Skip to content

Refactor Core API to Fluent Model & Functionality Extension#126

Open
vanbroup wants to merge 32 commits intomainfrom
refactor
Open

Refactor Core API to Fluent Model & Functionality Extension#126
vanbroup wants to merge 32 commits intomainfrom
refactor

Conversation

@vanbroup
Copy link
Member

@vanbroup vanbroup commented Jan 17, 2026

This Pull Request represents a comprehensive overhaul of the pdfsign library. It introduces a major API refactoring to a modern Fluent API model and significantly extends functionality across the board.

We have moved away from the legacy functional options pattern to improve developer experience and added robust support for new capabilities like advanced appearance customization, form handling, and comprehensive external signer integrations.

Key Changes

1. Fluent API Model

We have replaced the legacy SignWithOptions and VerifyWithOptions patterns with a chainable builder interface.

Before (Legacy):

options := pdfsign.SignOptions{
    Signature: pdfsign.SignData{
        SignatureType: pdfsign.DocTimeStamp,
    },
    Signer: signer,
}
err := pdfsign.SignFile("input.pdf", "output.pdf", options)

After (New Fluent API):

err := pdfsign.OpenFile("input.pdf").
    Sign().
    SetType(pdfsign.DocTimeStamp).
    SetSigner(signer).
    WriteToFile("output.pdf")

2. Extended Functionality

We have significantly expanded the library's capabilities:

  • Advanced Appearance: Added support for custom fonts, vector graphics (shapes, lines), PDF objects (embedding pages), and initials.
  • Forms: Implemented comprehensive support for reading and filling PDF form fields.
  • Verification Logic: Stricter and more robust PDF signature verification.

3. External Signer Integrations

Added distinct modules providing implementations for major remote signing services. These serve as production-ready examples of how to integrate external KMS providers without bloating the core library.

  • AWS KMS: signers/aws
  • Google Cloud KMS: signers/gcp
  • Azure Key Vault: signers/azure
  • CSC (Cloud Signature Consortium): signers/csc
  • PKCS#11: signers/pkcs11

4. Code Quality & Testing

  • Unit Tests: Comprehensive *_test.go coverage added for all packages.
  • Fixtures: Standardized test PDFs and assets in testfiles/.
  • Linting: Resolved errcheck, govet, and staticcheck issues; strict linting enforced.

Breaking Changes

  • The pdfsign.Sign() and pdfsign.Verify() top-level functions are deprecated and will be removed in a future release. Please migrate to pdfsign.Open().Sign() and pdfsign.Open().Verify() immediately.
  • Top-level types have been reorganized; check types.go for new definitions.

Verification

  • Run go test ./... to execute the new test suite.
  • Run scripts/verify_pdfs.sh to validate generated signatures against DSS (if configured).

vanbroup added 30 commits January 17, 2026 11:07
@vanbroup
feat: core refactoring and new features
64fb638 
- Added appearance, document, execute, extract, fonts, forms, images, initials, resources, types, and verify core files.
- Included internal implementations.
@vanbroup
feat: logic improvements
436eb0a 
- Enhanced signing and verification logic (PDFxref, trailer, catalog, etc.).
- Improved certificate and key usage handling in verify package.
@vanbroup
feat: external signer integrations
50d5b2f 
- Added AWS KMS, Azure Key Vault, Google Cloud KMS, and CSC signer implementations.
- Included PKCS#11 signer support.
@vanbroup
chore: scripts
d6964d6 
- Added setup-dss.sh and verify_pdfs.sh utility scripts.
@vanbroup
feat: cli and config updates
e892b46 
- Updated CLI source files (sign.go, verify.go) to integrate new core logic.
- Updated go.mod/go.sum dependencies.
- Updated CI workflow and README.
@vanbroup
chore: cleanups and revocations
8ec4431 
- Updated revocation package.
- Deleted legacy sign.go.
- Removed unused test resources.
@vanbroup
feat: signer modules
3ad628d 
- Added go.mod and go.sum for modular signer packages (AWS, Azure, GCP, CSC, PKCS#11).
@vanbroup
test: unit tests and fixtures
6365670 
- Added comprehensive unit tests for all packages (core, signers, verify).
- Included test fixtures in testfiles/ directory.
- Updated existing tests to align with refactoring.
@vanbroup
fix: remove .DS_Store and update .gitignore
5ee488e
@vanbroup
fix: lint issues
12041dc 
- Fixed unchecked errors in renderer.go (errcheck).
- Fixed unkeyed struct literals in appearance.go (govet).
- Fixed empty branch in verify.go (staticcheck).
- Verified with golangci-lint run (0 issues).
@vanbroup
fix(tests): add missing testfiles/images/digitorus-icon.pdf for TestI…
6ef92b8 
…ntegration
@vanbroup
fix(verify): resolve message digest mismatches and enforce strict ver…
13bc706 
…ification

- Update VerifySignature to correctly handle DocTimeStamp (ETSI.RFC3161) by parsing TSTInfo from raw bytes and verifying against the PDF byte range without overwriting content.

- Enforce strict signature validation in sign_test.go (failure on invalid signatures).

- Update sign tests to use SHA-512 explicitly to improve stability.

- Exclude testfile_multi.pdf from sign tests as it contains legacy SHA-1 signatures that are no longer valid.
@vanbroup
test(sign): add dedicated test for appending to multi-signature file
00e5804 
- Restore test coverage for testfile_multi.pdf by adding TestSignPDF_AppendToMultiSig.

- Validates that signing works on files with existing signatures (some of which may use older algorithms), checking only the validity of the newly appended signature.
@vanbroup
fix(verify): ensure verification constraints are enforced and tested
3bfd345 
- Propagate AtTime logic to certificate verification.
- Ensure VerifyResult.Valid is set to false if constraint checks fail.
- Add tests for VerifyOptions (MinRSAKeySize, AllowedAlgorithms).
@vanbroup
fix: rename CurrentTime to AtTime and resolve lint errors
400381a 
- Renamed VerifyOptions.CurrentTime to AtTime for consistency.
- Resolved errcheck and staticcheck lint errors in tests.
@vanbroup
fix(ci): update VeraPDF URL and make DSS validation non-blocking
9bf1839 
- Updated VeraPDF download URL to 1.28.2 (official release) as GitHub latest asset is missing.
- Allowed DSS Validation to fail without breaking the build (missing Maven artifact).
@vanbroup
fix(test): exclude testfile30.pdf from tests due to malformed CRLs
681e28d
@vanbroup
fix(ci): temporarily disable corpus-test job due to installer changes
7ab88c4
@vanbroup
fix(ci): update VeraPDF installation logic for installer zip
91ecbd9 
- Update URL to 1.28.2 (official release) via HTTP.
- Implement headless installation using auto-install.xml.
- Re-enable Corpus Security Test.
@vanbroup
refactor: consistently use atTime for verification and update CI desc…
e0641b2 
…riptions
@vanbroup
fix(ci): use absolute path for verapdf auto-install.xml
cf2168e
@vanbroup
fix(ci): use setup-dss.sh for robust DSS setup and fix verapdf pathing
02dbf43
@vanbroup
fix(ci): robust VeraPDF installation and optimized DSS startup
36d50b1
@vanbroup
Refactor verification API to idiomatic Go errors and restructure tests
9b30ad1 
- Refactor VerifySignature to return structured errors
- Introduce verify/errors.go for custom error types
- Update Signer struct to hold ValidationErrors
- Isolate legacy test files in testfiles/compatibility
- Update Tests to use errors.As for robust error checking
- Fix test file cleanup race condition
@vanbroup
Fix empty PDF output in verbose tests by preventing copyFile self-cop…
13c29f0 
…y truncation
@vanbroup
Revert copyFile to os.Rename and fix multi-stage tests
7092a24 
- Revert verifySignedFile to use os.Rename
- Introduce verifyIntermediateFile for non-final test steps
- Silence os.Remove errors in test cleanups
- Remove copyFile helper function
@vanbroup
Fix DSS service startup hang in GHA
33a2932 
- Add curl timeouts to setup-dss.sh health check
- Check for container termination inside the wait loop
- Optimize Dockerfile.dss to use java -jar instead of mvn spring-boot:run
@vanbroup
Enhance DSS startup observability in GHA
ddaafbc 
- Tail container logs periodically during wait loop
- Verify port mapping status during health check
- Ensure container is still running throughout the loop
@vanbroup
Revert Dockerfile.dss to use original mvn spring-boot:run command
e04eb04
@vanbroup
Remove redundant v2 DSS health check endpoint
3303b8f
@vanbroup
Robustness: improve DSS health check to accept app-level errors as 'r…
545da56 
…eady' signal
@vanbroup
Fix DSS script error and correct test name in CI
c24c262 
- Restore COUNT initialization in setup-dss.sh
- Update go.yml to use correct test name TestValidateDSSValidation
@vanbroup vanbroup mentioned this pull request Jan 29, 2026
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@vanbroup

Comments