PDFlib PLOP DS (Digital Signature) basiert auf PLOP, einem vielseitigen Tool zur Linearisierung, Optimierung, Reparatur, Analyse sowie Ver- und Entschlüsselung von PDF-Dokumenten. Die erweiterte Variante PLOP DS bietet darüber hinaus die Möglichkeit, PDF-Dokumente digital zu signieren. Die Signaturen lassen sich mit Adobe Acrobat und Adobe Reader ohne Zusatzsoftware validieren.

PLOP DS erstellt Standard-PDF-Signaturen, die sich mit Adobe Reader oder Acrobat validieren lassen. Die Signaturfunktionen in PLOP DS arbeiten wie folgt:

PLOP DS liest die digitale ID des Unterzeichners (das heißt das Zertifikat plus den zugehörigen privaten Schlüssel) aus dem Arbeitsspeicher, einer Datei oder einem sicheren Hardware-Token. Mit dieser ID erstellt PLOP eine kryptografische Signatur für das PDF-Dokument.

PLOP DS kann Signaturen in bereits vorhandene PDF-Signaturfelder einfügen oder neue Felder für die Signatur erstellen. Die erstellten Signaturen sind unsichtbar oder an einer definierten Position auf der Seite sichtbar. Die Signatur kann mit Eigenschaften versehen werden, die in Acrobat angezeigt werden, zum Beispiel Grund für die Signatur, Ort der Unterzeichnung, Kontaktinfo, etc.

Das Anbringen einer Signatur lässt sich mit Verschlüsselung kombinieren (Benutzerkennwort, Hauptkennwort oder Berechtigungen).

PLOP DS nutzt den Hashalgorithmus SHA-256 und unterstützt die Signaturalgorithmen RSA und DSA.

For maximum flexibility PLOP DS supports multiple cryptographic engines, i.e. components for generating the digital signatures:

The built-in engine is available on all platforms. It implements the required cryptographic functions directly in PLOP DS without any external dependencies. The built-in engine supports software-based digital IDs in the common PKCS#12 and PFX certificate formats.

On Windows systems PLOP DS can use the Microsoft Cryptographic API (CAPI) as cryptographic engine and therefore leverage the cryptographic infrastructure provided by Windows. Digital IDs from the Windows certificate store can be used for generating the signatures, including software-based digital IDs and secure hardware tokens.

On Windows, Linux, and Solaris PLOP DS can attach cryptographic tokens via the standard PKCS#11 interface. Using this interface digital IDs on smartcards, USB sticks, and other secure devices can be used for generating the signatures. This includes devices with integrated keyboard for secure PIN input.

For specialized applications a custom crypto engine can be attached to PLOP DS, e.g. to use certified cryptographic software modules or to attach hardware tokens which require a custom communcations protocol. Please contact us if you are interested in attaching your own cryptographic engine to PLOP DS.

PLOP DS supports all PDF versions up to Acrobat X, including PDF 1.7 (ISO 32000). PLOP DS is PDF/A-aware: if the input document conforms to the PDF/A standard (ISO 19005-1), the signed output document is guaranteed to still comply with PDF/A. PLOP DS fully supports XMP extension schemas as required by PDF/A-1. Similarly, PLOP is aware of PDF/X-1a/3/4/5 (ISO 15930).

The ability to apply PDF/A-conforming signatures to PDF documents is an important advantage of PLOP DS.

PLOP DS is available as a programming library (component) for various development environments, and as a command-line tool for batch operations. The library and the command-line tool offer similar features, but are suitable for different deployment tasks.

The PLOP DS programming library is used for integration into your desktop or server application. Examples for using the library with all supported language bindings are included in the PLOP DS package. Since the PLOP DS library accepts PDF input documents from a disk file or directly in memory, it can easily be combined with other products. For example, using the combination of PDFlib and PLOP DS you can create PDF invoices and sign them before sending them to the customer.

The PLOP DS command-line tool is suited for batch processing PDF documents. It doesn’t require any programming, but offers powerful command-line options which can be used to integrate it into complex workflows. The PLOP DS command-line tool can also be called from environments which do not support the use of the PLOP DS library.

PLOP DS is everywhere – it runs on practically all computing platforms. We offer 32-bit and 64-bit packages for all common flavors of Windows, Mac OS, Linux and Unix, as well as for IBM mainframe systems.

The PLOP DS core is written in highly optimized C code for maximum performance and small overhead. Via a simple API (Application Programming Interface) the PLOP DS functionality is accessible from a variety of development environments:

COM for use with VB, ASP, Borland Delphi, etc.

C and C++

Java, including servlets and Java Application Server

.NET for use with C#, VB.NET, ASP.NET, etc.

Perl

PHP

Python