SignDoc SDK (C)  5.0.0
Migrating from SignDoc SDK 4.0 to SignDoc SDK 4.1

The default background color for all fields is now transparent (combo boxes, check boxes, and radio buttons had white background in SignDoc SDK 4.0). You can change the background color with SIGNDOC_Field_setBackgroundColor().

New check box fields will now use a check mark rather than a cross. You can change the button style with SIGNDOC_Field_setButtonStyle().

Signature method SIGNDOC_SIGNATUREPARAMETERS_METHOD_DIGSIG_CADES_DETACHED has been added, SIGNDOC_SIGNATUREPARAMETERS_METHOD_DIGSIG_PKCS7_SHA1 has been deprecated.

Please use new interface, SIGNDOC_SignRSA instead of SIGNDOC_SignPKCS7 as it is much simpler. See SignDocSample6.java and SignDocSampleOpenSSL3.cpp for sample code using SIGNDOC_SignRSA.

SIGNDOC_SignPKCS7_signDetached() and SIGNDOC_SignPKCS7_signHash() have been merged into SIGNDOC_SignPKCS7_sign().

SIGNDOC_SignPKCS7_getSignHashSize() and SIGNDOC_SignPKCS7_getSignDetachedSize() have been merged into SIGNDOC_SignPKCS7_getSignatureSize() and parameter aTimeStamp has been removed, the size of the timestamp is no longer included. There are new hash algorithms: SHA-384 and SHA-512.

See SignDocSample5.java and SignDocSampleOpenSSL2.cpp for sample code which employs an adapter class for using an implementation of the old SIGNDOC_SignPKCS7 interface.

The message digest passed to SIGNDOC_TimeStamper_stamp() is no longer a hash of the document message digest; now you shall pass the document message digest directly, unhashed.

SIGNDOC_SignatureParameters has a new integer parameter, "TimeStampSize". String parameter "TimeStampServerTrustedCertificatesPath" has been removed, the server certificate is always tested. You may have to use SIGNDOC_DocumentLoader_loadTrustedCertificatesFromFile().

PEM format is now accepted for blob parameters "Certificate" and "CertificatePrivateKey".

SIGNDOC_SignatureParameters_setRSA() has been added.

SIGNDOC_SignatureParameters has new string parameters, "SelectCertificateMessage" and "SelectCertificateTitle".

SIGNDOC_VerificationResult_verifyCertificateChain(), SIGNDOC_VerificationResult_verifyCertificateSimplified(), SIGNDOC_VerificationResult_verifyTimeStampCertificateChain(), and SIGNDOC_VerificationResult_verifyTimeStampCertificateSimplified() now have a single argument for specifying all the verification parameters.

Revocation checking is now implemented; SIGNDOC_VerificationResult_verifyCertificateRevocation() and SIGNDOC_VerificationResult_verifyTimeStampCertificateRevocation() have been replaced by SIGNDOC_VerificationResult_getCertificateRevocationState() and SIGNDOC_VerificationResult_getTimeStampCertificateRevocationState(), respectively.

The revocation state of the certificates can be checked at signing time; SIGNDOC_Document_addSignature() now has an additional argument for passing parameters for certificate chain checking and revocation checking. The revocation information can be included in the signature, see integer parameter "AddRevocationInfo". The aParameters argument of SIGNDOC_Document_addSignature() is no longer a const pointer.

SIGNDOC_Document_renderPageAsImage() now has an additional argument for passing parameters for certificate chain checking and revocation checking, SIGNDOC_RenderParameters_setCertificateChainVerificationPolicy() and friends have been removed.

SIGNDOC_Document_addSignature() now requires that a certificate chain ending in a trusted root certificate can be built for the signing certificate. Any intermediate certificates will be included in the signature. Use integer parameter "AddCertificates" to change this behavior. Better use SIGNDOC_DocumentLoader_loadTrustedCertificatesFromFile() and ensure that all required intermediate certificates are available. See also the new blob parameter "IntermediateCertificate".

Functions SIGNDOC_Field_getSeedValueAddRevInfo() and SIGNDOC_Field_setSeedValueAddRevInfo() have been added. A new addRevInfo element has been added to PdfFields.xsd.

Functions SIGNDOC_Field_getSeedValueFilter(), SIGNDOC_Field_setSeedValueFilter() and related functions have been added. A new filter element has been added to PdfFields.xsd.

Functions SIGNDOC_Field_getSeedValueSubFilter(), SIGNDOC_Field_setSeedValueSubFilter() and related functions have been added. A new subFilter element has been added to PdfFields.xsd.

Functions SIGNDOC_Field_getSeedValueDigestMethod(), SIGNDOC_Field_setSeedValueDigestMethod() and related functions have been added. A new digestMethod element has been added to PdfFields.xsd.

There is a new value, SIGNDOC_SIGNATUREPARAMETERS_METHOD_DEFAULT, for integer parameter "Method" of SIGNDOC_SignatureParameters. That new value is the default value of that parameter. It causes the method to be chosen by the signature field seed value dictionary (SubFilter). If the document does not have a preference for a signing method, SIGNDOC_SIGNATUREPARAMETERS_METHOD_DIGSIG_PKCS7_DETACHED will be used.

There are a new values, SIGNDOC_SIGNATUREPARAMETERS_DETACHEDHASHALGORITHM_SHA384, SIGNDOC_SIGNATUREPARAMETERS_DETACHEDHASHALGORITHM_SHA512, and SIGNDOC_SIGNATUREPARAMETERS_DETACHEDHASHALGORITHM_RIPEMD160 for integer parameter "DetachedHashAlgorithm" of SIGNDOC_SignatureParameters. SIGNDOC_SIGNATUREPARAMETERS_DETACHEDHASHALGORITHM_DEFAULT now causes the digest algorithm preferred by the signature field seed value dictionary (DigestMethod) to be used. If the document does not have a preference for a digest algorithm, SIGNDOC_SIGNATUREPARAMETERS_DETACHEDHASHALGORITHM_SHA256 will be used.

If you set either integer parameter "%Method" or integer parameter "%DetachedHashAlgorithm" to a non-default value, signing can fail due to the document's signature field seed value dictionary not allowing the specified signing method and/or hash algorithm. Therefore, using SIGNDOC_SIGNATUREPARAMETERS_METHOD_DEFAULT and SIGNDOC_SIGNATUREPARAMETERS_DETACHEDHASHALGORITHM_DEFAULT is recommended. However, you can control that behavior with new integer parameter "%IgnoreSeedValues".

There are a new values, SIGNDOC_SIGNATUREPARAMETERS_CERTIFICATESIGNINGALGORITHM_SHA256_RSA, SIGNDOC_SIGNATUREPARAMETERS_CERTIFICATESIGNINGALGORITHM_SHA384_RSA, SIGNDOC_SIGNATUREPARAMETERS_CERTIFICATESIGNINGALGORITHM_SHA512_RSA, and SIGNDOC_SIGNATUREPARAMETERS_CERTIFICATESIGNINGALGORITHM_RIPEMD160_RSA for integer parameter "CertificateSigningAlgorithm" of SIGNDOC_SignatureParameters.

There are a new values, SIGNDOC_SIGNATUREPARAMETERS_TIMESTAMPHASHALGORITHM_SHA384 and SIGNDOC_SIGNATUREPARAMETERS_TIMESTAMPHASHALGORITHM_SHA512 for integer parameter "TimeStampHashAlgorithm" of SIGNDOC_SignatureParameters. SIGNDOC_SIGNATUREPARAMETERS_TIMESTAMPHASHALGORITHM_DEFAULT now causes the same hash algorithm to be used as for the document hash, falling back to SIGNDOC_SIGNATUREPARAMETERS_TIMESTAMPHASHALGORITHM_SHA1 if that algorithm is not supported by the time stamp server.

If string parameter "Signer" of SIGNDOC_SignatureParameters is not set, the signing certificate's common name will be used.

There are new string parameters "Text1" through "Text9" for SIGNDOC_SignatureParameters along with appropriate constants for putting those texts into the appearance stream.

There are new value for integer parameter "TextPosition" of SIGNDOC_SignatureParameters for putting the text above, to the left, or to the right of the image.

There is a new profile for SIGNDOC_SignatureParameters_createSignatureParameters(): "image".

Support for PKCS #1 signatures has been improved.

"broken chain" and "untrusted root certificate" are now distinguished for OS X and iOS.

SIGNDOC_SignatureParameters_setString() and SIGNDOC_SignatureParameters_setBlob() now support user-defined properties which will be stored in the signature.

SIGNDOC_VerificationResult_getSignatureString() now returns SIGNDOC_VERIFICATIONRESULT_RETURNCODE_PROPERTY_NOT_FOUND instead of SIGNDOC_VERIFICATIONRESULT_RETURNCODE_NOT_SUPPORTED if the property does not exist. SIGNDOC_VerificationResult_getSignatureBlob() supports two additional parameters: "BiometricHash" and "Signature".

SIGNDOC_Document_getShootInFoot() has been added. There are new functions, SIGNDOC_Document_setFlags() and SIGNDOC_Document_getFlags() for controlling flags that modify the behavior of various functions.

SIGNDOC_Document_getField() etc. no longer return an empty button value if there are multiple values for a check box field. You can get back the old behavior by using SIGNDOC_Document_setFlags().

There is no longer an ordering relation for SIGNDOC_RenderParameters objects; however, they can be compared for equality.

SIGNDOC_Document_importPages() now can import pages from PDF documents with logical structure; the logical structure is currently not imported.

SIGNDOC_Document_addTextRect() now supports complex scripts, but automatic line breaking is not supported for complex scripts.

The text of multiline text fields is now broken into lines to fit the field width. This is not yet implemented for complex scripts. Pass the SIGNDOC_DOCUMENT_SETFIELDFLAGS_DONT_BREAK_LINES flag to disable line breaking for multiline text fields.

The compression level to be used for compression streams with the FlateDecode filter in PDF documents can be set with SIGNDOC_Document_setCompressionLevel(). You can speed up embedding fonts, adding attachments, adding images and other operations by chosing a low compression level.

In particular on Android, you can speed up reading a PDF document by mapping the file into memory, see SIGNDOC_DocumentLoader_setFlags().