I'm making progress on writing a PHP script that uses SAPI to sign PDFs. The example code was quite helpful, but I tried to take advantage of a few other SAPI features and have a few questions:
I tried to get the signature to be timestamped. So essentially I added the following code to the PHP example:
define( 'AR_SAPI_SIG_ENABLE_STS' , 0x100 );
define( 'AR_SAPI_SIG_PDF_REVOCATION' , 0x1000 );
$req->OptionalInputs->Flags =
AR_SAPI_SIG_ENABLE_STS | AR_SAPI_SIG_PDF_REVOCATION;
Unfortunately though, now the code doesn't work. I think I added the flags in the right place. Can anyone shed any light on this? The error that I am getting back is:
result is: urn:oasis:names:tc:dss:1.0:resultmajor:ResponderError
urn:oasis:names:tc:dss:1.0:resultminor:GeneralError
Failed create and sign err 90030373
By definition, a trusted timestamp is a timestamp issued by a trusted third party acting as a Time Stamping Authority (TSA).
CoSign itself provides signing services, not the timestamping service.
If you also interested in a secure timestamp you should configure SAPI to communicate with a TSA server. Since you're using Web Services you have to specify the TSA server hostname or IP address in your code.