With WebCrypto API evolving and being supported by Chrome and Firefox, I would like to use it for digitally signing a PDF document. There is not much of literature around, but I found some examples [1] and a library called PKI.js [2]. In the examples, the signing process is described, but in the end, a signature is returned. I would expect my Base64 PDF file returned again in a signed Base64 string, but sadly, this is not what happens. PKI.js too, to my knowledge, does not provide a way to sign my Base64 PDF.
Is there a way to sign a PDF with JavaScript and the WebCrypto API only? The private key can be entered in a <textarea>
or, even better, stored in the certificate settings of the browser.
Base64 PDF (from REST API) → Sign with JS & certificate → Signed Base64 PDF (send to REST)
It is technically possible to do this, in-fact it is one of the scenarios we had in mind when we made PKIjs (which is why there is this sample) - https://pkijs.org/examples/PDFexample.html
That said to do signing requires working with the PDF structure itself, which either requires a custom parser or modifications to an existing one (pdfjs for example).
Long story short, signing a PDF in browser will take a lot of work, it is something we are working on though.