package
3.29.0+incompatible
Repository: https://github.com/unidoc/unidoc-examples.git
Documentation: pkg.go.dev

# README

Digital signatures.

Examples for digital signing of PDF files with UniDoc:

For LTV enabling digital signatures, see the LTV guide and samples.

pdf_sign_hsm_pkcs11_cgo.go

The code example shows how to sign with a HSM via PKCS11 as supported by the crypto11 library.
The example uses SoftHSM which is great for testing digital signatures via PKCS11 without any hardware requirements.

Prerequisites

Ubuntu/Debian

$ sudo apt-get install libssl-dev
$ sudo apt-get install autotools-dev
$ sudo apt-get install autoconf
$ sudo apt-get install libtool

CentOS/RHEL

$ sudo yum group install "Development Tools"
$ sudo yum install openssl-devel

Installation

$ git clone https://github.com/opendnssec/SoftHSMv2.git
$ cd SoftHSMv2
$ sh autogen.sh
$ ./configure
$ make
$ sudo make install

Configuration

$ mkdir -p /home/user/.config/softhsm2/tokens
$ cd /home/user/.config/softhsm2
$ touch softhsm2.conf
$ export SOFTHSM2_CONF=/home/user/.config/softhsm2/softhsm2.conf

Contents of softhsm2.conf

directories.tokendir = /home/user/.config/softhsm2/tokens
objectstore.backend = file
log.level = DEBUG
slots.removable = true

Create token

Creating a token "test", selecting the PIN numbers as prompted

$ softhsm2-util --init-token --slot 0 --label "test"

Usage

Create a key pair:

$ go run pdf_sign_hsm_pkcs11_cgo.go add test <PIN> <KEYPAIR_LABEL>

Sign PDF file:

$ go run pdf_sign_hsm_pkcs11_cgo.go sign test <PIN> <KEYPAIR_LABEL> input.pdf input_signed.pdf

Signed output is in input_signed.pdf.

# Packages

No description provided by the author

# Constants

Library path might be different on different operating systems.