API reference#
All operations are static methods on Aniketc068.ATick.Atick. Every method takes raw byte[]
for PDFs and certificates, and an options JSON string where applicable. On any failure a method
throws AtickException — a sealed class extending Exception. The error text is available from
e.Message.
using Aniketc068.ATick;
Signing#
static byte[] SignPfx(byte[] pdf, byte[] pfx, string optionsJson)
Sign pdf with a .pfx/.p12/.pem credential (the format is auto-detected). For a PEM file pass
the password as the empty string "" inside the options. Returns the signed PDF bytes.
pdf — the PDF to sign.
pfx — the credential bytes (
.pfx,.p12, or.pem).optionsJson — the options JSON (see the Options table). Pass the credential password as the
passwordkey; use""for PEM.returns — the signed PDF as
byte[].
using Aniketc068.ATick;
byte[] pdf = File.ReadAllBytes("in.pdf");
byte[] pfx = File.ReadAllBytes("signer.pfx");
string options = """
{
"password": "secret",
"cn": "Aniket Chaturvedi",
"reason": "Approval",
"page": 1,
"rect": [40, 40, 240, 140],
"pades": true,
"timestamp": true,
"tsa_url": "http://timestamp.example/tsa"
}
""";
try
{
byte[] signed = Atick.SignPfx(pdf, pfx, options);
File.WriteAllBytes("signed.pdf", signed);
}
catch (AtickException e)
{
Console.Error.WriteLine("signing failed: " + e.Message);
}
static byte[] SignField(byte[] pdf, byte[] pfx, string optionsJson)
Sign an existing empty signature field. Use the field_name option to select the field. Returns the
signed PDF bytes.
pdf — a PDF containing an empty signature field (see
PrepareFields).pfx — the credential bytes.
optionsJson — must include
field_name; same credential and signing keys asSignPfx.returns — the signed PDF as
byte[].
Deferred / remote-key signing#
These three methods cover the deferred (eSign / HSM / remote-key) flow: prepare the PDF, sign the returned bytes elsewhere, then embed the resulting CMS.
static (byte[] Prepared, byte[] BytesToSign) Prepare(byte[] pdf, string optionsJson)
Step 1 of deferred signing. Adds an empty signature field, the appearance, and the signature container, then returns the exact bytes that must be signed. Returns a value tuple of two elements:
Prepared— the prepared PDF (byte[]).BytesToSign— the bytes to sign (byte[]); hash and sign these with the remote key.pdf — the PDF to prepare.
optionsJson — appearance and signing options (see the Options table).
returns —
(byte[] Prepared, byte[] BytesToSign).
static byte[] CmsPfx(byte[] data, byte[] pfx, string optionsJson)
Produce a detached PKCS#7 / CMS signature over data using a PFX. Useful for producing the CMS that
Embed expects when the signing credential is a local PFX.
data — the bytes to sign (typically
BytesToSignfromPrepare).pfx — the credential bytes.
optionsJson —
password,hash_algo,pades,timestamp,tsa_url,tsa_auth,ltv.returns — the detached CMS as
byte[].
static byte[] Embed(byte[] prepared, byte[] cms)
Embed a detached CMS / PKCS#7 into a prepared PDF. Returns the signed PDF bytes.
prepared — the prepared PDF (
PreparedfromPrepare).cms — the detached CMS (from
CmsPfx, an eSign reply, or an HSM).returns — the signed PDF as
byte[].
using Aniketc068.ATick;
var (prepared, bytesToSign) = Atick.Prepare(pdf, options);
byte[] cms = Atick.CmsPfx(bytesToSign, pfx, "{\"password\":\"secret\"}");
byte[] signed = Atick.Embed(prepared, cms);
Field templates#
static byte[] PrepareFields(byte[] pdf, string optionsJson)
Create an empty signature field as a template: the appearance is drawn, but the signature is left
empty so it can be signed later with SignField. Returns the PDF bytes.
pdf — the PDF to add the field to.
optionsJson — appearance options plus
field_name,page,rect/placements.returns — the PDF with an empty field as
byte[].
Long-term validation & timestamps#
static byte[] AddDocTimestamp(byte[] pdf, string optionsJson)
Add an archive DocTimeStamp (and the DSS validation material) to an already-signed PDF, producing a PAdES-B-LTA document. Returns the timestamped PDF bytes.
pdf — an already-signed PDF.
optionsJson —
tsa_url,tsa_auth,ltv,contents_size.returns — the timestamped PDF as
byte[].
Documents & utilities#
static byte[] SetMetadata(byte[] pdf, string optionsJson)
Set the document information (/Info) metadata on a PDF. Returns the updated PDF bytes.
pdf — the PDF to update.
optionsJson —
title,author,subject,keywords,application,created,modified(see the Metadata options table).returns — the updated PDF as
byte[].
static byte[] Decrypt(byte[] pdf, string password)
Decrypt a password-protected PDF. Returns the plaintext PDF bytes.
pdf — the encrypted PDF.
password — the open (user) password.
returns — the decrypted PDF as
byte[].
static void SetFastSigning(bool on)
Enable or disable the in-memory revocation cache (used to speed up repeated CRL/OCSP lookups).
Passing false disables it.
on —
trueto enable the cache,falseto disable it.
static string Version()
Return the engine version string.
returns — the version as a
string.
Console.WriteLine("ATick " + Atick.Version());
Options JSON#
The optionsJson argument is a JSON object string. All keys are optional unless a method note says
otherwise. Keys are grouped below by purpose.
Identity & appearance text#
Key |
Type |
Meaning |
|---|---|---|
|
string |
Common name shown in the appearance. |
|
string |
Organisation line. |
|
string |
Organisational unit line. |
|
string |
Signing location, also written to the signature. |
|
string |
Reason for signing, also written to the signature. |
|
string |
Free text shown in the appearance. |
|
string |
Date string shown in the appearance. |
|
string |
Full distinguished name line. |
|
string |
Custom-text-only appearance body ( |
|
string |
Heading line above the signature details. |
Verified mark#
Key |
Type |
Meaning |
|---|---|---|
|
bool |
Draw the verified mark. |
|
bool |
Use the “?” verified mark. |
|
bool |
Always draw the verified/checked mark. |
|
string hex / name / |
Colour of the mark. |
|
array of colours |
Gradient fill for the mark. |
|
number |
Scale factor for the mark size. |
Layout & styling#
Key |
Type |
Meaning |
|---|---|---|
|
string hex / name / |
Text colour. |
|
string hex / name / |
Background colour of the appearance. |
|
bool |
Draw a border around the appearance. |
|
number |
Font size of the appearance text. |
|
number |
Appearance width. |
|
number |
Appearance height. |
Placement#
Key |
Type |
Meaning |
|---|---|---|
|
int |
Page number for the signature (1-based). |
|
|
Rectangle of the appearance on |
|
|
Multiple appearance placements (one signature, several pages). |
|
|
Whether placements share one signature ( |
|
string |
Name of the signature field. |
Cryptography & PAdES#
Key |
Type |
Meaning |
|---|---|---|
|
bool |
Produce a PAdES signature. |
|
|
Digest algorithm. |
|
bool |
Add an RFC-3161 signature timestamp. |
|
string |
Timestamp authority URL. |
|
|
Basic-auth credentials for the TSA. |
|
bool |
Add long-term validation material (DSS). |
|
bool |
Add an archive DocTimeStamp (PAdES-B-LTA). |
|
int |
Size of the signature |
Certification & locking#
Key |
Type |
Meaning |
|---|---|---|
|
int |
Certification level: |
|
|
Fields to lock after signing ( |
Verification#
Key |
Type |
Meaning |
|---|---|---|
|
bool |
Verify the certificate before signing. |
|
bool |
Check certificate validity dates. |
|
bool |
Check the CRL. |
|
bool |
Check OCSP. |
Document security#
Key |
Type |
Meaning |
|---|---|---|
|
string |
User/open password for the output PDF. |
|
string |
Password used to encrypt the output PDF. |
|
string |
Owner/permissions password for the output PDF. |
Metadata options#
These keys apply to SetMetadata.
Key |
Type |
Meaning |
|---|---|---|
|
string |
Document title. |
|
string |
Document author. |
|
string |
Document subject. |
|
string |
Document keywords. |
|
string |
Creating/producing application. |
|
string |
Creation date. |
|
string |
Modification date. |
Exceptions#
public sealed class AtickException : Exception
Thrown by every Atick operation on failure — bad password, malformed PDF, network error, invalid
options, and so on. The error text is available from Message.
try
{
byte[] signed = Atick.SignPfx(pdf, pfx, options);
}
catch (AtickException e)
{
Console.Error.WriteLine("ATick error: " + e.Message);
}