Sign PDFs and Add Custom Encryption on iOS
There are various use cases in which PSPDFKit’s default signing implementation can’t be used. Some example use cases are when:
You’re required to use a specific crypto library .
You aren’t in direct possession of a signing key (for example, when using an HSM or a signing service).
You have a specific multi-step signing flow that is not supported by PSPDFKit’s default implementation (for example, with multiple passwords).
To customize the signing process, you can subclass
PDFSigner. Then register the signer with the signature manager, as described above. Please have a look at the documentation in the
PDFSigner header file for more information on what methods you need to override.
Signing a Document Using Your Own Encryption
Sometimes it’s not feasible to have access to a private key and load it on an iOS device to sign a document. Or, you may want more control over the signing process than what the
PDFSigner class provides by default — for example, to sign information using a web service. For such situations, the
delegate property of
PDFSigner may be useful. Another alternative is to use the contained digital signatures workflow explained later in this guide.
documentSigner(_:sign:hashAlgorithm:completion:)will be called during the signing process with two important pieces of information. The data parameter is the hashed document information that must be signed. PSPDFKit follows the security recommendations of the PDF standard and always hashes the entire PDF document, except for a space reserved for the signature itself.
hashAlgorithmis the hash function that was used to convert the raw bytes in the PDF document into the
Datathat was provided to this method. You must return the signed data using the private key associated with the certificate’s public key you passed to the sign methods in
You can customize the hash and encryption algorithms used to sign the document by implementing a few optional methods of the