1015083: Signature in React PDF Viewer

Author: SF4524LogeshKumar

Document-Processing-toc.html

@@ -1108,6 +1108,14 @@
 											<li><a href="/document-processing/pdf/pdf-viewer/react/forms/import-export-form-fields/import-export-events">Import/Export events</a></li>
 										</ul>
 									</li>
+									<li>Signature
+										<ul>
+											<li><a href="/document-processing/pdf/pdf-viewer/react/forms/signature/add-handwritten-or-electronic-signature">Add Handwritten or Electronic Signature</a></li>
+											<li><a href="/document-processing/pdf/pdf-viewer/react/forms/signature/add-digital-signature-react">Add Digital Signature</a></li>
+											<li><a href="/document-processing/pdf/pdf-viewer/react/forms/signature/customize-signature-appearance">Customize Signature Appearance</a></li>
+											<li><a href="/document-processing/pdf/pdf-viewer/react/forms/signature/validate-digital-signatures">Validate Digital Signature/a></li>
+										</ul>
+									</li>
 									<li><a href="/document-processing/pdf/pdf-viewer/react/forms/custom-data">Add custom data in form fields</a></li>
 									<li><a href="/document-processing/pdf/pdf-viewer/react/forms/group-form-fields">Grouping form fields</a></li>
 									<li><a href="/document-processing/pdf/pdf-viewer/react/forms/form-constrain">Form Field Flags</a></li>

Document-Processing/PDF/PDF-Viewer/javascript-es6/images/style-sign.png

@@ -0,0 +1,98 @@
+---
+layout: post
+title: Add Digital Signature to PDF in React PDF Viewer | Syncfusion
+description: Learn how to add signature fields and apply PKI-based digital signatures using Syncfusion React PDF Viewer and JavaScript PDF Library.
+platform: document-processing
+control: PdfViewer
+documentation: ug
+---
+
+# Add Digital Signature to PDF
+
+This section explains how to **add signature fields** using the Syncfusion **React PDF Viewer** and how to apply **digital (PKI) signatures** using the **JavaScript PDF Library**.
+
+N> As instructed by team leads — use the **React PDF Viewer only to add & place signature fields**. Use the **JavaScript PDF Library** to apply the *actual cryptographic digital signature*.
+
+## Overview (Explanation)
+
+A **digital signature** provides:
+- **Authenticity** – confirms the signer’s identity.
+- **Integrity** – detects modification after signing.
+- **Non‑repudiation** – signer cannot deny signing.
+
+Syncfusion supports a hybrid workflow:
+- Viewer → **[Design signature fields](../manage-form-fields/create-form-fields#signature-field)**, capture Draw/Type/Upload electronic signature.
+- PDF Library → **[Apply PKCS#7/CMS digital signature](https://help.syncfusion.com/document-processing/pdf/pdf-library/javascript/digitalsignature)** using a certificate (PFX/P12).
+
+## Add a Signature Field (How-to)
+
+### Using the UI
+1. Open **Form Designer**.
+2. Select **Signature Field**.
+3. Click on the document to place the field.
+4. Configure Name, Tooltip, Required, etc.
+
+![Signature annotation toolbar](../../../javascript-es6/images/add_sign.png)
+
+### Using the API
+```tsx
+viewerRef.current?.formDesignerModule.addFormField('SignatureField', {
+  name: 'ApproverSignature',
+  pageNumber: 1,
+  bounds: { X: 72, Y: 640, Width: 220, Height: 48 },
+  isRequired: true,
+  tooltip: 'Sign here'
+});
+```
+
+## Capture Electronic Signature (Draw / Type / Upload)
+Users click the field → dialog appears → they can **Draw**, **Type**, or **Upload** a handwritten signature.
+
+This creates a *visual* signature only (not cryptographically secure).
+
+## Apply PKI Digital Signature (JavaScript PDF Library)
+
+Digital signature must be applied using **@syncfusion/ej2-pdf**.
+
+```ts
+import { PdfDocument, PdfSignature, PdfSignatureField, CryptographicStandard, DigestAlgorithm } from '@syncfusion/ej2-pdf';
+
+const document = new PdfDocument(pdfBytes);
+const page = document.getPage(0);
+
+let field = new PdfSignatureField(page, 'ApproverSignature', {
+  x: 72,
+  y: 640,
+  width: 220,
+  height: 48
+});
+document.form.add(field);
+
+const signature = PdfSignature.create(
+  {
+    cryptographicStandard: CryptographicStandard.cms,
+    digestAlgorithm: DigestAlgorithm.sha256
+  },
+  pfxBytes,
+  password
+);
+
+field.setSignature(signature);
+const signedBytes = await document.save();
+document.destroy();
+```
+
+## Important Notes
+- **Do all form edits first. Sign last.** Any PDF modification *after signing* invalidates the signature.
+- Self‑signed PFX will show **Unknown / Untrusted** until added to Trusted Certificates.
+
+## Best Practices
+- Place signature fields via Viewer for accurate layout.
+- Apply PKI signature using PDF Library only.
+- Use CMS + SHA‑256 for compatibility.
+- Avoid flattening **after** signing.
+
+## See Also
+- Add Handwritten or Electronic Signature
+- Validate Digital Signatures
+- Customize Signature Appearance

Document-Processing/PDF/PDF-Viewer/react/forms/signature/add-digital-signature-react.md

@@ -0,0 +1,137 @@
+---
+layout: post
+title: Customize Signature Appearance in React PDF Viewer | Syncfusion
+description: Learn how to customize handwritten, typed, image-based, and digital signature appearances using Signature annotations, Signature fields, and the JavaScript PDF Library.
+platform: document-processing
+control: PdfViewer
+documentation: ug
+---
+
+# Customize Signature Appearance
+
+This section explains how to customize the **visual appearance of signatures** in the Syncfusion **React PDF Viewer**, including:
+- Handwritten/electronic **Signature annotations** (Draw / Type / Upload)
+- **Signature field** appearance (fonts, tooltips)
+- **Digital signature** visual appearance (image/text via PDF Library)
+
+N> This page complements: **[Add Handwritten or Electronic Signature](./add-handwritten-or-electronic-signature)**, **[Add Digital Signature](./add-digital-signature-react)**, and **[Validate Digital Signatures](./validate-digital-signatures)**.
+
+## Overview (Explanation)
+
+The React PDF Viewer offers two signature mechanisms:
+- **Signature annotation** → free‑placed electronic signature with customizable UI appearance.
+- **Signature field** → guided signing area inside forms; can use fonts, tooltips, and properties.
+- **Digital signature appearance** → applied using **[JavaScript PDF Library](https://help.syncfusion.com/document-processing/pdf/pdf-library/javascript/digitalsignature)** when generating visual PKI signature content.
+
+Each supports different appearance customization levels.
+
+## Customize Signature Annotation (How‑to)
+
+Electronic (Draw/Type/Upload) signatures added through Annotation toolbar are fully customizable.
+
+### Customize from UI
+Users can modify appearance through the built‑in annotation settings:
+- Stroke color
+- Line thickness
+- Opacity
+- Resizing and repositioning
+- Replace signature image (Upload)
+
+![Signature Annotation UI](../../../javascript-es6/images/style-sign.png)
+
+### Customize via API
+```tsx
+viewerRef.current.annotationModule.updateAnnotationProperties({
+  opacity: 0.85,
+  strokeColor: '#2C3E50',
+  thickness: 2
+});
+```
+
+## Customize Signature Field Appearance (Forms)
+
+Signature fields have different customization rules. They do **not** support stroke/opacity settings like annotations.
+
+### Supported customizations
+- Tooltip text
+- Name / Identifier
+- Required field highlight
+- Bounding box dimensions
+- **Custom font** for typed signature appearance
+
+![Signature Field](../../../javascript-es6/images/ui-signature.png)
+
+### Example: Adding a signature field with properties
+```tsx
+viewerRef.current?.formDesignerModule.addFormField('SignatureField', {
+  name: 'ClientSignature',
+  pageNumber: 1,
+  bounds: { X: 120, Y: 620, Width: 200, Height: 48 },
+  tooltip: 'Please sign here',
+  isRequired: true
+});
+```
+
+### Custom font for Signature Field (How‑to)
+Signature fields can use a custom font by embedding it inside the PDF.
+
+See: **[Custom fonts for Signature and Initial fields](../../how-to/custom-font-signature-field)**.
+
+## Customize Digital Signature Appearance (PDF Library)
+
+When applying a PKI digital signature, you can generate a **visible signature appearance**.
+
+### Example: Creating custom visible appearance
+```ts
+import {
+  PdfDocument,
+  PdfGraphics,
+  PdfBitmap,
+  PdfSignature,
+  PdfSignatureField,
+  CryptographicStandard,
+  DigestAlgorithm
+} from '@syncfusion/ej2-pdf';
+
+const doc = new PdfDocument(pdfBytes);
+const page = doc.getPage(0);
+
+const field = new PdfSignatureField(page, 'Signer1', { x: 72, y: 640, width: 220, height: 60 });
+doc.form.add(field);
+
+// Create graphics for appearance
+tconst g = field.appearance.graphics;
+g.drawString('Digitally Signed by User1', new PdfStandardFont(12), 0, 0);
+// Optional: Add an image/seal
+g.drawImage(new PdfBitmap(sealBytes), 120, 0, 40, 40);
+
+const sig = PdfSignature.create(
+  { cryptographicStandard: CryptographicStandard.cms, digestAlgorithm: DigestAlgorithm.sha256 },
+  pfxBytes,
+  password
+);
+
+field.setSignature(sig);
+const finalBytes = await doc.save();
+doc.destroy();
+```
+
+### What you can customize in digital signature appearance
+- Text (signer name, date, labels)
+- Font / style
+- Images (company logo / seal)
+- Appearance bounding box
+- Visible vs invisible signature
+
+## Best Practices
+- Use consistent branding colors in handwritten signatures.
+- Prefer **Signature fields** when you need standardized appearance.
+- Keep annotation opacity above **0.7** for readability.
+- For legally binding workflows, use **PDF Library** appearance settings.
+- Avoid modifying a PDF **after** applying a digital signature.
+
+## See Also
+- [Add Handwritten or Electronic Signature](./add-handwritten-or-electronic-signature)
+- [Add Digital Signature](./add-digital-signature-react)
+- [Validate Digital Signatures](./validate-digital-signatures)
+- [Custom fonts for Signature fields](../../how-to/custom-font-signature-field)

Document-Processing/PDF/PDF-Viewer/react/forms/signature/add-handwritten-or-electronic-signature.md

@@ -0,0 +1,137 @@
+---
+layout: post
+title: Validate Digital Signatures in React PDF Viewer | Syncfusion
+description: Learn how to validate digital signatures applied to PDF forms using the Syncfusion JavaScript PDF Library with the React PDF Viewer. Covers integrity, certificate trust, timestamp, and revocation checks.
+platform: document-processing
+control: PdfViewer
+documentation: ug
+---
+
+# Validate Digital Signatures
+
+This guide explains **how to validate digital signatures** on PDFs when using the **Syncfusion React PDF Viewer** together with the **JavaScript PDF Library**. It clarifies what the Viewer does (display fields and signature appearances) and what the **PDF Library** does (perform **cryptographic validation** and produce validation results).
+
+N> **Important:** The React PDF Viewer renders signature fields and their visual appearances, but **cryptographic validation is performed by the JavaScript PDF Library**. Use the library to check integrity, certificate trust, and timestamp status, and surface the result in your UI. 
+
+## Overview (Explanation)
+
+A **digital signature** is a cryptographic proof embedded in the PDF that allows verifiers to confirm:
+
+- **Document integrity** – The PDF has not changed since it was signed.
+- **Signer identity & trust** – The signer’s certificate chains to a trusted authority or is trusted locally.
+- **Timestamp validity** – (If present) the signature was time‑stamped by a trusted TSA at signing time.
+- **Revocation status** – Whether the signer’s certificate was revoked at or after signing (OCSP/CRL).
+
+In Syncfusion, you typically **[design the signature field in the Viewer](../../forms/manage-form-fields/create-form-fields#signature-field)** and then **[apply and validate the digital signature using the PDF Library]()**.
+
+## How validation fits in the Viewer flow (Concept)
+
+1. Load and interact with the PDF in **React PDF Viewer** (place fields, fill forms). 
+2. Use **JavaScript PDF Library** to **open the PDF bytes** and **validate the signature**.
+3. Display the validation outcome (valid/invalid/unknown) in your React UI (badge, toast, side panel).
+
+![Validation status badge in toolbar](../forms/images/signature-validation-badge.png)
+
+## How‑to: Validate a digital signature (Client‑side)
+
+The example below shows how to load the PDF bytes yourself, open with the **PDF Library**, and validate each signature field. You can call this when the document is loaded or on demand (e.g., a **Validate** button).
+
+```ts
+// Assumes you already have the PDF bytes (e.g., fetched via fetch(...).arrayBuffer())
+import {
+  PdfDocument,
+  // The validation API is available on the signature/field instance
+} from '@syncfusion/ej2-pdf';
+
+async function validateSignatures(pdfBytes: ArrayBuffer) {
+  const doc = new PdfDocument(pdfBytes);
+
+  const results: Array<{
+    fieldName: string;
+    isIntact: boolean;      // document integrity
+    isTrusted: boolean;     // certificate trust (based on local trust)
+    isTimestampValid?: boolean;
+    message: string;
+  }> = [];
+
+  // Iterate form fields and locate signature fields
+  if (doc.form && doc.form.fields && doc.form.fields.length) {
+    for (const f of doc.form.fields as any[]) {
+      if (f && f.type === 'SignatureField') {
+        const sigField = f; // PdfSignatureField
+
+        // Validate the signature on this field. Depending on your build, this may
+        // expose a method like validate() or properties describing status flags.
+        // Pseudocode below: adapt to your actual API surface.
+        const vr = await sigField.validate();
+        // vr may include: isDocumentIntact, isCertificateTrusted, isTimestampValid, messages, etc.
+
+        results.push({
+          fieldName: sigField.name,
+          isIntact: !!vr?.isDocumentIntact,
+          isTrusted: !!vr?.isCertificateTrusted,
+          isTimestampValid: vr?.isTimestampValid,
+          message: vr?.message || ''
+        });
+      }
+    }
+  }
+
+  doc.destroy();
+  return results;
+}
+```
+
+N> If your current build doesn’t expose a promise‑based `validate()` on the field, consult the PDF Library’s digital signature API in your version and map the available properties/methods to the same **intact / trusted / timestamp** status for display.
+
+### Displaying results in React (example snippet)
+
+```tsx
+const [validation, setValidation] = useState(null);
+
+async function onValidateClick() {
+  const bytes = await fetch('/path/to/signed.pdf').then(r => r.arrayBuffer());
+  const r = await validateSignatures(bytes);
+  setValidation(r);
+}
+```
+
+Render a simple table or badge:
+
+```tsx
+{validation && (
+  <div className="sig-validation">
+    {validation.map(v => (
+      <div key={v.fieldName} className="chip">
+        <strong>{v.fieldName}:</strong>
+        {v.isIntact && v.isTrusted ? ' Valid' : ' Invalid/Unknown'}
+      </div>
+    ))}
+  </div>
+)}
+```
+
+## Interpreting validation outcomes (Reference)
+
+- **Valid** – Integrity OK **and** certificate is trusted. (Timestamp valid if present.) 
+- **Invalid** – Bytes changed after signing **or** signature object malformed.
+- **Unknown/Not Trusted** – Integrity OK but signer certificate is not trusted locally (common with **self‑signed PFX** used for demos). Import the signer certificate into the trusted store to see a *Valid* badge.
+
+## Best practices (Explanation)
+
+- **Single‑save rule:** Do **all edits first**, then **sign**, and **do not modify** the PDF after signing; modifying bytes after signing will invalidate the signature.
+- **Establish trust:** For demos, a self‑signed PFX will appear *Unknown*. For production, use a certificate that chains to a trusted CA or import the signer/issuer to the verifier’s trust store.
+- **Prefer timestamping (TSA):** A trusted timestamp improves long‑term validation even if the signer’s cert later expires or is revoked.
+- **Surface status in UI:** Show a clear badge (Valid/Invalid/Unknown) near the signature field or toolbar, and offer a *View details* panel with integrity, trust, and timestamp info. 
+
+## Troubleshooting
+
+- **Signature shows Invalid** – Check whether the PDF was modified **after** signing (e.g., second save/flatten). Re‑sign as the last step.
+- **Unknown signer** – You are using a **self‑signed** PFX. Import the certificate into the validator’s trust store or use a CA‑issued certificate.
+- **Algorithm unsupported** – Use CMS/PKCS#7 with SHA‑256 (avoid SHA‑1).
+- **No revocation info** – Ensure OCSP/CRL endpoints are reachable by the validator or embed revocation data if supported.
+
+## See also
+- [Add Digital Signature](/document-processing/pdf/pdf-viewer/react/forms/signature/add-digital-signature)
+- [Add Handwritten or Electronic Signature](/document-processing/pdf/pdf-viewer/react/forms/signature/add-electronic-signature)
+- [Customize Signature Appearance](./customize-signature-appearance)