losLab PDF Library ger Delphi- och C++Builder-team en PDF-motor med tillgänglig källkod för skrivbord, server, DLL, ActiveX och Dylib, med inbyggda PDF/A- och PDF/UA-kontroller, PAdES-signering och valbara renderare utan extern PDF-tjänst.
Den här artikeln är skriven för teams that need to create, inspect, and validate signed PDF workflows inside Delphi applications. Den behandlar PAdES signing and validation som produktionsnära dokumentteknik, inte som ett isolerat komponentanrop.
Den praktiska risken är att signature creation and signature validation are often implemented separately, causing mismatched trust decisions when timestamps, revocation data, or incremental updates change. Därför behöver flödet ett skrivet kontrakt, observerbar diagnostik och realistiska regressionsfiler.
Arkitekturbeslut
Use one trust policy for signing and validation. accepted certificate stores, chain policy, timestamp source, and revocation source / PAdES profile, long-term validation requirements, and archive retention period
- accepted certificate stores, chain policy, timestamp source, and revocation source
- PAdES profile, long-term validation requirements, and archive retention period
- whether warnings create a block, manual review, or documented waiver
- how later document changes are restricted after the trusted revision
Implementeringsflöde
Validate the final signed revision, not the draft. Ordningen nedan gör arbetsflödet granskbart för Delphi- och C++Builder-team.
- prepare the document and collect validation prerequisites before signing
- apply the signature, timestamp, and revocation evidence according to policy
- validate the final signed file and classify every warning
- store trust evidence with the business record rather than only inside the PDF
- revalidate representative files when trust anchors or policy change
Valideringsbevis
Trust evidence for signed documents. Behåll dessa fält tillsammans med utdata eller supportunderlaget.
- signature status, byte range, digest algorithm, signer certificate, and chain result
- timestamp token status, revocation source, DSS/VRI presence, and validation time
- policy version, warning classification, and waiver decision
- final signed file hash and validator result
Long-term validation needs supporting data
PAdES workflows need certificate-chain checks, timestamps, revocation data, DSS/VRI information, byte-range validation, and policy decisions for warnings. The final file must be validated after all signing bytes are written.
Kundsynligt beteende
Användarna ser inte den interna anropsordningen. De ser om filen öppnas, valideras, skrivs ut, redigeras, importeras eller avvisas. The workflow should translate PAdES signing and validation results into states users can act on.
- prepare the document and collect validation prerequisites before signing
- apply the signature, timestamp, and revocation evidence according to policy
- validate the final signed file and classify every warning
- a signature can be cryptographically intact but untrusted by current policy
- revocation services may be unavailable when the document is signed
Tekniska granskningsnoteringar för PAdES signing and validation
Använd dessa granskningsnoteringar för att säkerställa att funktionen har passerat demo-nivån och kan försvaras under leverans, support och kundeskalering.
- Beslut: accepted certificate stores, chain policy, timestamp source, and revocation source. Implementeringspresspunkt: apply the signature, timestamp, and revocation evidence according to policy. Acceptansbevis: policy version, warning classification, and waiver decision. Regressionsutlösare: clock differences can make timestamp and certificate validity hard to explain
- Beslut: PAdES profile, long-term validation requirements, and archive retention period. Implementeringspresspunkt: validate the final signed file and classify every warning. Acceptansbevis: final signed file hash and validator result. Regressionsutlösare: a signature can be cryptographically intact but untrusted by current policy
- Beslut: whether warnings create a block, manual review, or documented waiver. Implementeringspresspunkt: store trust evidence with the business record rather than only inside the PDF. Acceptansbevis: signature status, byte range, digest algorithm, signer certificate, and chain result. Regressionsutlösare: revocation services may be unavailable when the document is signed
Gränsfall
- a signature can be cryptographically intact but untrusted by current policy
- revocation services may be unavailable when the document is signed
- incremental updates after signing need a clear allowed-change policy
- clock differences can make timestamp and certificate validity hard to explain
Delphi / C++Builder notes
PDFlibPas should sit behind a small service boundary that receives files, streams, profiles, and credentials, then returns output paths, warnings, metrics, and validation status. Important terms include PAdES, signature validation, timestamp, revocation, DSS, byte range.
Delphi-kodexempel
Följande Delphi-skiss visar en praktisk servicegräns för detta ämne. Håll policykontroller, loggning och validering utanför det smala produktanropet så att arbetsflödet går att testa.
procedure ValidatePadesPackage(const InputFile: string; const TrustPolicy: TTrustPolicy);
var
Pdf: TPDFlib;
ProcessId: Integer;
begin
Pdf := TPDFlib.Create;
try
ProcessId := Pdf.NewSignProcessFromFile(InputFile, '');
CheckByteRange(Pdf, ProcessId);
ValidateCertificatePath(Pdf, ProcessId, TrustPolicy);
Pdf.ReleaseSignProcess(ProcessId);
finally
Pdf.Free;
end;
end;Produktionschecklista
- Kör arbetsflödet på en tom fil, en normal kundfil och en värstafallfil
- Öppna den genererade PDF-filen med rätt visare, validator, skrivare eller nedströmsapplikation
- Logga produktversion, profilversion, inmatningshash, utdatasökväg, förfluten tid och antal varningar
- Håll lösenord, certifikat, tillfälliga filer och kunddata under tydliga lagringsregler
- Lägg till regressionsdokument när en kundfil avslöjar ett nytt gränsfall
Produktdokumentation
Fler kodexempel
var
Pdf: TPDFlib;
StsId: Integer;
HashHex, TstDer, TsAttr, AugmentedCms: AnsiString;
begin
Pdf := TPDFlib.Create;
try
StsId := Pdf.NewPAdESSignatureTimeStampProcessFromFile('invoice-signed.pdf', '');
Pdf.SetPAdESSignatureTimeStampField(StsId, 'Sig1');
Pdf.SetPAdESSignatureTimeStampDigestAlgorithm(StsId, 2);
HashHex := Pdf.GetPAdESSignatureValueHashHex(StsId);
// both calls below are application code: an HTTP POST to your TSA,
// and a CMS re-encode that attaches the token as an unsigned attribute
TstDer := RequestTimeStampToken(HashHex);
TsAttr := Pdf.BuildPAdESSignatureTimeStampAttribute(TstDer);
AugmentedCms := AttachUnsignedAttribute(Pdf.GetPAdESSignatureCMSBytes(StsId), TsAttr);
Pdf.SetPAdESSignatureCMSBytes(StsId, AugmentedCms);
Pdf.EndPAdESSignatureTimeStampProcessToFile(StsId, 'invoice-bt.pdf');
if Pdf.GetPAdESSignatureTimeStampProcessResult(StsId) <> 1 then
raise Exception.Create('timestamp embedding failed');
Pdf.ReleasePAdESSignatureTimeStampProcess(StsId);
finally
Pdf.Free;
end;
end;var
Doc: TPDFlibSignDoc;
Names: TStringList;
I: Integer;
B0, B1, B2, B3, FileSize: Int64;
begin
FileSize := TFile.GetSize('invoice-bt.pdf'); // before Open: SignDoc holds a share lock
Doc := TPDFlibSignDoc.Create;
try
if not Doc.Open('invoice-bt.pdf', '', False) then
raise Exception.Create('cannot open for audit');
Names := TStringList.Create;
try
Doc.GetSignatureFieldNames(Names);
for I := 0 to Names.Count - 1 do
if Doc.GetSignatureValueObjNum(Names[I]) > 0 then // >0 means actually signed
begin
B0 := StrToInt64(string(Doc.GetSignatureValueByName(Names[I], 11)));
B1 := StrToInt64(string(Doc.GetSignatureValueByName(Names[I], 12)));
B2 := StrToInt64(string(Doc.GetSignatureValueByName(Names[I], 13)));
B3 := StrToInt64(string(Doc.GetSignatureValueByName(Names[I], 14)));
if (B0 = 0) and (B2 + B3 = FileSize) then
Writeln(Names[I], ': covers the file to EOF')
else
Writeln(Names[I], ': earlier revision, or unexpected ByteRange layout');
end;
finally
Names.Free;
end;
Doc.Close;
finally
Doc.Free;
end;
end;