Add an instructive man page
This commit is contained in:
parent
46fa50749f
commit
a75f990565
GPG Key ID:
A0420B94F92B9493
26
README.adoc
26
README.adoc
|
|
@ -1,23 +1,20 @@
|
|||
pdf-simple-sign
|
||||
===============
|
||||
:compact-option:
|
||||
|
||||
'pdf-simple-sign' is a simple PDF signer intended for documents produced by
|
||||
the Cairo library. As such, it currently comes with some restrictions:
|
||||
|
||||
* the document may not have any forms or signatures already, as they would be
|
||||
overwritten
|
||||
* the document may not employ cross-reference streams, or must constitute
|
||||
a hybrid-reference file at least
|
||||
|
||||
The signature is attached to the first page and has no appearance.
|
||||
the Cairo library, GNU troff, ImageMagick, or similar.
|
||||
|
||||
I don't aim to extend the functionality any further. The project is fairly
|
||||
self-contained and it should be easy to grasp and change to suit to your needs.
|
||||
|
||||
Documentation
|
||||
-------------
|
||||
See the link:pdf-simple-sign.adoc[man page] for information about usage.
|
||||
The rest of this README will concern itself with externalities.
|
||||
|
||||
Building
|
||||
--------
|
||||
Build dependencies: Meson, a C++11 compiler, pkg-config +
|
||||
Build dependencies: Meson, Asciidoctor, a C++11 compiler, pkg-config +
|
||||
Runtime dependencies: libcrypto (OpenSSL 1.1 API)
|
||||
|
||||
$ git clone https://git.janouch.name/p/pdf-simple-sign.git
|
||||
|
|
@ -30,15 +27,6 @@ In addition to the C++ version, also included is a native Go port:
|
|||
|
||||
$ go get janouch.name/pdf-simple-sign/cmd/pdf-simple-sign
|
||||
|
||||
Usage
|
||||
-----
|
||||
|
||||
$ ./pdf-simple-sign document.pdf document.signed.pdf KeyAndCerts.p12 password
|
||||
|
||||
If the signature doesn't fit within the default reservation of 4 kibibytes,
|
||||
you might need to adjust it using the `-r` option, or throw out any unnecessary
|
||||
intermediate certificates.
|
||||
|
||||
Contributing and Support
|
||||
------------------------
|
||||
Use https://git.janouch.name/p/pdf-simple-sign to report bugs, request features,
|
||||
|
|
|
|||
11
meson.build
11
meson.build
|
|
@ -10,3 +10,14 @@ cryptodep = dependency('libcrypto')
|
|||
executable('pdf-simple-sign', 'pdf-simple-sign.cpp',
|
||||
install : true,
|
||||
dependencies : cryptodep)
|
||||
|
||||
asciidoctor = find_program('asciidoctor')
|
||||
foreach page : ['pdf-simple-sign']
|
||||
custom_target('manpage for ' + page,
|
||||
input: page + '.adoc', output: page + '.1',
|
||||
command: [asciidoctor, '-b', 'manpage',
|
||||
'-a', 'release-version=' + meson.project_version(),
|
||||
'@INPUT@', '-o', '@OUTPUT@'],
|
||||
install: true,
|
||||
install_dir: join_paths(get_option('mandir'), 'man1'))
|
||||
endforeach
|
||||
|
|
|
|||
|
|
@ -0,0 +1,79 @@
|
|||
pdf-simple-sign(1)
|
||||
==================
|
||||
:doctype: manpage
|
||||
:manmanual: pdf-simple-sign Manual
|
||||
:mansource: pdf-simple-sign {release-version}
|
||||
|
||||
Name
|
||||
----
|
||||
pdf-simple-sign - a simple PDF signer
|
||||
|
||||
Synopsis
|
||||
--------
|
||||
*pdf-simple-sign* [_OPTION_]... _INPUT.pdf_ _OUTPUT.pdf_ _KEY-PAIR.p12_ _PASSWORD_
|
||||
|
||||
Description
|
||||
-----------
|
||||
'pdf-simple-sign' is a simple PDF signer intended for documents produced by
|
||||
the Cairo library, GNU troff, ImageMagick, or similar. As such, it currently
|
||||
comes with some restrictions:
|
||||
|
||||
* the document may not have any forms or signatures already, as they would be
|
||||
overwritten,
|
||||
* the document may not employ cross-reference streams, or must constitute
|
||||
a hybrid-reference file at least.
|
||||
|
||||
The key and certificate pair is accepted in the PKCS#12 format. The _PASSWORD_
|
||||
must be supplied on the command line, and may be empty if it is not needed.
|
||||
|
||||
The signature is attached to the first page and has no appearance.
|
||||
|
||||
If signature data don't fit within the default reservation of 4 kibibytes,
|
||||
you might need to adjust it using the *-r* option, or throw out any unnecessary
|
||||
intermediate certificates.
|
||||
|
||||
Options
|
||||
-------
|
||||
*-r* _RESERVATION_, *--reservation*=_RESERVATION_::
|
||||
Set aside _RESERVATION_ amount of bytes for the resulting signature.
|
||||
Feel free to try a few values in a loop. The program itself has no
|
||||
conceptions about the data, so it can't make accurate predictions.
|
||||
|
||||
*-h*, *--help*::
|
||||
Display a help message and exit.
|
||||
|
||||
*-V*, *--version*::
|
||||
Output version information and exit.
|
||||
|
||||
Examples
|
||||
--------
|
||||
Create a self-signed certificate, make a document containing the current date,
|
||||
sign it and verify the attached signature:
|
||||
|
||||
$ openssl req -newkey rsa:2048 -subj "/CN=Test" -nodes
|
||||
-keyout key.pem -x509 -out cert.pem 2>/dev/null
|
||||
$ openssl pkcs12 -inkey key.pem -in cert.pem \
|
||||
-export -passout pass:test -out key-cert.p12
|
||||
$ date | groff -T pdf > test.pdf
|
||||
$ pdf-simple-sign test.pdf test.signed.pdf key-pair.p12 ""
|
||||
$ pdfsig test.signed.pdf
|
||||
Digital Signature Info of: test.signed.pdf
|
||||
Signature #1:
|
||||
- Signer Certificate Common Name: Test
|
||||
- Signer full Distinguished Name: CN=Test
|
||||
- Signing Time: Sep 05 2020 19:41:22
|
||||
- Signing Hash Algorithm: SHA-256
|
||||
- Signature Type: adbe.pkcs7.detached
|
||||
- Signed Ranges: [0 - 6522], [14716 - 15243]
|
||||
- Total document signed
|
||||
- Signature Validation: Signature is Valid.
|
||||
- Certificate Validation: Certificate issuer isn't Trusted.
|
||||
|
||||
Reporting bugs
|
||||
--------------
|
||||
Use https://git.janouch.name/p/pdf-simple-sign to report bugs, request features,
|
||||
or submit pull requests.
|
||||
|
||||
See also
|
||||
--------
|
||||
*openssl*(1), *pdfsig*(1)
|
||||
Loading…
Reference in New Issue