py-pdf
diff --git a/‎.idea/.gitignore
+8 b/‎.idea/.gitignore
+8
diff --git a/‎.idea/inspectionProfiles/profiles_settings.xml
+6 b/‎.idea/inspectionProfiles/profiles_settings.xml
+6
diff --git a/‎.idea/misc.xml
+7 b/‎.idea/misc.xml
+7
diff --git a/‎.idea/modules.xml
+8 b/‎.idea/modules.xml
+8
diff --git a/‎.idea/pdfly.iml
+15 b/‎.idea/pdfly.iml
+15
diff --git a/‎.idea/vcs.xml
+6 b/‎.idea/vcs.xml
+6
diff --git a/‎certificate.pem
+22 b/‎certificate.pem
+22
diff --git a/‎certs.p12
2.61 KB b/‎certs.p12
2.61 KB
diff --git a/‎pdfly/cli.py
+25-1 b/‎pdfly/cli.py
+25-1
diff --git a/‎pdfly/sign.py
+42 b/‎pdfly/sign.py
+42
diff --git a/‎private_key.pem
+28 b/‎private_key.pem
+28
@@ -0,0 +1,22 @@
+-----BEGIN CERTIFICATE-----
+MIIDkTCCAnmgAwIBAgIUO1Cg7xxTUTSBR83IYBVJNU14E/owDQYJKoZIhvcNAQEL
+BQAwWDELMAkGA1UEBhMCQ04xEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM
+GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDERMA8GA1UEAwwIY3l5LTIwMjQwHhcN
+MjQxMTA5MTExMDQ1WhcNMjUxMTA5MTExMDQ1WjBYMQswCQYDVQQGEwJDTjETMBEG
+A1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0cyBQdHkg
+THRkMREwDwYDVQQDDAhjeXktMjAyNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
+AQoCggEBAMY14YDUyJe+Jpm+uuW/652NFubm0kkk516bn46u8Jkp//RDFLY3uB7D
+8FaQqJMP0DZ0q2uqw8/oaplhKR/hURSj/emp8iq5xweU9IfHzqKPpYH0Xqn6Hx2l
+wqCXtwTkkhL71ZFSs6aleJR+P5zvo0HasHy8A95XQrE1gA8SWSd36WBUUl9l0nA4
+EOToC5pYOm4IzxLNXdsL/AuSjXRkfLb+DqeqPEYEdYdyWl1DpzCbM8wvf610z1bS
+TwDLHURjpp5r73dnGh9AQPCwVf2UxUjWrB91YRdy4EH48wIv8O0lNqt7GGHBgJNu
+IwXYyPMjem6NZ9+JjwOFbW0Li9qgUqsCAwEAAaNTMFEwHQYDVR0OBBYEFO1BOvKs
+vRFCS3x4W3vbJ6JnwQViMB8GA1UdIwQYMBaAFO1BOvKsvRFCS3x4W3vbJ6JnwQVi
+MA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAA+zcd5VS0vnJD1I
+I8t/ZxqNT+p0lx8OIIYvbbSYuqMgS5kV5cufKJbrg8wNdOj0f27D2CLRIjS6Xb8y
++huYH1A3jvjisNF2yRs7JOVW1/wMNflHXxvqN2PzAFprzpTVVjQDgO4/mN8mQVoG
+2d1O1FHHPPMnN+BwWiMr5DEAx8olmRAZYevmfWDiCWuFBolVWBDNtiODqeNcGPg6
+qa+5V/HXm99dzalzHED8JX5rG3tJOY0+KqnpT+odc9Fv+C5i1OkLt31j55dDRpH5
+J+z8cXlvaWkbsqSGuqzCmU15DoErWaonBR7JIlqomY17M9AUM8bf+dYC3mpLyFM7
+fINsxOc=
+-----END CERTIFICATE-----
@@ -5,7 +5,7 @@
 """
 
 from pathlib import Path
-from typing import List
+from typing import List, Optional
 
 import typer
 from typing_extensions import Annotated
@@ -19,6 +19,7 @@
 import pdfly.up2
 import pdfly.update_offsets
 import pdfly.x2pdf
+import pdfly.sign  # 导入 sign 模块
 
 
 def version_callback(value: bool) -> None:
@@ -37,6 +38,29 @@ def version_callback(value: bool) -> None:
     ),
     rich_markup_mode="rich",  # Allows to pretty-print commands documentation
 )
+@entry_point.command(name="sign", help="Sign a PDF file using a PKCS12 (.p12) certificate.")
+def sign(
+    input_pdf: Path = typer.Argument(..., help="Input PDF file."),
+    output_pdf: Path = typer.Option(..., "--output", "-o", help="Output signed PDF."),
+    p12: Optional[Path] = typer.Option(None, "--p12", help="PKCS12 certificate file."),
+    password: Optional[str] = typer.Option(None, "--password", help="Password for the certificate."),
+) -> None:
+    """
+    Sign a PDF file using a PKCS12 (.p12) certificate.
+    """
+    print(f"input_pdf: {input_pdf}")
+    print(f"output_pdf: {output_pdf}")
+    print(f"p12: {p12}")
+    print(f"password: {password}")
+
+    # Ensure that the PKCS12 certificate file exists
+    if not p12 or not p12.exists():
+        typer.echo("Error: Please provide a valid PKCS12 (.p12) certificate file using --p12.")
+        raise typer.Exit(1)
+
+    # Call the signing function in the sign module, using the .p12 certificate for signing
+    pdfly.sign.sign_pdf_with_p12(input_pdf, output_pdf, p12, password)
+    typer.echo(f"Successfully signed PDF saved at {output_pdf}")
 
 
 @entry_point.callback()  # type: ignore[misc]
 
@@ -0,0 +1,42 @@
+"""Sign a PDF file with a PKCS#12 certificate, retaining original formatting and adding a signature page."""
+
+from pathlib import Path
+from fpdf import FPDF
+import fitz  # PyMuPDF for precise page content extraction
+
+def sign_pdf_with_p12(input_pdf: Path, output_pdf: Path, p12_path: Path, password: str) -> None:
+    """
+    Load the original PDF content, retain its layout, add a signature page, and digitally sign the PDF.
+
+    Parameters:
+    - input_pdf: Path to the PDF file to be signed.
+    - output_pdf: Path where the signed PDF file will be saved.
+    - p12_path: Path to the PKCS#12 certificate file (.p12).
+    - password: Password for the PKCS#12 certificate.
+    """
+
+    # Step 1: Create a new FPDF object
+    pdf = FPDF()
+
+    # Step 2: Copy each page's content from the original PDF while retaining layout
+    doc = fitz.open(input_pdf)
+    for page_num in range(doc.page_count):
+        page = doc[page_num]
+        rect = page.rect
+        pdf.add_page(orientation="P" if rect.width < rect.height else "L")
+        pdf.set_auto_page_break(False)
+        text = page.get_text("text")
+        pdf.set_xy(0, 0)
+        pdf.set_font("Arial", size=12)
+        pdf.multi_cell(0, 10, txt=text)
+
+    # Step 3: Add a signature page
+    pdf.add_page()
+    pdf.set_xy(10, 10)
+    pdf.set_font("Arial", size=12)
+    pdf.cell(200, 10, txt="This document is signed with PKCS#12.", ln=True)
+
+    # Step 4: Digitally sign the PDF
+    pdf.sign_pkcs12(str(p12_path), password=password.encode("utf-8"))
+    pdf.output(str(output_pdf))
+
@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDGNeGA1MiXviaZ
+vrrlv+udjRbm5tJJJOdem5+OrvCZKf/0QxS2N7gew/BWkKiTD9A2dKtrqsPP6GqZ
+YSkf4VEUo/3pqfIquccHlPSHx86ij6WB9F6p+h8dpcKgl7cE5JIS+9WRUrOmpXiU
+fj+c76NB2rB8vAPeV0KxNYAPElknd+lgVFJfZdJwOBDk6AuaWDpuCM8SzV3bC/wL
+ko10ZHy2/g6nqjxGBHWHclpdQ6cwmzPML3+tdM9W0k8Ayx1EY6aea+93ZxofQEDw
+sFX9lMVI1qwfdWEXcuBB+PMCL/DtJTarexhhwYCTbiMF2MjzI3pujWffiY8DhW1t
+C4vaoFKrAgMBAAECggEAVvQDOf/fAga2q2LrXegMhqEDJ4eiP9lTMQNng3JGdYLh
+2PfmqauW99QwZuFuOpnI12LmYsTWwyosPZ5MqsIvTjVFKlFWPh0i7bYQclKa2WDY
+FEMuljX2mYyC7e2wqhJV7MMS5X5Y9qYH2GjsIj5Uqgq0uvvGXK9+P/x+8d20Q+YG
+QqH3ERshgTBlG2G8mNGjxamvQ6V9g7l3mbP8DJ8Ty5WVc6GOfyxgIAnE5Q/IVekI
+bzIsUYLyLkYeNGUGK+IoXwy2Q/QY8sTwwoV+1DtURZG/26a0CRCPjJStX/g0kFG7
+K9ViDz44PhXvcyVfjVQXHaso4rQzE0HyoSC2T7hjzQKBgQDzDPTXPy7FnvTwPyfN
+txyc0qbaF4uDMHWfA4lRsRh6yAZjuWDcPUKzpsQr5nDlNCpOvSgp8dLyNUtyQPdu
+puynVwXn0tFu2yzlcezDNrOQpO0MHvDQytd1EZ7iNjm0xwBd1wb/HRL3Gr9aSRU/
+wqouQImCRT5jZHk5gjfvSQ2JZQKBgQDQxVXyfqxkmwA+2RgKrv6LoZNt5uQeSGs1
+9nVb+QzmWxHj5d4dNMjnnUkWnaO3wyp7VlGxlR6J4RbFpbRTTIlAwixb6kiPQAQr
+yW6nx6O9bWoPSr4dQA9r6KqmIdC8EiR6QOEfYmSA0p4zIyVTDfSYLLsGRNpKGchp
+Z3N7gy6yzwKBgGF7+uAymWHuRbPuwNpD7ZgA7adf9jciQqsK0hMQAw+MFvP8sJrl
+f1FrPBeXkAR+jdGTEP7x3XgEZERpRlT9YsIjp1y6NAJQqotEzH/n+tGzNNi9uD0m
+fpCYBrAYq8CUaNM6obXFRYwTEFj4Iyu1umhevkif2UwoSm8EicbR+Dn5AoGAQwiJ
+z0ITMn5+dq+YQ53qx4TK5Mf1SS/xlLMc/bobBUAKn4VoazJOq+fZ1vQo5FE7K70M
+oBuEYbsvZ6kMHI7/pxZxzdWNFMn2TOTxrdexYJpoKp7SKmwuR3S+jndfIXQl2EdK
+wZwDL0XxW/QWAPQDLHV4W8vx10cuDYIVF3yImwsCgYBP9mm5wJjH7kSbJ6I7B4/H
+WzSPjsQiVrXIIO7Sgw3dprtR64CrLIsxBp7b4PrJPTi984jSjml/rQaCTIicBKPh
+UsQ0kvwJRAb70c74rGcSKZ7VVcPwS/bE43XpKg5jasCVrOqXeCjb/w+V7EulCCKe
+p2vcvcLI2/0NBBq9q4vd/A==
+-----END PRIVATE KEY-----