Digital signatures for PDF Documents
iText 5 is the previous major version of iText’s leading PDF SDK. iText 5 is EOL, and is no longer developed, although we still provide support and security fixes. Switch your project to iText 8, our latest version which supports the latest PDF standards and technologies.
Updated code examples for iText 7
NOTE: The following Digital Signatures eBook was originally written for iText 5/iTextSharp and although many of the described concepts and operations are still relevant and transferable to iText 7, the included code examples are outdated.
However, we have updated the digital signature examples to apply to the latest releases of iText 7. Both Java and .NET (C#) examples can be found in the following addendum to the Digital Signatures eBook.
The main rationale for PDF used to be viewing and printing documents in a reliable way. The technology was conceived with the goal “to provide a collection of utilities, applications, and system software so that a corporation can effectively capture documents from any application, send electronic versions of these documents anywhere, and view and print these documents on any machines.” (Warnock, 1991)
Why we need PDF
This mission was set forth in the Camelot paper, and it was accomplished with the first publication of the Portable Document Format Reference (Adobe, 1993) and the availability of the first PDF software products created by Adobe. PDF became renowned as the format that could be trusted to ensure a consistent output, be it on screen or in print.
In the years that followed, an abundance of new tools from Adobe as well as from third party software vendors emerged, and the PDF specification was —and still is— very much alive. Plenty of functionality has been added to the PDF format over the years. Because of this, PDF has become the preferred document format of choice in many professional sectors and industries.
In this paper we’ll focus on one specific aspect of PDF files that makes the choice for PDF over any other document format a no-brainer: digital signatures.
Why we need digital signatures
Imagine a document that has legal value. Such a document may contain important information about rights and obligations, in which case you need to ensure its authenticity. You don’t want people to deny the commitments they’ve written down. Furthermore, this document probably has to be mailed to, viewed and stored by different parties. On different places in the workflow, at different moments in time, the document can be altered, be it voluntary, for instance to add an extra signature, involuntary, for example due to a transmission error, or deliberately, if somebody wants to create a forgery from the original document.
For centuries, we’ve tried to solve this problem by putting a so-called ‘wet ink signature’ on paper. Nowadays, we can use digital signatures to ensure:
- the integrity of the document— we want assurance that the document hasn’t been changed somewhere in the workflow,
- the authenticity of the document— we want assurance that the author of the document is who we think it is (and not somebody else),
- non-repudiation— we want assurance that the author can’t deny his or her authorship.
In this paper, we’ll focus on documents in the portable document format (PDF).