CkoPdf Swift 3/4 Reference Documentation
CkoPdf
Current Version: 10.1.0
A PDF class for various tasks such as signature verification, signing, encrypt, decrypt, etc.
Object Creation
let obj = CkoPdf()!
Properties
DebugLogFilePath
If set to a file path, causes each Chilkat method or property call to automatically append it's LastErrorText to the specified log file. The information is appended such that if a hang or crash occurs, it is possible to see the context in which the problem occurred, as well as a history of all Chilkat calls up to the point of the problem. The VerboseLogging property can be set to provide more detailed information.
This property is typically used for debugging the rare cases where a Chilkat method call hangs or generates an exception that halts program execution (i.e. crashes). A hang or crash should generally never happen. The typical causes of a hang are:
- a timeout related property was set to 0 to explicitly indicate that an infinite timeout is desired,
- the hang is actually a hang within an event callback (i.e. it is a hang within the application code), or
- there is an internal problem (bug) in the Chilkat code that causes the hang.
HasCertificationSig
Returns true if the currently open PDF has a certification signature.
PDF defines two types of signatures: approval and certification.
The differences are as follows:
- Approval: There can be any number of approval signatures in a document.
- Certification: There can be only one certification signature and it must be the first one in a document.
LastErrorHtml
Provides information in HTML format about the last method/property called. If a method call returns a value indicating failure, or behaves unexpectedly, examine this property to get more information.
topLastErrorText
Provides information in plain-text format about the last method/property called. If a method call returns a value indicating failure, or behaves unexpectedly, examine this property to get more information.
LastErrorXml
Provides information in XML format about the last method/property called. If a method call returns a value indicating failure, or behaves unexpectedly, examine this property to get more information.
topLastMethodSuccess
Indicate whether the last method call succeeded or failed. A value of true indicates success, a value of false indicates failure. This property is automatically set for method calls. It is not modified by property accesses. The property is automatically set to indicate success for the following types of method calls:
- Any method that returns a string.
- Any method returning a Chilkat object, binary bytes, or a date/time.
- Any method returning a standard boolean status value where success = true and failure = false.
- Any method returning an integer where failure is defined by a return value less than zero.
Note: Methods that do not fit the above requirements will always set this property equal to true. For example, a method that returns no value (such as a "void" in C++) will technically always succeed.
topNumEmbeddedFiles
NumPages
The number of pages in the currently open PDF.
topNumSignatures
The number of digital signatures present in the currently open PDF.
topSigAllocateSize
Defaults to 15000. This property should generally be left unchanged. If signing fails and the following message is in the LastErrorText: "Did not allocate enough space for the PDF signature.", then you should increase this value. The actual signature size will be noted in the LastErrorText, and you can use that value to set an allocation size that is somewhat larger.
topUncommonOptions
This is a catch-all property to be used for uncommon needs. This property defaults to the empty string. It can be set to a list of one or more of the following comma separated keywords:
- WriteStandardXref - When writing the PDF, write the cross reference section in standard format if possible. (The "standard format" is the older non-compressed format.)
- NO_VERIFY_CERT_SIGNATURES - When countersigning a PDF (i.e. adding a new signature to a PDF that already contains one or more signatures), Chilkat will automatically validate the existing signatures and their certificates. (The signing certificates are typically embedded within a signature.) If any of these validations fail, the new signature is not added. Sometimes, an existing signature is validated, but the certs in the chain of authentication, such as issuer certs or root CA certs, are not included and not available to check. In this case, you can add the "NO_VERIFY_CERT_SIGNATURES" to skip the existing signature certificate validations.
VerboseLogging
If set to true, then the contents of LastErrorText (or LastErrorXml, or LastErrorHtml) may contain more verbose information. The default value is false. Verbose logging should only be used for debugging. The potentially large quantity of logged information may adversely affect peformance.
topVersion
Methods
AddEmbeddedFiles
Embeds one or more files in a PDF.
The json specifies the files to be attached to the PDF. See the linked example below.
The json is a JSON object containing an array of JSON objects, where each object can contain the following members.
- localFilePath: (required) The local file to be embedded in the PDF.
- description: (required) It is a short description of the embedded file.
- subType: (optional) Specifies the file type, such as application/xml, text/plain, etc. If not specified, then Chilkat will automatically choose a subType based on the file extension.
- embeddedFilename: (optional) Specifies the name of the file to be used within the PDF in the desire is for it to be different than the filename in the local filesystem. If not present, then the filename part of the localFilePath.
If successful, the updated PDF with embedded files is written to outFilePath.
Returns true for success, false for failure.
AddEmbeddedFilesBd
The same as AddEmbeddedFiles, but writes the resultant PDF to the bd.
Returns true for success, false for failure.
AddSigningCert
Adds a certificate to be used for PDF signing. To sign with more than one certificate, call AddSigningCert once per certificate.
Note: This method is used to provide the ability to sign once with multiple certificates. This is different than signing with one certificate, and then signing again with a different certificate.
Returns true for success, false for failure.
topAddVerificationInfo
Adds LTV verification information to the PDF, and saves the updated PDF to outFilePath. This create or update a DSS (Document Security Store) in the PDF with the needed certificates, OCSP responses, and CRL information.
Pass an empty jsonOptions. The jsonOptions exists as a placeholder for adding options if needed.
Returns true for success, false for failure.
topAddVerificationInfoAsync (1)
Creates an asynchronous task to call the AddVerificationInfo method with the arguments provided. (Async methods are available starting in Chilkat v9.5.0.52.)
Note: Async method event callbacks happen in the background thread. Accessing and updating UI elements existing in the main thread may require special considerations.
Returns nil on failure
topGetDss
Gets the contents of the PDF's Document Security Store (/DSS) if it exists. Returns the information in JSON format (in json). If there is no /DSS then an empty JSON document "{}" is returned in json.
Returns true for success, false for failure.
GetEmbeddedFileBd
Loads the bd with the contents of the Nth embedded file contained in the currently open PDF. The index specifies the index of the embedded file. The 1st embedded file is at index 0. See the example linked below.
Returns true for success, false for failure.
GetEmbeddedFileInfo
Gets information about the Nth embedded file contained in the currently open PDF. The index specifies the index of the embedded file. The 1st embedded file is at index 0. The json is filled with information about the embedded file. See the example linked below.
Returns true for success, false for failure.
GetMetadata
If the PDF contains Metadata, then loads the Metadata XML into sb and returns true. If the PDF does not contain Metadata, then clears sb and returns false.
Returns true for success, false for failure.
GetSignatureContent
Returns the CMS signature for the Nth signature contained in the PDF. The 1st signature is at index 0.
Returns true for success, false for failure.
topGetSignerCert
This method retrieves the signer certificate after calling VerifySignature. Use the same index for index as the one passed to VerifySignature. If successful and the signer certificate is fully available, cert will contain the certificate.
Returns true for success, false for failure.
GetUnsignedSigFields
Returns JSON containing the name of each unsigned signature field found in the PDF.
Returns true for success, false for failure.
LastJsonData
Provides information about what transpired in the last method called. For many methods, there is no information. For some methods, details about what transpired can be obtained via LastJsonData. For example, after calling a method to verify a signature, the LastJsonData will return JSON with details about the algorithms used for signature verification.
Returns nil on failure
LoadBd
LoadFile
SetHttpObj
Sets the HTTP object to be used to communicate with the timestamp authority (TSA) server for cases where long term validation (LTV) of signatures is desired. The http is used to send the requests, and it allows for connection related settings and timeouts to be set. For example, if HTTP or SOCKS proxies are required, these features can be specified on the http.
The http is also used to send OCSP requests to store OCSP responses in the PDF's document security store (DSS).
Returns true for success, false for failure.
SetSignatureJpeg
Provides an optional JPG image to be included in the signature appearance. The JPG data is passed in jpgData.
Note: JPG images must use the BaseLine format and not the Progressive format. (Programs typically save JPEG's using the BaseLine format as default.)
Returns true for success, false for failure.
SetSigningCert
Specifies a certificate to be used when signing the PDF. Signing requires both a certificate and private key. In this case, the private key is implicitly specified if the certificate originated from a PFX that contains the corresponding private key, or if on a Windows-based computer where the certificate and corresponding private key are pre-installed.
Returns true for success, false for failure.
topSetSigningCert2
Specifies a digital certificate and private key to be used for signing the PDF.
Returns true for success, false for failure.
topSignPdf
Signs the open PDF and if successful writes the signed PDF to the ARG3. The jsonOptions contains information and instructions about the signature. See the examples below for more detailed information about the JSON options listed here.
Summary of PDF Signing Options
- appearance.fillUnsignedSignatureField - Can be set to true) to tell Chilkat to sign an existing unsigned signature field. Chilkat will automatically scale the visual appearance (text + graphics) to fit the pre-existing signature field. When fillUnsignedSignatureField is specified, it is not necessary to set appearance.x, appearance.y, appearance.fontScale, etc.
Starting in v9.5.0.90, the unsignedSignatureField option (see below) can be used to specify the unsigned signature field to be used. Otherwise, the 1st available unsigned field is used.
- appearance.fontScale - The font scale (in pts) to be used, such as "10.0".
- appearance.height - Optional to specify the exact height of the visible signature rectangle in points, where 72 points equals 1 inch. If the appearance.height is set, then appearance.width should be set to "auto" (or left unset). Chilkat will compute the font scale to achieve the desired rectangle height, and the resulting width will depend on the text.
- appearance.image - Indicates an image will be included in the signature. Set to the keyword "custom-jpg" to use an image set by calling the SetSignatureJpeg method. Otherwise can be set to one of the following keywords to indicate a built-in SVG graphic. (These are graphics embedded within the Chilkat library itself.)
- green-check-grey-circle
- green-check-green-circle
- application-approved
- application-rejected
- document-accepted
- approved
- blue-check-mark
- green-check-mark
- green-check-grey-circle
- red-x-red-circle
- rejected
- result-failure
- result-pass
- signature
- document-check
- document-x
- red-x-grey-circle
- appearance.imageOpacity - Sets the image opacity. Can be an integer from 1 to 100.
- appearance.imagePlacement - Sets the image placment within the signature rectangle. Can be "left", "right", or "center". Images placed in the center typically have opacity 50% or less because the text is displayed over the image (i.e. it is a background image). Images placed left or right are not background images. The signature rectangle is divided into two sub-rectangles, one for the image, and one for the text.
- appearance.margin_x - If the appearance.x is set to "left", then this can optionally be use to specify the position from the left edge. The default margin is 10.0 (10 points, where 72 points equals 1 inch).
- appearance.margin_y - If the appearance.y is set to "top", then this can optionally be use to specify the position from the top. The default margin for y is 20.0 (20 points, where 72 points equals 1 inch).
- appearance.text[i] - The text that should appear in the signature box. Each line is specified in a JSON array item, where "i" is an integer starting with "0" as the 1st line. The text can contain the following keywords which are replaced with actual values:
- cert_country - The signing certificate's subject country (C).
- cert_cn - The signing certificate's subject common name (CN).
- cert_dn - The signing certificate's DN (distinguished name).
- cert_email - The signing certificate's subject email address (E).
- cert_issuer_cn - The signing certificate's issuer's common name (CN).
- cert_locality - The signing certificate's subject locality (L).
- cert_organization - The signing certificate's subject organization (O).
- cert_org_id - The signing certificate's organization ID.
- cert_ou - The signing certificate's subject organizational unit (OU).
- cert_san_rfc822name - The signing certificate's RFC822 subject alternative name.
- cert_serial_dec - The signing certificate's serial number in decimal format.
- cert_serial_hex - The signing certificate's serial number in hex format.
- cert_state - The signing certificate's subject state (S).
- cert_thumbprint - The signing certificate's thumbprint (The SHA1 hash of the binary DER representation in hex format).
- current_datetime - Current local date/time in the format such as "Sep 11 2020 16:30:54".
- current_dt - Current local date/time in PDF date/time string format, such as YYYY.MM.DD hh:mm:ss -05'00'.
- current_rfc822_dt_gmt - Current GMT date/time in RFC822 format, such as "Mon, 22 Nov 2021 15:58:41 GMT".
- current_rfc822_dt_local - Current local date/time in RFC822 format, such as "Mon, 22 Nov 2021 09:56:16 -0600".
- current_timestamp_gmt - Current GMT date/time in timestamp format, such as "1990-12-31T23:59:60Z".
- current_timestamp_local - Current local date/time in timestamp format, such as "2019-10-12T03:20:50.52-04:00".
- appearance.width - Optional to specify the exact width of the visible signature rectangle in points, where 72 points equals 1 inch. If the appearance.width is set, then appearance.height should be set to "auto" (or left unset). Chilkat will compute the font scale to achieve the desired rectangle width, and the resulting height will depend on the text and number of lines of text.
- appearance.x - The horizontal position on the page of the left edge of the signature box. Can be a keyword such as "left", "right", or "middle" to specify a typical placement with default margins. Otherwise can be a floating point number where 0.0 is the leftmost coordinate of a page, and 612.0 is the right most. Can also be the keyword "after" to place the signature just to the right of the rightmost signature on the page.
- appearance.y - The vertical position on the page of the top edge of the signature box. Can be one of the keywords "top" or "bottom" to specify a typical placement with default margins. Otherwise can be a floating point number where 0.0 is the bottom coordinate of a page, and 792.0 is the top. Can also be the keyword "under" to place the signature just under the bottommost signature on the page.
- contactInfo - Optional to provide free-form text with contact information about the signer.
- docMDP.add - Set this boolean value to true to include the Document MDP Permissions with a certifying signature. When a certifying signature is desired, both "lockAfterSigning" and "docMDP.add" should be specified. The default Doc MDP permission level is 2.
- docMDP.accessPermissions - Include this if the docMDP.add is specified, and a permission level different from the default value of 2 is desired. Possible values are:
- 1: No changes to the document are permitted and any changes invalidate the signature.
- 2: Permitted changes include filling in forms, instantiating page templates and signing.
- 3: Same as 2, but also allow annotation creation, deletion, and modification.
- embedCertChain - Boolean to control whether the certificate chain is included in the signature. The default is to include the certificates in the chain of authentication. Set this to false to only include the signing certificate (this is not common).
- hashAlgorithm - If the signing certificate is RSA-based, and the signing scheme (padding scheme) is RSA-PSS, then this specifies the PSS hash algorithm. Can be "sha1", "sha256", "sha384", or "sha512". ("sha256" is what should be commonly chosen.)
- includeRootCert - Boolean to control whether the root CA certificate is included in the certificate chain (assuming the certificate chain is included). The default is to include the root CA certificate. Set this to false to exclude the root CA certificate from being included (this is not common).
- info.* - (added in Chilkat v9.5.0.90) Provides the ability to add or update the PDF document's "/Info", such as "Creator", "Producer", "Title", etc. Any number of arbitrary member names can be specified and these will be added to the document's /Info dictionary. However, Chilkat will ignore "ModDate" and "CreationDate" because ModDate is automatically set to the current system date/time and the CreationDate should not change.
- invisibleSignature - Set this boolean to true to create an invisible signature with no appearance.
- legalAttestation - Set to provide a free-form text legal attestation.
- location - Optional to provide free-form text with a description of the geographic location where the PDF was signed.
- lockAfterSigning - Set this boolean to true to certify and lock a PDF as opposed to adding an approval signature (the default) which allows for additional countersignatures.
- ltvOcsp - Set this boolean to true to create an LTV-enabled signature.
- noDss - Set this boolean to true to prevent adding a /DSS (Document Security Store).
- page - The page number where the signature will be placed. Page 1 is the 1st page.
- reason - Optional to provide text indicating the reason for the signature.
- signingAlgorithm - If the signing certificate is RSA-based, then chooses the RSA padding scheme. Possible values are "pkcs" for PKCS-v1_5 or "pss" for RSASSA-PSS.
- signingCertificateV2 - Set to "1" to include the "SigningCertificateV2" authenticated attribute. This is desired in most cases.
- signingTime - Set to "1" to include the "SigningTime" authenticated attribute. This is desired in most cases. Note: This is not the same as time-stamping. This is a fundamental authenticated attribute that should be included with or without the addition of time-stamping.
- sigTextLabel - Set to provide free-form text for the signatures annotation text label.
- subFilter - Set to "/ETSI.CAdES.detached", "/adbe.pkcs7.detached", or something else.
- timestampToken.enabled - Set to true to tell Chilkat to request a timestamp from a TSA server and include the timestamp token in the signature's authentication attributes
- timestampToken.tsaUrl - The timestamp server's URL.
- timestampToken.tsaUsername, timestampToken.tsaPassword - If the timestamp server requires a login and password.
- timestampToken.requestTsaCert - Set to true to ask the timestamp server to include its certificate in the timestamp token.
- unsignedSignatureField - (added in Chilkat v9.5.0.90) Can be set to specify the name of the unsigned signature field that is to be signed.
Returns true for success, false for failure.
SignPdfAsync (1)
Creates an asynchronous task to call the SignPdf method with the arguments provided. (Async methods are available starting in Chilkat v9.5.0.52.)
Note: Async method event callbacks happen in the background thread. Accessing and updating UI elements existing in the main thread may require special considerations.
Returns nil on failure
topSignPdfBd
Signs the open PDF and if successful writes the signed PDF to the bd. The jsonOptions contains information and instructions about the signature. See the reference documentation for the SignPdf method for details about jsonOptions.
Returns true for success, false for failure.
topSignPdfBdAsync (1)
Creates an asynchronous task to call the SignPdfBd method with the arguments provided. (Async methods are available starting in Chilkat v9.5.0.52.)
Note: Async method event callbacks happen in the background thread. Accessing and updating UI elements existing in the main thread may require special considerations.
Returns nil on failure
topUpdateMetadata
Updates or adds XMP metdata to a PDF. The metadata is passed in sb. If successful, the PDF with updated or inserted metadata is written to outFilePath.
Returns true for success, false for failure.
topUpdateMetadataBd
Updates or adds XMP metdata to a PDF. The metadata is passed in sb. If successful, the PDF with updated or inserted metadata is written to bd.
Returns true for success, false for failure.
topVerifySignature
Verifies the Nth signature contained in the PDF, where the 1st signature is indicated by an index of 0. Returns true if the signature valid, otherwise returns false. The sigInfo is an output argument and is populated with information about the validated or unvalidated signature.
Returns true for success, false for failure.
Events
To implement an event callback, your application would define and implement a class that inherits from CkoBaseProgress. Your application can implement methods to override some or all of the default/empty method implementations of the CkoBaseProgress base class.
For example:
class MyPdfProgress : CkoBaseProgress { override func ProgressInfo(name: String!, value: String!) { // application code goes here... print(name + ": " + value) } override func AbortCheck(abort: UnsafeMutablePointer) { // application code goes here... // To abort the operation, set this equal to true instead of false. abort.memory = false } override func PercentDone(pctDone: NSNumber!, abort: UnsafeMutablePointer ) { // application code goes here... print(pctDone) // To abort the operation, set this equal to true instead of false. abort.memory = false } // For asynchronous method calls. override func TaskCompleted(task: CkoTask!) { // application code goes here... } } func someAppFunction() { // Demonstrate how to set the event callback object... let pdf = CkoPdf() let myPdfProgress = MyPdfProgress() pdf.setEventCallbackObject(myPdfProgress) // ... // ... // ... }
AbortCheck
Provides the opportunity for a method call to be aborted. The AbortCheck event is fired periodically based on the value of the HeartbeatMs property. If HeartbeatMs is 0, then no AbortCheck events will fire. As an example, to fire 5 AbortCheck events per second, set the HeartbeatMs property equal to 200.
PercentDone
Provides the percentage completed for any method that involves network communications or time-consuming processing (assuming it is a method where a percentage completion can be measured). This event is only fired when it is possible to know a percentage completion, and when it makes sense to express the operation as a percentage completed. The pctDone argument will have a value from 1 to 100. For operations (Chilkat method calls) that complete very quickly, the number of PercentDone callbacks will vary, but the final callback should have a value of 100. For long running operations, no more than one callback per percentage point will occur (for example: 1, 2, 3, ... 98, 99, 100).
The PercentDone callback counts as an AbortCheck event. For method calls that complete quickly such that PercentDone events fire, it may be that AbortCheck events don't fire because the opportunity to abort is already provided in the PercentDone callback. For time consuming operations, where the amount of time between PercentDone callbacks are long, AbortCheck callbacks may be used to allow for the operation to be aborted in a more responsive manner.
The abort output argument provides a means for aborting the operation. Setting it to true will cause the method to abort and return a failed status (or whatever return value indicates failure).
ProgressInfo
A general name/value event that provides information about what is happening during a method call. To find out what information is available, write code to handle this event and log the name/value pairs. Most are self-explanatory.
TaskCompleted
Called in the background thread when an asynchronous task completes.