This area is a central hub to collect our examples, FAQs, articles and other resources related to the topic of digitally signing PDF documents with iText 7.

eBooks

Digital Signatures for PDF Documents

Our Digital Signatures eBook is available as a free download from the linked page. Although it was originally written for iText 5/iTextSharp, many of the described concepts and operations are still relevant and transferable to iText 7.

NOTE: The iText 5-based code snippets included in the eBook were accompanied by complete examples available on our website. Since then, they have been completely updated and rewritten for iText 7. This meant significant changes in some cases, and some examples were no longer applicable.

iText 7 eBook Examples

The following Java and .NET (C#) examples apply to the latest releases of iText 7.

Blockchain for PDF Documents

You've paid a digital invoice of your supplier, and afterwards it seemed to be fake - you were a victim of invoicing fraud. These issues and many more can now be solved by Blockchain. This eBook focuses on how you can use Blockchain in combination with PDFs to write applications.

Introduction

Advantages of using Blockchain for Signing PDF documents

Basic Concepts (Glossary)

PDF and Digital Signatures

Use cases

When Contracts aren't Smart Contracts

Why iText and Blockchain?

FAQs

iText 7 FAQs

Examples

Spotlighted Examples

Digital Signing with iText 7

To make porting old digital signing solutions and creating new ones from scratch easier, this series of articles describes the iText high level signing API and provides examples for using it with many kinds of signing devices currently in use.

Part I - Overview and Simple Cases

Part II - Proprietary APIs and Custom Providers

Part III - PKCS#11

Part IV - Appearances

iText 7 Examples

Articles/Tutorials

Using iText 7 and AWS KMS to digitally sign a PDF document

Introduction

Securing and automating digital document workflows is increasingly important in the modern business world. A crucial part of creating secure digital signatures is generating public and private keys for signing, and cloud providers such as Amazon, Google, and Microsoft now offer highly-secure cryptographic key management services. Since iText is used by many businesses and signing services to integrate secure digital signatures into PDFs, this step-by-step article shows developers how to use iText 7 and the AWS KMS APIs to generate a digital signature and add it to a PDF document.

Related code examples

  • Page:
    How to use a Digital Signing Service (DSS) such as GlobalSign, with iText 7

     Introduction

    When we want to sign a PDF with a digital signature, we need to generate a hash from the document’s data and sign it with a private key. A Digital Signing Service (or DSS) is usually cloud-based software that takes the responsibility of signing the document hash. One such signing service is GlobalSign, a widely-used WebTrust-certified certificate authority and provider of Identity Services.

Avoiding PDF Digital Signature vulnerabilities with iText

In February 2019, a team of security researchers   published details of vulnerabilities  in the digital signing system of many PDF viewers and online PDF digital signing services. After investigating these vulnerabilities, we found that updates to iText introduced in version 7.1.5 and the iText 5.5.13.1 maintenance release meant we were not vulnerable to the described attacks.

However, it was determined that the current names of the methods for checking and verifying signatures could be improved to better reflect their functionality. Therefore we decided to deprecate the  SignatureUtil#verifySignature  and  PdfPKCS7#verify  methods, and replace them with  SignatureUtil#readSignatureData   and  PdfPKCS7#verifySignatureIntegrityAndAuthenticity  which were introduced in  iText 7.1.6 . This blog was written f or those who would like to know more about the three types of attacks described in the report and how iText document verification works.

Videos/Webinars

Document security and digital signatures in PDF (YouTube)

The push for paperless bureaucracy has been going on for quite some time, but the circumstances of the past year made the issue even more pressing than it already was. In this talk presented by iText Research Engineer Matthias Valvekens at FOSDEM 2021, we discuss how you can leverage PDF to build secure, yet user-friendly document workflows. We go over what it means to "trust" a digital signature, and how that trust is validated in practice. In addition, we touch upon some of the common pitfalls in PDF security that you should be aware of to prevent your documents from being exploited.


PDF Security: Encryption and Digital Signatures (YouTube)

In this webinar from March 2020, iText Research Manager Michaël Demey and Duff Johnson from the PDF Association discuss PDF security options, focusing on encryption and digital signatures and how you can get started in securing your workflows and user experience right away with real examples using iText.