A javascript tool to sign a pdf in web browser, google apps script and nodejs.

google-apps-script javascript ltv pdf-encryption pdf-sign pdf-signature tsa

Go to file

zboris12 f932a2bb2a Added support to sign with TSA.		2022-09-24 13:59:30 +09:00
closure	Added support to sign with TSA.	2022-09-24 13:59:30 +09:00
.gitignore	The first commit.	2022-09-17 21:55:09 +09:00
LICENSE	Initial commit	2022-09-17 21:48:13 +09:00
README.md	Added support to sign with TSA.	2022-09-24 13:59:30 +09:00
forge.min.edited.js	Added support to sign with TSA.	2022-09-24 13:59:30 +09:00
test.html	Add support to Google Apps Script.	2022-09-18 16:49:56 +09:00
zgapdfsigner.js	Added support to sign with TSA.	2022-09-24 13:59:30 +09:00

README.md

ZgaPdfSigner

A javascript tool to sign a pdf in web browser.
And it also can be used in Google Apps Script.

PS: ZGA is the abbreviation of my father's name.
And I use this name to hope the merits from this application will be dedicated to my parents.

About signing with TSA

This tool supports signing with a timestamp from TSA(Time Stamp Authority), but because of the CORS security restrictions in web browser, this function can only be used in Google Apps Script.

And because node-forge hasn't supported unauthenticated attributes in pkcs7 yet, so when use this function, the edited version needs to be imported.

The Dependencies

How to use this tool

Just import the dependencies and this tool.

<script src="https://unpkg.com/pdf-lib/dist/pdf-lib.min.js" type="text/javascript"></script>
<script src="https://unpkg.com/node-forge/dist/forge.min.js" type="text/javascript"></script>
<script src="https://github.com/zboris12/zgapdfsigner/releases/download/1.2.0/zgapdfsigner.js" type="text/javascript"></script>

Let's sign

Sign with an invisible signature.

/**
 * @param {ArrayBuffer} pdf
 * @param {ArrayBuffer} cert
 * @param {string} pwd
 * @return {Promise<Blob>}
 */
async function sign1(pdf, cert, pwd){
  /** @type {SignOption} */
  var sopt = {
    p12cert: cert,
    pwd: pwd,
  };
  var signer = new Zga.PdfSigner(sopt);
  var u8arr = await signer.sign(pdf);
  return new Blob([u8arr], {"type" : "application/pdf"});
}

Sign with a visible signature of a picture.

/**
 * @param {ArrayBuffer} pdf
 * @param {ArrayBuffer} cert
 * @param {string} pwd
 * @param {ArrayBuffer} imgdat
 * @param {string} imgtyp
 * @return {Promise<Blob>}
 */
async function sign2(pdf, cert, pwd, imgdat, imgtyp){
  /** @type {SignOption} */
  var sopt = {
    p12cert: cert,
    pwd: pwd,
    drawinf: {
      area: {
        x: 25,  // left
        y: 150, // top
        w: 60,  // width
        h: 60,  // height
      },
      imgData: imgdat,
      imgType: imgtyp,
    },
  };
  var signer = new Zga.PdfSigner(sopt);
  var u8arr = await signer.sign(pdf);
  return new Blob([u8arr], {"type" : "application/pdf"});
}

Sign with a visible signature of drawing a text.

//TODO

Use it in Google Apps Script

// Simulate setTimeout function for pdf-lib
function setTimeout(func, sleep){
  Utilities.sleep(sleep);
  func();
}
// Simulate window for node-forge
var window = globalThis;
// Load pdf-lib
eval(UrlFetchApp.fetch("https://unpkg.com/pdf-lib@1.17.1/dist/pdf-lib.min.js").getContentText());
// Load node-forge
eval(UrlFetchApp.fetch("https://github.com/zboris12/zgapdfsigner/releases/download/1.2.0/forge.min.edited.js").getContentText());
// Load ZgaPdfSigner
eval(UrlFetchApp.fetch("https://github.com/zboris12/zgapdfsigner/releases/download/1.2.0/zgapdfsigner.js").getContentText());

// Load pdf, certificate
var pdfBlob = DriveApp.getFilesByName("_test.pdf").next().getBlob();
var certBlob = DriveApp.getFilesByName("_test.pfx").next().getBlob();
// Sign the pdf
var sopt = {
  p12cert: certBlob.getBytes(),
  pwd: "some passphrase",
  signdate: "1",
};
var signer = new Zga.PdfSigner(sopt);
var u8arr = await signer.sign(pdfBlob.getBytes());
// Save the result pdf to some folder
var fld = DriveApp.getFolderById("a folder's id");
fld.createFile(Utilities.newBlob(u8arr, "application/pdf").setName("signed_test.pdf"));

Detail of SignOption

p12cert: Array|Uint8Array|ArrayBuffer|string 👉 Certificate's data
pwd: string 👉 The passphrase of the certificate
reason: string 👉 (Optional) The reason for signing
location: string 👉 (Optional) Your location
contact: string 👉 (Optional) Your contact information
signdate: Date|string|TsaServiceInfo 👉 (Optional)
- When it is a Date, it means the date and time for signing.
- When it is a string, it can be an url of TSA or an index of the preset TSA as below:
  - "1": http://ts.ssl.com
  - "2": http://timestamp.digicert.com
  - "3": http://timestamp.sectigo.com
  - "4": http://timestamp.entrust.net/TSS/RFC3161sha2TS
  - "5": http://timestamp.apple.com/ts01
  - "6": http://www.langedge.jp/tsa
  - "7": https://freetsa.org/tsr
- When it is a TsaServiceInfo, it means a full customized information of TSA.
  - url: string 👉 The url of TSA
  - len: number 👉 (Optional) The length of signature's placeholder
signame: string 👉 (Optional) The name of the signature
drawinf: SignDrawInfo 👉 (Optional) Visible signature's information
- area: SignAreaInfo 👉 The signature's drawing area
  - x: number 👉 Distance from left
  - y: number 👉 Distance from top
  - w: number 👉 Width
  - h: number 👉 Height
- pageidx: number 👉 (Optional) The page index for drawing the signature
- imgData: Array|Uint8Array|ArrayBuffer|string 👉 (Optional) The image's data
- imgType: string 👉 (Optional) The image's type, only support jpg and png
- text: string 👉 (Optional) A text drawing on signature, not implemented yet
- fontData: PDFLib.StandardFonts|Array|Uint8Array|ArrayBuffer|string 👉 (Optional) The font's data for drawing text, not implemented yet

License

This tool is available under the MIT license.