Add Security to Your PDF Generation and Processing Applications

  • Supported Platforms

  • .NET.NET

    Pure managed and integrated components, carefully optimized to achieve maximum performance comparable to native processor code. The .NET edition can be used on .NET and Mono Server and Desktop platforms, in ASP.NET applications, and on Mobile Devices.

  • .NETJava

    Highly integrated Java security library including numerous classes to enable support for a wide range of application-level protocols, security algorithms, and standards. You can use Java security libraries to develop software for desktop and server platforms, mobile devices, and Web applications.

  • .NETC++

    A shared library (.dll on Windows and .so on Linux / macOS) and set of C++ classes. Used in C++ applications for Windows, Linux, macOS, and iOS platforms. Supported compilers include Visual C++, MinGW, gcc, and Xcode.


    Highly integrated and blazingly fast native Delphi (Pascal) components for building native Windows, Linux, and macOS applications. All components are native Delphi, have no third-party binaries or references, and no reliance on Windows CryptoAPI. Also includes Delphi components for building Android and iOS apps.


    Integrated components for PHP scripts running on Linux and Windows servers.


Use PDFBlackBox to add security features to your PDF generation and processing applications. Supported functions include password-based and certificate-based encryption, certificate-based signing, timestamping, and compression. PDFBlackbox also supports long-term signatures with PAdES standard-timestamping.

Use Any PDF Generation Library

We leave PDF generation and printing to others and focus on PDF security. You can use whatever PDF library you like for building the document and then use PDFBlackbox for cryptographic operations.

Processes Large Documents

PDFBlackbox supports on-demand data loading and parsing, so processing of large documents does not require a large amount of resources.

Supports the Latest PDF Versions

PDFBlackbox handles documents compliant to PDF versions 1.3 and later.

No Reliance on Third-party Libraries

Includes a built-in PDF processor and does not use third-party libraries for cryptography operations or for loading and saving PDF documents.

PAdES Compliant

PDFBlackbox collects external timestamps and complete certificate chain revocation information for PAdES compliance.

PDF Security Features

  • Digital signing of PDF documents using X.509 certificates (including CDS certificates from Adobe) and plain RSA keys
  • Signature timestamping using TSP (Timstamping Protocol) to ensure long-term validity of signatures
  • PAdES support with automatic collection of timestamps and revocation information (requires additional license for PKIBlackbox). Supported PAdES profiles include PAdES-BES, PAdES-B-B, PAdES-B-T, PAdES-B-LT, PAdES-B-LTA, PAdES-EPES, and PAdES-LTV
  • The possibility to sign the documents in distributed mode helps you build client-server document management systems with secure document signing
  • Validation of signatures and timestamps including flexible certificate validation
  • Support for visible, invisible, and certification (MDP) signatures
  • Signing of existing empty signature fields
  • Removal of signatures and extraction of the document in "unsigned" form
  • Certificate-based public key PDF encryption and password-based encryption secure your PDF documents against reading and/or modifications
  • (optional) ZLib compression that reduces document size and increases security of the encrypted data
  • Certificate-based public key PDF encryption using the RSA algorithm and PKCS#7 format
  • Password-based PDF encryption using the AES algorithm with 128 or 256-bit keys (AES128 or AES256, supported by Acrobat 9.0 and later) or using MD5 + RC4/40 or RC4/128 algorithms
  • Algorithms used for signing include SHA1, SHA2 (SHA256, SHA384 and SHA512), RIPEMD160 hash algorithms with RSA signing algorithm, and PKCS#1 or PKCS#7 format
  • Use of Cryptocards and USB Crypto Tokens for further protection of secret information (private and secret keys)
  • FIPS-compliant operation mode