Sign PDFs and Add Custom Encryption on Android

There are various use cases in which PSPDFKit’s default signing implementation can’t be used. In such cases, you can create custom Signer implementations. Some example use cases are when:

  • You’re required to use a specific crypto library (for example, Bouncy Castle).

  • You aren’t in direct possession of a signing key (for example, when using an HSM or a signing service).

  • You have a specific multi-step signing flow that is not supported by PSPDFKit’s default implementation (for example, with multiple passwords).

Implementing a Custom Signer

To build a custom signer, create a class that derives from Signer and implement the abstract prepareSigningParameters() method. The method needs to load all parameters required for a successful signing operation. These parameters are:

  • The X509Certificate that is going to be embedded into the signed PDF document.

  • A SignatureProvider that will perform the actual signing operation of the PDF data. Implement this to support virtually any entity capable of signing data in a document.

Whenever PSPDFKit tries to digitally sign a PDF using your custom signer, its prepareSigningParameters() method will be called. It is the responsibility of the signer to retrieve all signing parameters and return them using the provided callback. For example:

override fun prepareSigningParameters(callback: OnSigningParametersReadyCallback) {
	// Load all parameters.
	loadSigningParameters()
	// Call this whenever your signer is ready. This will finish the signing process.
	callback.onSigningParametersReady(signatureProvider, certificate)
}
@Override
protected void prepareSigningParameters(@NonNull OnSigningParametersReadyCallback callback) {
	// Load all parameters.
	loadSigningParameters();
	// Call this whenever your signer is ready. This will finish the signing process.
	callback.onSigningParametersReady(signatureProvider, certificate);
}