("url");
-const m_h = {
-	"http:": require("http"),
-	"https:": require("http"),
-};
+const Zga = require("./lib/zganode.js");
 
-globalThis.PDFLib = require("pdf-lib");
-globalThis.forge = require("node-forge");
-require("./zgapdfcryptor.js");
-require("./zgapdfsigner.js");
+const workpath = "test/";
 
 /**
- * @param {string} url
- * @param {UrlFetchParams} params
- * @return {Promise<Uint8Array>}
+ * @param {string} pdfPath
+ * @param {string} pfxPath
+ * @param {string} ps
+ * @param {number} perm
+ * @param {string=} imgPath
+ * @param {string=} txt
+ * @param {string=} fontPath
+ * @return {Promise<string>} output path
  */
-Zga.urlFetch = function(url, params){
-	return new Promise(function(resolve, reject){
-		/** @type {URL} */
-		var opts = m_urlparser.parse(url);
-		var http = m_h[opts.protocol];
-		/** @type {string|Buffer} */
-		var dat = null;
-		var encoding = undefined;
-		if(params.payload instanceof Buffer){
-			dat = params.payload;
-		}else if(params.payload instanceof Uint8Array){
-			dat = Buffer.from(params.payload.buffer);
-		}else if(params.payload instanceof ArrayBuffer){
-			dat = Buffer.from(params.payload);
+async function sign_protect(pdfPath, pfxPath, ps, perm, imgPath, txt, fontPath){
+	/** @type {Buffer} */
+	var pdf = m_fs.readFileSync(pdfPath);
+	/** @type {Buffer} */
+	var pfx = m_fs.readFileSync(pfxPath);
+	/** @type {Buffer} */
+	var img = null;
+	/** @type {string} */
+	var imgType = "";
+	/** @type {Buffer|string} */
+	var font = null;
+
+	if(perm == 1){
+		console.log("\nTest signing pdf with full protection. (permission 1 and password encryption)");
+	}else{
+		console.log("\nTest signing pdf with permission "+perm);
+	}
+
+	if(imgPath){
+		img = m_fs.readFileSync(imgPath);
+		imgType = m_path.extname(imgPath).slice(1);
+	}
+	if(fontPath){
+		if(Zga.PDFLib.isStandardFont(fontPath)){
+			font = fontPath;
 		}else{
-			dat = params.payload;
-			encoding = "binary";
+			font = m_fs.readFileSync(fontPath);
 		}
+	}
+	/** @type {SignOption} */
+	var sopt = {
+		p12cert: pfx,
+		pwd: ps,
+		permission: perm,
+		signdate: "1",
+		reason: "I have a test reason "+perm+".",
+		location: "I am on the earth "+perm+".",
+		contact: "zga"+perm+"@zga.com",
+		ltv: 1,
+		debug: true,
+	};
+	if(img || txt){
+		sopt.drawinf = {
+			area: {
+				x: perm ? 25 : 200, // left
+				y: 50, // top
+				w: txt ? undefined : 60,
+				h: txt ? undefined : 100,
+			},
+			pageidx: "-",
+			imgInfo: img ? {
+				imgData: img,
+				imgType: imgType,
+			} : undefined,
+			textInfo: txt ? {
+				text: txt,
+				fontData: font,
+				color: "00f0f1",
+				lineHeight: 20,
+				size: 16,
+				align: 1,
+				wMax: 80,
+				yOffset: 10,
+				xOffset: 20,
+				noBreaks: "[あいうえおA-Za-z0-9]",
+			} : undefined,
+		};
+	}
 
-		if(params.headers){
-			opts.headers = params.headers;
-		}
-		if(params.method){
-			opts.method = params.method;
-		}
-		if(params.validateHttpsCertificates === false){
-			opts.rejectUnauthorized = false;
-		}
+	/** @type {EncryptOption} */
+	var eopt = undefined;
+	if(perm == 1){
+		eopt = {
+			mode: Zga.Crypto.Mode.AES_256,
+			permissions: ["copy", "copy-extract", "print-high"],
+			userpwd: "123",
+		};
+	}
 
-		/** @type {http.ClientRequest} */
-		var hreq = http.request(opts, function(/** @type {http.IncomingMessage} */a_res){
-			if(a_res.statusCode !== 200){
-				var a_err = new Error("Failed to request url. " + url +  "\n Status Code: " + a_res.statusCode);
-				a_res.resume();
-				throw a_err;
-			}
-			/** @type {Array<Buffer>} */
-			var a_bufs = [];
-			var a_bufs_len = 0;
-			a_res.on("data", function(/** @type {Buffer} */b_chunk){
-				a_bufs.push(b_chunk);
-				a_bufs_len += b_chunk.length;
-			});
-			a_res.on("end", function(){
-				/** @type {Buffer} */
-				var b_bdat = Buffer.concat(a_bufs, a_bufs_len);
-				resolve(b_bdat);
-			});
-		});
-		hreq.on("error", function(a_err){
-			throw a_err;
-		});
-		hreq.end(dat, encoding);
-	});
-};
+	/** @type {Zga.PdfSigner} */
+	var ser = new Zga.PdfSigner(sopt);
+	/** @type {Uint8Array} */
+	var u8dat = await ser.sign(pdf, eopt);
+	if(u8dat){
+		/** @type {string} */
+		var outPath = m_path.join(__dirname, workpath+"test_perm"+perm+m_path.basename(pdfPath));
+		m_fs.writeFileSync(outPath, u8dat);
+		console.log("Output file: " + outPath);
+	}
+	return outPath;
+}
 
-async function main(){
+/**
+ * @param {string} pdfPath
+ * @return {Promise<string>} output path
+ */
+async function addtsa(pdfPath){
+	console.log("\nTest signing pdf by a timestamp.");
+
+	/** @type {Buffer} */
+	var pdf = m_fs.readFileSync(pdfPath);
+	/** @type {SignOption} */
+	var sopt = {
+		signdate: "2",
+		reason: "I have a test reason tsa.",
+		location: "I am on the earth tsa.",
+		contact: "zgatsa@zga.com",
+		ltv: 1,
+		debug: true,
+	};
+	/** @type {Zga.PdfSigner} */
+	var ser = new Zga.PdfSigner(sopt);
+	/** @type {Uint8Array} */
+	var u8dat = await ser.sign(pdf);
 	/** @type {string} */
-	var pdfPath = m_path.join(__dirname, "test/_test.pdf");
+	var outPath = m_path.join(__dirname, workpath+"tsa_"+m_path.basename(pdfPath));
+	m_fs.writeFileSync(outPath, u8dat);
+	console.log("Output file: " + outPath);
+	return outPath;
+}
+
+/**
+ * @param {number} angle
+ */
+async function main1(angle){
 	/** @type {string} */
-	var pfxPath = m_path.join(__dirname, "test/_test.pfx");
+	var pdfPath = m_path.join(__dirname, workpath+"_test"+(angle ? "_"+angle : "")+".pdf");
+	/** @type {string} */
+	var pfxPath = m_path.join(__dirname, workpath+"_test.pfx");
 	/** @type {string} */
 	var ps = "";
 	/** @type {string} */
-	var imgPath = m_path.join(__dirname, "test/_test.png");
+	var imgPath = m_path.join(__dirname, workpath+"_test.png");
+	/** @type {string} */
+	var fontPath = m_path.join(__dirname, workpath+"_test.ttf");
+	// var fontPath = Zga.PDFLib.StandardFonts.CourierBold;
 
 	if(process.argv.length > 3){
 		pfxPath = process.argv[2];
@@ -94,74 +170,31 @@ async function main(){
 		pfxPath = "";
 	}
 
-	/** @type {Buffer} */
-	var pdf = m_fs.readFileSync(pdfPath);
-	/** @type {Buffer} */
-	var pfx = null;
 	if(pfxPath){
-		pfx = m_fs.readFileSync(pfxPath);
-	}
-	/** @type {Buffer} */
-	var img = null;
-	/** @type {string} */
-	var imgType = "";
-	if(imgPath){
-		img = m_fs.readFileSync(imgPath);
-		imgType = m_path.extname(imgPath).slice(1);
-	}
-
-	/** @type {SignOption} */
-	var sopt = null;
-	if(pdf){
-		sopt = {
-			p12cert: pfx,
-			pwd: ps,
-			permission: pfx ? 1 : 0,
-			signdate: "1",
-			reason: "I have a test reason.",
-			location: "I am on the earth.",
-			contact: "zga@zga.com",
-			debug: true,
-		};
-		if(img){
-			sopt.drawinf = {
-				area: {
-					x: 25, // left
-					y: 150, // top
-					w: 60,
-					h: 60,
-				},
-//				pageidx: 2,
-				imgData: img,
-				imgType: imgType,
-			};
+		await sign_protect(pdfPath, pfxPath, ps, 1, imgPath, "あいうえおあいうえおか\r\n\nThis is a test of text!\n");
+		if(Zga.PDFLib.isStandardFont(fontPath)){
+			pdfPath = await sign_protect(pdfPath, pfxPath, ps, 2, imgPath, "This is an another test of text!\n", fontPath);
+			pdfPath = await sign_protect(pdfPath, pfxPath, ps, 0, undefined, "This is a test for same font!\n", fontPath);
+		}else{
+			pdfPath = await sign_protect(pdfPath, pfxPath, ps, 2, imgPath, "ありがとうご\r\nThis is an another test of text!\n", fontPath);
+			pdfPath = await sign_protect(pdfPath, pfxPath, ps, 0, undefined, "たちつてと\n\nThis is a test for same font!\n", fontPath);
 		}
+		await addtsa(pdfPath);
+	}else{
+		await addtsa(pdfPath);
 	}
 
-	/** @type {EncryptOption} */
-	var eopt = undefined;
-	eopt = {
-		mode: Zga.Crypto.Mode.AES_256,
-		permissions: ["copy", "copy-extract", "print-high"],
-		userpwd: "123",
-	};
-	// eopt.pubkeys = [];
-
-	/** @type {Uint8Array} */
-	var u8dat = null;
-	if(sopt){
-		/** @type {Zga.PdfSigner} */
-		var ser = new Zga.PdfSigner(sopt);
-		u8dat = await ser.sign(pdf, eopt);
-	}
-
-	if(u8dat){
-		/** @type {string} */
-		var outPath = m_path.join(__dirname, "test/test_test2.pdf");
-		m_fs.writeFileSync(outPath, u8dat);
-		console.log("Output file: " + outPath);
-	}
 	console.log("Done");
 }
 
+async function main(){
+	/** @type {Array<number>} */
+	var arr = [0, 90, 180, 270];
+	/** @type {number} */
+	for(var i=0; i<arr.length; i++){
+		await main1(arr[i]);
+		// break;
+	}
+}
+
 main();