it's possible to sign documents using certificates from windows store?

[Fulea-Andrei]

hello,

I'm looking for a library to sign PDF files with an instance of the certificate directly from the windows store ( certificates with token usb or others), not from an exported file on the local version. Your library can do this?

I'm using wincertstore.CertSystemStore to get certificates available in python.

thank you and congrats on your work.

[MatthiasValvekens]

Hi @Fulea-Andrei,

Yes and no. PyHanko certainly doesn't do that out of the box, but you should be able to relatively easily extend pyHanko to support this use case by defining your own Signer implementation that uses the Windows Crypto APIs. I'm not sure if there exist Python bindings for that, but if not, I'm sure it can be done by slotting in a Cython/ctypes/... module to handle the native parts.

Now, I can't write that integration myself, since I don't have a Windows development machine on hand. I'd also be a little hesitant to merge platform-dependent code into pyHanko for similar reasons, but if you find a way to get this working in a more or less compact manner, I'd be happy to accept a documentation PR with some sample code (see e.g. this example).