79772370

Date: 2025-09-23 08:29:32
Score: 0.5
Natty:
Report link

I finally found the way using chilkat2, thanks to some now deleted comment that pointed me to this example code.

Apparently, chilkat can use whatever .dll you choose to manage card readers and make operations with them, such as listing certificates and even using them. Also has its own pdf signing module. Really powerful.

Anyways, this is the code I ended up using:

# Standard libraries        
import sys

# Third-party
import tkinter as tk
import customtkinter as ctk
import chilkat2

'''
PDF Digital signature process
'''
# Dialog asking for PIN
root = tk.Tk()
root.withdraw()
dialog = ctk.CTkInputDialog(title="pin", text="Introduce el PIN de tu tarjeta:")
pin = dialog.get_input()
root.destroy()

# Initialize chilkat2 pkcs11 from Nexus Personal's dll
pkcs11 = chilkat2.Pkcs11()
pkcs11.SharedLibPath = r"C:\Program Files (x86)\Personal\bin64\personal64.dll"
success = pkcs11.Initialize()
if not success:
    print(pkcs11.LastErrorText)
    sys.exit()

userType = 1  # Normal User

slotId = 0 # This is arbitrary and pin-pointed by me
readWrite = True
success = pkcs11.OpenSession(slotId, readWrite)
if not success:
    print(pkcs11.LastErrorText)
    sys.exit()

# Login
success = pkcs11.Login(userType, pin)
if not success:
    print(pkcs11.LastErrorText)
    pkcs11.CloseSession()
    sys.exit()

# Get the certificate (on the smart card) that has a private key.
cert = chilkat2.Cert()
success = pkcs11.FindCert("privateKey","",cert)
if (success == True):
    print("Cert with private key: " + cert.SubjectCN)
else:
    print("No certificates having a private key were found.")
    success = pkcs11.CloseSession()
    sys.exit()

pdf = chilkat2.Pdf()

# Load the PDF to be signed.
success = pdf.LoadFile(r"template.pdf")
if (success == False):
    print(pdf.LastErrorText)
    success = pkcs11.CloseSession()
    sys.exit()

json = chilkat2.JsonObject()

json.UpdateInt("page",1)
json.UpdateString("appearance.y","bottom")
json.UpdateString("appearance.x","right")
json.UpdateString("appearance.fontScale","10.0")
json.UpdateString("signingAlgorithm","pss")
json.UpdateString("hashAlgorithm","sha256")

i = 0
json.I = i
json.UpdateString("appearance.text[i]",f"Firmado digitalmente por: {cert.SubjectCN}")
i = i + 1
json.I = i
json.UpdateString("appearance.text[i]","current_dt")

# The certificate is internally linked to the Pkcs11 object, which is currently in an authenticated session.
success = pdf.SetSigningCert(cert)

success = pdf.SignPdf(json,r"template_signed.pdf")
if (success == False):
    print(pdf.LastErrorText)
    success = pkcs11.CloseSession()
    sys.exit()

# Revert to an unauthenticated session by calling Logout.
success = pkcs11.Logout()
if (success == False):
    print(pkcs11.LastErrorText)
    success = pkcs11.CloseSession()
    sys.exit()

# When finished, close the session.
success = pkcs11.CloseSession()
if (success == False):
    print(pkcs11.LastErrorText)
    sys.exit()

print("Success signing.")
Reasons:
  • Blacklisted phrase (0.5): thanks
  • Long answer (-1):
  • Has code block (-0.5):
  • Self-answer (0.5):
  • Low reputation (1):
Posted by: Javiooli