knadh
/
pfxsigner
mirror of https://github.com/knadh/pfxsigner.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
11 Commits
1 Branch
4 Tags
59 KiB
Go 97.2%
Makefile 2.2%
Dockerfile 0.6%
 
 
 
Go to file
Kailash Nadh d5c8805771
Add zerodha.tech badge 		2020-09-21 23:49:36 +05:30
.github/workflows feat: Add github actions 2020-01-08 18:36:08 +05:30
internal/processor Add support for multi-page signature stamping 2020-01-13 17:59:11 +05:30
.gitignore feat: Add `.gitignore` to project 2020-01-08 16:29:10 +05:30
.goreleaser.yml feat: Dockerize pfxsigner 2020-01-08 16:29:34 +05:30
Dockerfile feat: Dockerize pfxsigner 2020-01-08 16:29:34 +05:30
LICENSE First commit 2020-01-08 13:28:29 +05:30
Makefile feat: Remove repetitive usage of `PHONY` in Makefile 2020-01-08 16:29:22 +05:30
README.md Add zerodha.tech badge 2020-09-21 23:49:36 +05:30
cli.go Add support for loading multiple named PFX files (certificates) 2020-01-13 16:33:40 +05:30
go.mod First commit 2020-01-08 13:28:29 +05:30
go.sum First commit 2020-01-08 13:28:29 +05:30
init.go Add support for loading multiple named PFX files (certificates) 2020-01-13 16:33:40 +05:30
main.go Add support for loading multiple named PFX files (certificates) 2020-01-13 16:33:40 +05:30
props.json.sample Add support for multi-page signature stamping 2020-01-13 17:59:11 +05:30
server.go Add support for loading multiple named PFX files (certificates) 2020-01-13 16:33:40 +05:30

README.md

pfxsigner

pfxsigner is a utility (CLI) and an HTTP server for digitally signing PDFs with signatures loaded from PFX (PKCS #12) certificates. It can load multiple named certificates from PFX files and sign PDFs with them.

Configuration

The signature properties are recorded in a JSON file. See props.json.sample.

Multiple PFX files can be loaded by specifying the -pfx certname|/cert/path.pfx|certpassword param multiple times.

CLI

The CLI mode supports multi-threaded bulk-signing of PDFs.

# Pipe list of documents to convert to stdin. Each line should be in the format src-doc.pdf|signed-doc.pdf
# eg:
# mycert|a.pdf|a-signed.pdf
# mycert|b.pdf|b-signed.pdf
echo "in.pdf|out.pdf" | ./pfxsigner -pfx "mycert|/path/cert.pfx|certpass" -props-file "props.json.sample" cli -workers 4

Server

In the server mode, pfxsigner exposes an HTTP API to which a PDF file and signature properties (optional) can be posted to received a signed PDF.

# Start the server
./pfxsigner -pfx "mycert|/path/cert.pfx|certpass" -props-file "props.json" server

# Sign a pdf

REQ=$(cat props.json.sample)
curl -F "props=$REQ" -F 'file=@./test.pdf' -o './test-signed.pdf' localhost:8000/document

Docker

You can use the official Docker image to run pfxsigner.

NOTE: You'll need to mount cert.pfx and props.json from a directory available on host machine to a directory inside container. You can do that by passing -v </path/on/host>:</path/on/container> while launching the container.

# For example `./data` contains `cert.pfx` and `props.json`.
export PFX_PASSWORD=mysecurepass
docker run -it -p 8000:8000 -v "$PWD"/data:/data kailashnadh/pfxsigner:latest -pfx-file /data/cert.pfx  -pfx-password $PFX_PASSWORD -props-file /data/props.json server

API

The API endpoint is :8000/document. It accepts a POST request (multipart/form-data) with the following fields.

Field
props Signature properties as a JSON string (see props.json.sample). If not set, the default properties loaded during runtime are used
file The PDF file to sign

License

pfxsigner is licensed under the AGPL v3 license.