TrustSafe SecureSignFlow SDK
Simple and secure interface for signing operations
To Know More
TrustSafe SecureSignFlow (TSSSF) SDK is designed to allow developers to easily
integrate digital signature functionality into their applications.
It supports adding text and image-based digital signatures to PDF files
and ensures compatibility with secure USB tokens for strong, hardware-based authentication.
The SDK aims to provide a simple and secure interface for signing operations, complying with
PKI-based (Public Key Infrastructure) digital signature standards.
Highlighted function and features
Image Signature
-
Enables the insertion of an image file (e.g. PNG, JPG) as a digital signature in specified areas of the PDF
-
The image size and position are configurable, with support for adjusting image dimensions
-
Image signatures are securely bound to the document content (non-editable after signing)
-
Digital Signature can be visible or invisible
Secure USB Token Support
-
Supports PKCS#11 secure USB tokens for handling digital signing
-
USB tokens should be used for secure storage of private keys and digital certificates used during the signing process
-
Token-based authentication should require a PIN entry for accessing the private key
-
Detects and works with widely used FIPS 140-2 certified tokens such as SafeNet eToken
Signature Validation
-
After the document is signed, signature validation can be performed to check document integrity and authenticity
-
Signed PDF is compatible with commonly used PDF readers and editors, ensuring that signatures are visible and valid when the document is viewed using Adobe Acrobat
-
Signed PDFs should contain metadata that indicates the validity and status of the signature (whether it's been altered post-signature)
Support Platform
-
Supports on Windows 10 or 11 (supporting native token middleware like SafeNet Authentication Client)
Support Multi Digital Signatures
on a PDF
-
Supports the ability for multiple signers to sign a PDF document in a sequential manner. In this workflow, each signer applies their digital signature one after the other. Each new signature validates the document at the state when the previous signature was applied and also preserves the integrity of the document after subsequent signatures
-
The PDF format allows multiple signature fields to be added, each representing a different signer's authentication
Digital Certificate Support
-
Supports signing with X.509 certificates stored on USB tokens
-
Certificates should include signer identity and be used to validate the authenticity of the signer
-
Verifies certificate validity (including checking expiration dates and revocation lists if it is provided)
Simple and Intuitive API
-
Offers a user-friendly API that developers can easily integrate into their applications without deep cryptographic knowledge
-
The API should allow developers to:
-
Download PDF file from specified URL with HTTPS Basic Authentication to sign
-
Choose signature location (coordinates, field names)
-
Define signature format (image)
-
Insert the text
-
Select certificate and key from the USB token
-
Zip the PDF file with password protection
-
Extract the digital certificate holder name and insert into the PDF's signature information
-
Security and Compliance
-
Compliance with Standards
-
Supports for RSA cryptographic algorithms along with SHA-256
-
-
Security Features
-
Enforce session timeouts and re-authentication for extended signing sessions
-
Support certificate revocation checking via CRL (Certificate Revocation List)
-
Logging
-
Logs all cryptographic and signing operations for auditing purposes
-
Error logs should be available for issues like failed token access, invalid certificates, or unsuccessful signature operations
-
Detailed error messages should be provided for common issues like incorrect PIN entry, missing certificates, or unsupported file formats
Use Cases
Supporting multiple digital signature on a PDF ensures that all relevant parties can securely and verifiably sign a document, while maintaining the integrity of the document and meeting compliance requirements for legal and regulatory purposes.
TSSSF is designed to work seamlessly integrated various applications, ensuring a flexible and secure digital signing process
Certificates and Transcripts
Scenario: Professional authorities, educational institutions issue digitally signed certificates, diplomas, and transcripts, which professional, students and graduates use for professional qualifications, job applications or further studies.
Benefit: Protects against falsification of professional and educational credentials and simplifies the verification process for employers and other organizations.