p
/
pdf-simple-sign
1
0
Fork 0
Code Issues Pull Requests Releases 3 Wiki Activity

Add an instructive man page

This commit is contained in:
Přemysl Eric Janouch 2020-09-05 20:03:10 +02:00
parent 46fa50749f
commit a75f990565
Signed by: p
GPG Key ID: A0420B94F92B9493
3 changed files with 97 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
README.adoc
View File

@ -1,23 +1,20 @@
pdf-simple-sign pdf-simple-sign
=============== ===============
:compact-option:
'pdf-simple-sign' is a simple PDF signer intended for documents produced by 'pdf-simple-sign' is a simple PDF signer intended for documents produced by
the Cairo library. As such, it currently comes with some restrictions: the Cairo library, GNU troff, ImageMagick, or similar.
* the document may not have any forms or signatures already, as they would be
overwritten
* the document may not employ cross-reference streams, or must constitute
a hybrid-reference file at least
The signature is attached to the first page and has no appearance.
I don't aim to extend the functionality any further. The project is fairly I don't aim to extend the functionality any further. The project is fairly
self-contained and it should be easy to grasp and change to suit to your needs. self-contained and it should be easy to grasp and change to suit to your needs.
Documentation
-------------
See the link:pdf-simple-sign.adoc[man page] for information about usage.
The rest of this README will concern itself with externalities.
Building Building
-------- --------
Build dependencies: Meson, a C++11 compiler, pkg-config + Build dependencies: Meson, Asciidoctor, a C++11 compiler, pkg-config +
Runtime dependencies: libcrypto (OpenSSL 1.1 API) Runtime dependencies: libcrypto (OpenSSL 1.1 API)
$ git clone https://git.janouch.name/p/pdf-simple-sign.git $ git clone https://git.janouch.name/p/pdf-simple-sign.git
@ -30,15 +27,6 @@ In addition to the C++ version, also included is a native Go port:
$ go get janouch.name/pdf-simple-sign/cmd/pdf-simple-sign $ go get janouch.name/pdf-simple-sign/cmd/pdf-simple-sign
Usage
-----
$ ./pdf-simple-sign document.pdf document.signed.pdf KeyAndCerts.p12 password
If the signature doesn't fit within the default reservation of 4 kibibytes,
you might need to adjust it using the `-r` option, or throw out any unnecessary
intermediate certificates.
Contributing and Support Contributing and Support
------------------------ ------------------------
Use https://git.janouch.name/p/pdf-simple-sign to report bugs, request features, Use https://git.janouch.name/p/pdf-simple-sign to report bugs, request features,

11
meson.build
View File

@ -10,3 +10,14 @@ cryptodep = dependency('libcrypto')
executable('pdf-simple-sign', 'pdf-simple-sign.cpp', executable('pdf-simple-sign', 'pdf-simple-sign.cpp',
install : true, install : true,
dependencies : cryptodep) dependencies : cryptodep)
asciidoctor = find_program('asciidoctor')
foreach page : ['pdf-simple-sign']
custom_target('manpage for ' + page,
input: page + '.adoc', output: page + '.1',
command: [asciidoctor, '-b', 'manpage',
'-a', 'release-version=' + meson.project_version(),
'@INPUT@', '-o', '@OUTPUT@'],
install: true,
install_dir: join_paths(get_option('mandir'), 'man1'))
endforeach

79
pdf-simple-sign.adoc Normal file
View File

@ -0,0 +1,79 @@
pdf-simple-sign(1)
==================
:doctype: manpage
:manmanual: pdf-simple-sign Manual
:mansource: pdf-simple-sign {release-version}
Name
----
pdf-simple-sign - a simple PDF signer
Synopsis
--------
*pdf-simple-sign* [_OPTION_]... _INPUT.pdf_ _OUTPUT.pdf_ _KEY-PAIR.p12_ _PASSWORD_
Description
-----------
'pdf-simple-sign' is a simple PDF signer intended for documents produced by
the Cairo library, GNU troff, ImageMagick, or similar. As such, it currently
comes with some restrictions:
* the document may not have any forms or signatures already, as they would be
overwritten,
* the document may not employ cross-reference streams, or must constitute
a hybrid-reference file at least.
The key and certificate pair is accepted in the PKCS#12 format. The _PASSWORD_
must be supplied on the command line, and may be empty if it is not needed.
The signature is attached to the first page and has no appearance.
If signature data don't fit within the default reservation of 4 kibibytes,
you might need to adjust it using the *-r* option, or throw out any unnecessary
intermediate certificates.
Options
-------
*-r* _RESERVATION_, *--reservation*=_RESERVATION_::
Set aside _RESERVATION_ amount of bytes for the resulting signature.
Feel free to try a few values in a loop. The program itself has no
conceptions about the data, so it can't make accurate predictions.
*-h*, *--help*::
Display a help message and exit.
*-V*, *--version*::
Output version information and exit.
Examples
--------
Create a self-signed certificate, make a document containing the current date,
sign it and verify the attached signature:
$ openssl req -newkey rsa:2048 -subj "/CN=Test" -nodes
-keyout key.pem -x509 -out cert.pem 2>/dev/null
$ openssl pkcs12 -inkey key.pem -in cert.pem \
-export -passout pass:test -out key-cert.p12
$ date | groff -T pdf > test.pdf
$ pdf-simple-sign test.pdf test.signed.pdf key-pair.p12 ""
$ pdfsig test.signed.pdf
Digital Signature Info of: test.signed.pdf
Signature #1:
- Signer Certificate Common Name: Test
- Signer full Distinguished Name: CN=Test
- Signing Time: Sep 05 2020 19:41:22
- Signing Hash Algorithm: SHA-256
- Signature Type: adbe.pkcs7.detached
- Signed Ranges: [0 - 6522], [14716 - 15243]
- Total document signed
- Signature Validation: Signature is Valid.
- Certificate Validation: Certificate issuer isn't Trusted.
Reporting bugs
--------------
Use https://git.janouch.name/p/pdf-simple-sign to report bugs, request features,
or submit pull requests.
See also
--------
*openssl*(1), *pdfsig*(1)