How to sign PDF with fortify.?

[sheko016]

Hello team, @rmhrisk , how are you?

Fortify reads me the certificates correctly. but I have a question. How can I do to be able to sign pdf with the certificates that fortify reads me

I am working on an application that needs to sign PDF through USB token, fortify reads tokens very well. But I don't see the way to be able to sign PDF.

Please could you give me some recommendation to be able to sign the PDF with fortify.

Greetings.

[rmhrisk]

Hello @sheko016.

Hancock does not include the document signing capabilities. We created https://hancock.ink which supports the use of Fortify for USB-based signing capabilities.

Internally we have created our own PDF library that this product uses, in conjunction with Fortify, to facilitate document signing use cases.

[sheko016]

hello @rmhrisk thank you very much for the reply.

I have 2 questions With fortify the signature that is in the TOKEN USB will be able to export it to PFX. ?? It is that I already have a process implemented with Python to be able to sign pdf but to be able to sign it I need the file to be in PFX.

another query the consumption of the API of https://docs.hancock.ink/ is 100% free to sign the N amounts of PDF documents or I must pay for said service as indicated here https://hancock.ink/pricing

greetings.

[rmhrisk]

The purpose of the token is to keep the private key secure. Tokens typically do not allow the private key to be exported for this reason.

There is a python PKCS11 library https://pypi.org/project/python-pkcs11/. If your token and your python application are on the same host then this might be a path.

You can also explore using your PDF canonicalization code on the python application to produce the bytes to be signed and send them to the client and then use fortify to do the client operation.

Hancock has a free tier but that tier does not allow unlimited usage.

[sheko016]

Hello team, good morning, how are you?

The USB token is not on the same server. explain my case in this link https://github.com/PeculiarVentures/pkcs11js/issues/76#issuecomment-814280477 and you yourself recommend me to use fortify :)

referring to this.

You can also explore using your PDF canonicalization code on the python application to produce the bytes to be signed and send them to the client and then use fortify to do the client operation. Personally, my programming level is an intermediate Basic level. no idea how to apply that.

Anyway, thank you very much for the response and the recommendations.

But basically I will have to stop my project, motivated that I cannot move forward with the issue of signing through USB token

and regarding Hancock, I don't have an additional budget.

If you could recommend any other app that I can use for free to achieve my goal, it would be a great help

In the same way, thank you very much, and sorry for the inconvenience.

Regards.

[sheko016]

Hi how are you @rmhrisk

This is to notify me that I have been looking for many things to be able to sign the PDF with the fortify results but lamentally I did not find the solution

Personally, I have been working on this project for about 2 months now and I need to deliver results.

I would like to know if with https://hancock.ink/ I from my Web application. Can I consult the API and be able to form the PDF.?

It should be noted again that to read the USB Token I am using your fortify APP.

Then

What i want is Sign a PDF and said signature is on a USB TOKEN, and I want everything to be done from my Web APP. That could be done. ?? Greetings