PLOP DS (Digital Signature) is based on PDFlib PLOP, a versatile tool for linearizing, optimizing, repairing, analyzing, encrypting and decrypting PDF documents. The extended version PLOP DS additionally offers the ability to apply digital signatures to PDF documents. The PDF signatures can be validated with Adobe Acrobat and Adobe Reader, without the need for any additional validation software.
PDFlib PLOP DS applies standard PDF signatures which can be validated with Adobe Reader or Acrobat. Signature support in PLOP DS works as follows:
PLOP DS reads the signer’s digital ID (i.e. the certificate plus corresponding private key) from memory, a disk file, or a secure hardware token. The digital ID is used to generate a cryptographic signature for the PDF document.
PLOP DS can create signatures in existing PDF signature fields or generate new fields which hold the signature. The generated signatures can be invisible, or visible at a particular location on the page. Several signature properties which will be displayed in Acrobat can be specified, such as the reason of the signature, location, contact info, etc.
Applying a signature can be combined with encryption (user password, master password, or permissions).
PLOP uses the SHA-256 hash algorithm for generating the signatures and supports the RSA and DSA algorithms.
For maximum flexibility PLOP DS supports multiple cryptographic engines, i.e. components for generating the digital signatures:
The built-in engine is available on all platforms. It implements the required cryptographic functions directly in PLOP DS without any external dependencies. The built-in engine supports software-based digital IDs in the common PKCS#12 and PFX certificate formats.
On Windows systems PLOP DS can use the Microsoft Cryptographic API (CAPI) as cryptographic engine and therefore leverage the cryptographic infrastructure provided by Windows. Digital IDs from the Windows certificate store can be used for generating the signatures, including software-based digital IDs and secure hardware tokens.
On Windows, Linux, and Solaris PLOP DS can attach cryptographic tokens via the standard PKCS#11 interface. Using this interface digital IDs on smartcards, USB sticks, and other secure devices can be used for generating the signatures. This includes devices with integrated keyboard for secure PIN input.
For specialized applications a custom crypto engine can be attached to PLOP DS, e.g. to use certified cryptographic software modules or to attach hardware tokens which require a custom communcations protocol. Please contact us if you are interested in attaching your own cryptographic engine to PLOP DS.
PLOP DS supports all PDF versions up to Acrobat X, including PDF 1.7 (ISO 32000). PLOP is PDF/A-aware: if the input document conforms to the PDF/A standard (ISO 19005-1), the output document is guaranteed to still comply with PDF/A. PLOP fully supports XMP extension schemas as required by PDF/A-1. Similarly, PLOP is aware of PDF/X-1a/3/4/5 (ISO 15930).
The ability to insert PDF/A-conforming XMP metadata in PDF documents is an important advantage of PLOP.
PLOP DS is available as a programming library (component) for various development environments, and as a command-line tool for batch operations. The library and the command-line tool offer similar features, but are suitable for different deployment tasks.
The PLOP DS programming library is used for integration into your desktop or server application. Examples for using the library with all supported language bindings are included in the PLOP DS package. Since the PLOP DS library accepts PDF input documents from a disk file or directly in memory, it can easily be combined with other products. For example, using the combination of PDFlib and PLOP DS you can create PDF invoices and sign them before sending them to the customer.
The PLOP DS command-line tool is suited for batch processing PDF documents. It doesn’t require any programming, but offers powerful command-line options which can be used to integrate it into complex workflows. The PLOP DS command-line tool can also be called from environments which do not support the use of the PLOP DS library.
PLOP DS is everywhere – it runs on practically all computing platforms. We offer 32-bit and 64-bit packages for all common flavors of Windows, Mac OS, Linux and Unix, as well as for IBM mainframe systems.
The PLOP DS core is written in highly optimized C code for maximum performance and small overhead. Via a simple API (Application Programming Interface) the PLOP DS functionality is accessible from a variety of development environments:
COM for use with VB, ASP, Borland Delphi, etc.
C and C++
Java, including servlets and Java Application Server
.NET for use with C#, VB.NET, ASP.NET, etc.