The interactive file manager requires Javascript. Please enable it or use sftp or scp.
You may still browse the files here.
Get an email when there's a new version of eMark
| Name | Modified | Size | Downloads / Week |
|---|---|---|---|
| V1.1.2 | 2025-10-25 | ||
| V1.1.1 | 2025-10-20 | ||
| V1.1.0 | 2025-10-13 | ||
| V1.0.1 | 2025-10-02 | ||
| V1.0.0 | 2025-09-07 | ||
| README.md | 2025-10-24 | 29.8 kB | |
| Totals: 6 Items | 29.8 kB | 34 |
π Table of Contents
- π― Overview
- β¨ Key Features
- π Security & Compliance
- π Quick Start
- π₯ Installation
- π Certificate & Signing Methods
- π Comparison with Adobe Products
- π€ Contributing
- π License
- π Support & Community
π― Overview
eMark is a professional, free, and open-source PDF signing and verification application designed as a powerful Adobe Reader DC alternative. It enables individuals, businesses, and government organizations to securely sign, verify, timestamp, and protect PDF documents with enterprise-grade security.
π Why eMark?
- β Adobe Reader DC Compatible - Signatures verified by Adobe products
- β 100% Free & Open Source - No hidden costs, licenses, or subscriptions
- β Multi-Platform - Windows, Linux, macOS with consistent UI
- β Multi-Certificate Support - USB tokens, HSM, smart cards, PKCS#11/12
- β Enterprise Security - RFC 3161, LTV, PAdES compliant
- β Privacy-First - 100% offline, no cloud upload, zero tracking
- β Professional Interface - Adobe Reader-like experience with modern dark theme
π― Perfect For
| Sector | Use Case |
|---|---|
| ποΈ Government | Tender submissions, official documents, DSC signing |
| βοΈ Legal | Contracts, agreements, court documents, legally binding signatures |
| πΌ Business | Invoices, purchase orders, NDAs, contracts, vendor agreements |
| π₯ Healthcare | Medical records, prescriptions |
| π Education | Certificates, transcripts, academic papers, research documents |
β¨ Key Features
π PDF Signature Verification
- Comprehensive Verification - Verify digital signatures with detailed validation status
- Certificate Chain Validation - Complete trust chain verification with CA certificate checks
- Signature Integrity Checks - Detect document modifications after signing
- Visual Status Indicators - Color-coded overlays (π’ Valid, π‘ Untrusted, π΄ Invalid)
- Adobe Reader Compatible - Verify eMark-signed PDFs in Adobe Reader DC/Acrobat
- Automatic Detection - Instantly detect all signatures when opening PDFs
- Detailed Certificate Info - View issuer, subject, validity period, key usage, extensions
- Timestamp Verification - Validate RFC 3161 timestamps for long-term validity
ποΈ PDF Digital Signing (Existing Fields or New Fields) **
- Drag-and-Drop Placement - Intuitive signature positioning anywhere on the page
- Automatic Field Detection - Recognize and sign existing PDF signature fields
- Live Preview - See signature appearance before applying
- Customizable Appearance - Add text, reason, location, date, custom images
- Multiple Signatures - Apply multiple signatures to single document
- Batch Signing - Sign multiple documents efficiently
- Signature Reason & Location - Add metadata for legal compliance
- Page Selection - Sign specific pages or all pages
π Multi-Certificate Support
| Certificate Type | Support | Description |
|---|---|---|
| USB Tokens | β Full | eToken, SafeNet, Gemalto, Feitian, and more |
| HSM (PKCS#11) | β Full | Hardware Security Modules with PKCS#11 interface |
| Smart Cards | β Full | Contact and contactless smart cards |
| PKCS#12/PFX | β Full | File-based certificates with private key |
| Windows Certificate Store | β Full | Native Windows certificate integration |
| JKS Keystore | β Full | Java keystore files |
π Cross-Platform Excellence
- Windows - Native .exe installer, full Windows Certificate Store integration
- Linux - .deb package for Debian/Ubuntu, portable JAR for other distros
- macOS - Universal JAR with native look and feel
- Consistent UI - Same features and interface across all platforms
- No Platform Lock-in - Switch between OS without relearning
π¨ Modern User Interface
- Dark Theme - Elegant FlatMacDarkLaf theme for reduced eye strain
- Collapsible Panels - Signature properties panel for streamlined workflow
- Interactive Overlays - Visual signature indicators with click-to-verify
- Floating Action Button - Quick access to signing functions
- Responsive Design - Adapts to different screen sizes and resolutions
- Intuitive Navigation - Adobe Reader-familiar layout for easy adoption
π‘οΈ Enterprise-Grade Security
- RFC 3161 Timestamping - Trusted timestamp authority (TSA) support
- Long-Term Validation (LTV) - Embed validation data for future verification
- Certificate Revocation - OCSP and CRL checking
- Password Protection - Sign password-protected PDFs
- Trust Management - Import/manage trusted CA certificates
- RSA - Support for modern cryptographic key types
π Security & Compliance
π‘οΈ Cryptographic Security
Digital Signature Standards
- β ISO 32000 (PDF specification) compliant
- β CAdES (CMS Advanced Electronic Signatures) compatible
- β PKCS#7 signature format support
- β PKCS#11 v2.40 for hardware security devices
- β RFC 3161 timestamping protocol
- β RFC 5280 X.509 certificate validation
- β RFC 6960 OCSP (Online Certificate Status Protocol)
ποΈ Compliance & Standards
| Standard/Regulation | Compliance | Details |
|---|---|---|
| DSC | β Full Support | Digital Signature Certificate (India) |
π Certificate Validation
Certificate Validation Process:
βββββββββββββββββββββββββββββββββββββββ
β 1. Certificate Chain Verification β β
Root CA β Intermediate CA β End Entity
βββββββββββββββββββββββββββββββββββββββ€
β 2. Certificate Validity Period β β
Not Before β€ Now β€ Not After
βββββββββββββββββββββββββββββββββββββββ€
β 3. Certificate Revocation Check β β
OCSP and/or CRL validation
βββββββββββββββββββββββββββββββββββββββ€
β 4. Key Usage Verification β β
Digital Signature, Non-Repudiation
βββββββββββββββββββββββββββββββββββββββ€
β 5. Trust Anchor Validation β β
Trusted Root CA Store
βββββββββββββββββββββββββββββββββββββββ€
β 6. Signature Integrity Check β β
Hash comparison, no tampering
βββββββββββββββββββββββββββββββββββββββ
π Hardware Security Device Support
Tested USB Tokens & HSMs
- β HYP2003 - HyperPKI 2003
- β ProxKey Token - Watchdata Proxkey
- β Longmai - mToken CryptoID
- β SOFT HSM - soft HSM
PKCS#11 Library Configuration
eMark automatically detects common PKCS#11 libraries or allows manual configuration:
- Windows: Using window keystore
- Linux/macos: wd_proxkey, mToken
π Timestamp Authority (TSA) Support
Why Timestamping Matters: - β Proves signature was created at a specific time - β Extends signature validity beyond certificate expiration - β Legal requirement in many jurisdictions - β Prevents backdating attacks
Supported TSA Protocols: - RFC 3161 compliant timestamp servers - HTTP and HTTPS timestamp requests - Proxy server support for corporate environments
Popular Free TSA Servers:
- DigiCert TSA: http://timestamp.digicert.com
- Sectigo TSA: http://timestamp.sectigo.com
π Quick Start
π Prerequisites
# Java 8 (JRE or JDK) is REQUIRED
# Check your Java version:
java -version
# Expected output:
# java version "1.8.0_xxx"
# Java(TM) SE Runtime Environment (build 1.8.0_xxx-bxx)
- Java 8 (1.8.x) required: Fully tested on Java 8 for optimal performance.
- Compatible with JDK & JRE: eMark runs smoothly on both Java Development Kit (JDK) and Java Runtime Environment (JRE) 8.
- Not supported: Java 7 or versions above Java 8 (Java 9+).
π₯ Quick Installation
Windows
# Download and run the .exe installer
1. Download: eMark-Setup-v1.1.0.exe
2. Double-click to install
3. Launch eMark from Start Menu
Linux (Debian/Ubuntu)
# Download and install .deb package
wget https://github.com/devcodemuni/eMark/releases/latest/download/eMark-V1.1.2.deb
sudo dpkg -i eMark-V1.1.2.deb
# Or use JAR file
java -jar eMark-V1.1.2.jar
macOS
# Use universal JAR file
java -jar eMark-V1.1.2.jar
π₯ Installation
Option 1: Download Pre-Built Release (Recommended)
Available Packages:
- πͺ Windows - .exe installer (64-bit)
- π§ Linux - .deb package (Debian/Ubuntu)
- π¦ Universal - .jar file (all platforms)
System Requirements
| Component | Minimum | Recommended |
|---|---|---|
| OS | Windows 7 / Ubuntu 18.04 / macOS 10.13 | Windows 10/11 / Ubuntu 22.04 / macOS 12+ |
| Java | Java 8 (1.8.0) | Java 8 (latest update) |
| RAM | 512 MB | 1 GB+ |
| Disk Space | 100 MB | 200 MB+ |
| Screen | 1024x768 | 1920x1080+ |
| Hardware | Optional USB token/smart card reader | USB token with PKCS#11 support |
π Certificate & Signing Methods
π 1. USB Token / HSM (PKCS#11)
Best For: Maximum security, government/legal documents, corporate environments
Advantages: - β Private key never leaves hardware device - β PIN-protected access - β Tamper-resistant hardware - β Meets highest security standards - β Multi-certificate storage
Setup: 1. Install token driver from manufacturer 2. Configure PKCS#11 library path in eMark 3. Insert token and enter PIN 4. Select certificate and sign
π 2. PKCS#12/PFX Certificate File
Best For: Personal use, testing, development
Advantages: - β Easy to use and portable - β No hardware required - β Password-protected - β Works on any platform
Setup: 1. Obtain .pfx or .p12 certificate file 2. In eMark: File β Import PKCS#12 3. Enter password when prompted 4. Certificate ready for signing
Security Note: - β οΈ Private key stored in software (less secure than hardware) - β οΈ Protect .pfx file with strong password - β οΈ Store on encrypted drive
πͺ 3. Windows Certificate Store
Best For: Windows enterprise environments, Active Directory
Advantages: - β Native Windows integration - β Centralized management - β Single sign-on (SSO) compatible - β Group Policy deployment
Certificate Locations:
- certmgr.msc - User certificates
- Personal β Certificates
π‘οΈ Privacy & Data Protection
π Zero Data Collection
eMark is designed with privacy-first principles:
βββββββββββββββββββββββββββββββββββββββββββββββ
β What eMark NEVER Does: β
βββββββββββββββββββββββββββββββββββββββββββββββ€
β β Upload PDFs to cloud servers β
β β Send data to external servers β
β β Track user behavior or analytics β
β β Store signing history externally β
β β Collect personal information β
β β Share certificates or keys β
β β Phone home or check licenses β
β β Display advertisements β
βββββββββββββββββββββββββββββββββββββββββββββββ
π 100% Offline Operation
- β All PDF processing happens locally on your computer
- β Private keys never leave hardware security devices
- β No internet connection required (except for optional OCSP/timestamp)
- β Complete air-gap deployment supported
- β Works in secure/classified environments
π GDPR Compliance
As an open-source, offline application: - β No personal data collection - Nothing to report or delete - β Data controller independence - You control all data - β No third-party sharing - Data never leaves your premises - β Transparent processing - Open-source code auditable - β Right to audit - Full source code available
π Secure by Design
Memory Security: - Sensitive data (PINs, passwords) cleared from memory after use - No sensitive data written to disk/swap - Secure random number generation
Certificate Security: - Private keys accessed only through secure APIs - PIN/password never stored permanently - Hardware token PINs never exposed to application
File Security: - Original PDFs never modified (new file created) - Temporary files securely deleted - No backup copies in hidden folders
π§ Technology Stack
| Component | Technology | Version | Purpose |
|---|---|---|---|
| Language | Java | 8 (1.8) | Core application |
| UI Framework | Swing | Built-in | User interface |
| Look & Feel | FlatLaf | 3.x | Modern dark theme |
| PDF Library | Apache PDFBox | 2.x | PDF rendering/viewing |
| Signing Engine | iText 5 | 5.5.x | PDF digital signatures |
| Crypto Provider | Bouncy Castle | 1.70+ | Cryptographic operations |
| PKCS#11 | Sun PKCS#11 | Built-in | Hardware token support |
| Build Tool | Maven | 3.x | Project management |
π¦ Dependencies
<!-- Core Dependencies -->
<dependency>
<groupId>com.itextpdf</groupId>
<artifactId>itextpdf</artifactId>
<version>5.5.13.3</version>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk15on</artifactId>
<version>1.70</version>
</dependency>
<dependency>
<groupId>org.apache.pdfbox</groupId>
<artifactId>pdfbox</artifactId>
<version>2.0.27</version>
</dependency>
<dependency>
<groupId>com.formdev</groupId>
<artifactId>flatlaf</artifactId>
<version>3.2.5</version>
</dependency>
π Comparison with Adobe Products
π Feature Comparison
| Feature | eMark | Adobe Acrobat DC |
|---|---|---|
| Price | π’ Free Forever | π΄ Subscription required |
| Open Source | π’ Yes (AGPL 3.0) | π΄ Proprietary |
| PDF Signing | π’ Full Support | π’ Full Support |
| Signature Verification | π’ Yes | π’ Yes |
| USB Token/HSM (PKCS#11) | π’ Yes | π’ Yes |
| Windows Certificate Store | π’ Yes | π’ Yes |
| PKCS#12/PFX | π’ Yes | π΄ No |
| Cross-Platform | π’ Windows/Linux/macOS | π‘ Windows/macOS |
| Timestamp (RFC 3161) | π’ Yes | π’ Yes |
| LTV Support | π’ Yes | π’ Yes |
| Batch Signing | π’ Yes | π’ Yes |
| Custom Appearance | π’ Yes | π’ Yes |
| Offline Operation | π’ 100% Offline | π‘ Requires Login |
| Privacy | π’ Zero Tracking | π΄ Analytics/Telemetry |
| Source Code | π’ Available | π΄ Closed Source |
π§ Troubleshooting
π¨ Common Issues & Solutions
β Java Version Error
Error: Unsupported Java version
Solution:
1. Check Java version: java -version
2. Expected: java version "1.8.0_xxx"
3. Download Java 8: https://www.oracle.com/java/technologies/javase/javase8-archive-downloads.html
β Certificate Not Detected
Problem: USB token certificate not appearing
Solution:
1. Install token driver from manufacturer
2. Verify token is inserted properly
3. Check PKCS#11 library path in Settings
4. Restart eMark after configuring
5. Test with: certutil -scinfo (Windows) or pkcs11-tool -L (Linux)
β PDF Loading Issues
Problem: PDF fails to open or displays incorrectly
Solution:
1. Verify PDF is not corrupted (open in another viewer)
2. Check if PDF is password-protected (enter password)
3. Ensure file permissions allow reading
4. Try re-saving PDF with "Save As" in another viewer
5. Check PDF version (PDF 1.4-2.0 supported)
β Signature Verification Failed
Problem: Signature shows as invalid or untrusted
Solution:
1. Import CA certificate to trust store (Settings β Trust Certificates)
2. Check internet connection for OCSP/CRL validation
3. Verify certificate hasn't expired
4. Ensure certificate chain is complete
5. Add timestamp server certificate to trust store
β PIN Entry Issues
Problem: Token PIN not accepted
Solution:
1. Verify correct PIN with token manufacturer app
2. Check if token is locked (too many wrong attempts)
3. Try unplugging and replugging token
4. Update token drivers
5. Test token with manufacturer's software first
π€ Contributing
We welcome contributions from the community! π
π Ways to Contribute
- π Report Bugs - Help us improve by reporting issues
- π‘ Suggest Features - Share your ideas for new features
- π Improve Documentation - Help others understand eMark
- π§ Submit Code - Fix bugs or implement features
- π Translations - Help make eMark multilingual
- β Star the Project - Show your support
π Before Contributing
- Read our Contributing Guidelines
- Check existing issues
- Fork the repository
- Create a feature branch
- Make your changes
- Submit a pull request
π Reporting Bugs
When reporting bugs, please include:
- Operating system and version
- Java version (java -version)
- eMark version
- Steps to reproduce
- Expected vs actual behavior
- Error logs or screenshots
π‘ Feature Requests
For feature requests, please describe: - The problem you're trying to solve - Your proposed solution - Why this would be valuable to users - Any alternative solutions considered
π Security
π‘οΈ Security Policy
We take security seriously. If you discover a security vulnerability:
β οΈ DO NOT open a public GitHub issue.
Instead: 1. Email: [Create a security advisory on GitHub] 2. Provide detailed information about the vulnerability 3. Include steps to reproduce (if applicable) 4. Allow reasonable time for a fix before public disclosure
π Security Best Practices
When using eMark: - β Always use strong PINs/passwords for tokens and certificates - β Keep USB tokens physically secure - β Regularly update Java to latest Java 8 version - β Only download eMark from official GitHub releases - β Verify signature of downloaded files (if provided) - β Use hardware tokens for sensitive documents - β Enable timestamping for long-term validity - β Regularly backup certificates and private keys (encrypted)
π License
This project is licensed under the GNU Affero General Public License v3.0 (AGPL-3.0).
π License Summary
eMark - Professional PDF Signing Software
Copyright (C) 2025 Codemuni
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as published
by the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
β What This Means (AGPL 3.0)
Under the AGPL 3.0 license:
You CAN:
- β Run eMark for any purpose, including personal, organizational, or commercial use
- β Modify the source code for your own use
- β Share or distribute eMark (modified or unmodified) as long as the source code is made available under the AGPL
- β Deploy eMark over a network (e.g., SaaS) if you provide access to the source code
You CANNOT:
- β Distribute it under a proprietary license
- β Remove copyright or license notices
- β Keep modifications private if you make the software available to others (over a network or distribution)
- β Hold authors liable
- β Use authors' names for promotion without permission
You MUST: - β οΈ Disclose source code of modifications - β οΈ Include original license and copyright - β οΈ State changes made to the code - β οΈ Make modified source available (if distributed) - β οΈ Use same AGPL-3.0 license for derivatives
Network Use: - If you modify eMark and run it as a network service, you must make the source code available to users.
See LICENSE file for full details.
π Support & Community
π¬ Get Help
- π Website: devcodemuni.github.io/eMark
- π Documentation: Installation Guide
- π Bug Reports: GitHub Issues
- π‘ Feature Requests: GitHub Discussions
- π§ Email: [Create an issue on GitHub]
π Show Your Support
If eMark has helped you, please consider: - β Star the repository on GitHub - π¦ Share on social media with #eMark - π Write a blog post about your experience - π₯ Create a tutorial video - π¬ Recommend to colleagues and friends
π Acknowledgments
eMark is built on the shoulders of giants. Special thanks to:
- Apache PDFBox - PDF rendering and manipulation
- iText 5 - PDF digital signature creation
- Bouncy Castle - Cryptography provider
- FlatLaf - Modern Swing look and feel
- All contributors who have helped improve eMark
π Project Statistics
πΈ Gallery
πΌοΈ Screenshots
Click to expand screenshot gallery
#### Main InterfaceFor more screenshots and detailed documentation, visit: - πΈ Image Gallery - πΊοΈ Architecture Diagrams