1

I am new to adding digital signatures to PDF documents. So please feel free to correct me if some of my terminology and assumptions are wrong. I have only recently started reading up on this and need to get up to speed soon.

I have just started a new project (In MS MVC/asp.net) where I need to generate a legal document and then affix what my stake holders are calling a "digital signature" but from what they describe I think it is just a visible picture of a signature that is being added to a PDF and saved somewhere. I don't think this has the level of legal validity that it should however. It probably does not matter so much now, since the official record will be a printout of the document. But we want to move toward digital storage so I need something workable going forward.

My understanding of actual digit signatures are that you encrypt the document and then add a digital signature to the encrypted hash. However, this digital signature is not visible on the document unless such an image is added as well to represent it. Is this correct?

Can someone please suggest a good tutorial for this? I need to be able to add an official digital signature as well as a visible signature.

Terry H
  • 310
  • 4
  • 19
  • Sounds like you've got managers who haven't done any research! I don't think there's a single standard for this, but instead there are various plug-ins for Word or Adobe Acrobat Reader, etc, that work as you describe, and facilitate sharing public keys. As such, it would be quite hard to write your own version that would easy for people outside your organisation to use to validate your documents. I guess you could publish a public key, and send out the encrypted and original doc together, so people could compare them, but that's not easy to use. – Robin Bennett Nov 30 '18 at 15:15
  • 2
    Integrated PDF signatures can combine both a cryptographic signature and a visual representation thereof showing any content you want. Might this be what your stake holders describe? There is a standard for this, this is described in the PDF specification ISO 32000-2. The signatures are backed by X509 certificates from a number of major PKIs. – mkl Nov 30 '18 at 15:18
  • Thanks MKL, I will check the standard you mention. That sounds more like what we SHOULD be doing. As for people outside the organization viewing the document I don't think anyone not using our proprietary API will ever look at them. – Terry H Nov 30 '18 at 18:39
  • You mention the legal validity of the signature. Depending on the desired legal value you can build your own, organization-internal PKI or use an external one. – mkl Dec 01 '18 at 07:43
  • I have found out more information on the subject since asking my question here and it pretty much confirms what I originally posed. What my management wants done is often referred to as an "electronic signature". Which is just affixing the image of someone's signature on a document to make it look like they signed it. – Terry H Dec 14 '18 at 19:16
  • legally valid signature can be just a signature on top of document or encrypted and protected pdf. It ALL depends on what are the requirements from the destination: will the verify encrypted document or they just need doc with signature along with ip address etc of the signer? It also depends on the country as different countires do have different requirements for electronic and digital signatures. Short version: need to collect more requirements for output "signed" documents. – Eugene Dec 15 '18 at 01:20

3 Answers3

3

Halter, what you are looking to do is apply what is called a PAdES signature to a PDF document. To do this you will need a library that is familiar with PAdES and PDF.

To do this you will need a library that supports these standards, generating on on your own is, of course, doable but takes a lot of time. The most common PDF library used with C# support is probably iText.

There is also a nuget package that is LGPLed.

What is happening in the digital signature is not exactly encryption. A "digital signature" in this context means you have enrolled for an X.509 certificate at some point, this certificate binds a name to a private key. In essence, it says "the holder of this key's name is Fred".

You then hash the document (well portions of the document) and encrypt that hash with the certificates private key. That encrypted hash is the "signature" on the document. It is then embedded into a structure called a CMS, this CMS also gets a copy of the certificate associated with the signature and include some other metadata (e.g. CRL, OCSP, etc).

iText will handle most of this for you and they have a sample that describes exactly how to do this.

You will need to get the certificate from someplace, the easiest place to start is probably to enroll for a free S/MIME certificate from sectgo.com this certificate will not be trusted by Adobe Acrobat (the most commonly used PDF viewer when digital signatures are used) but other than that your needs will be met without having to learn more than necessary about certificates.

When you go to production you will want to get what is known as an AATL certificate, you can get them from many places including GlobalSign and DigiCert

rmhrisk
  • 1,814
  • 10
  • 16
  • The op does not necessarily need a PAdES signature. PAdES is a profile of pdf signatures (actually a family of profiles) originally specified by the ETSI. This profile has been added to the pdf-2 specification, too, but the specification also allows for other profiles. Furthermore, the LGPL nuget package you refer to is very old and does not yet explicitly support PAdES, only probably the compatibility PAdES profiles. And as you start from PAdES, EUTL certificates are a fairly obvious alternative to AATL ones... – mkl Dec 03 '18 at 09:04
  • Thanks, this sounds like what I was after. Once question, however, is this. If the document is not encrypted when it is signed, how do we know if the document was altered afterwards? Is that why parts of the document hash are encrypted and added to the signature? In order to verify the validity of the document I assume there are tools that hash the contents and then compare them to the hash stored in the signature? Does that make sense? – Terry H Dec 03 '18 at 12:06
  • Terry, think of the hash as a thumbprint for the document as a unique identifier for that version of the document. Since the digital signatures contains a encrypted copy of that hash, the verified can decrypt the hash in the signature, re hash the document and compare it to the one in the signature and know if the document was modified since signing. I should add you will also want to “timestamp” the document so that the time it was produced is captured in the document, specifically the timestamp you want is a RFC3161. Good luck. – rmhrisk Dec 03 '18 at 15:09
  • Mki, you are right that the NuGet version is old and may only support older profiles of PDF signing. You are also right about the subtleties in the signing profiles and versions, however those subtleties will not help Terry find what he needs in searches and telling him about PAdES will. He will also be able to sign with the NuGet package in c# despite these subtleties, even if not to the current profile, he will likely want to upgrade to the commercially licensed version of the library but that’s a high bar to solve a problem like this when you don’t yet know what a digital signature is. – rmhrisk Dec 03 '18 at 15:15
  • *"however those subtleties will not help Terry find what he needs in searches and telling him about PAdES will"* - has PAdES become so well known in the US? That would surprise me but I really don't know, so please surprise me! ;) – mkl Dec 03 '18 at 19:22
  • Do a surchbfor PAdES and your first hot will be useful, search on the ISO document and it won’t be. – rmhrisk Dec 03 '18 at 21:00
  • "Restaurant Pades in Verden" http://www.pades.de/ (top google hit for me) ... ;)) – mkl Dec 04 '18 at 12:54
  • First page is all about PAdES for me. – rmhrisk Dec 05 '18 at 07:26
0

Mki, to your comment about AATL certificates, based on Terry’s profile and name he is in the US and as such doesn’t get any benefit from eIDAS legislature and even if he was not for the most acrobat comparability he would want a qualified cert that was also AATL. Also both GobalSign and DigiCert have either announced the availability of qualified certs or announced the acquisition of a CA that offers them so if he needs them he can get them. Starting with an AATL or qualified certificate would require a cost and involve a sales engagement which would slow getting to a working solution.

rmhrisk
  • 1,814
  • 10
  • 16
  • I mentioned the EUTL because of your initial focus on PAdES. For someone from the US an AATL certificate usually indeed is better. – mkl Dec 03 '18 at 19:16
  • A search on AATL certificate will not take you to any libraries, specifications or documents on PDF signing. A search on PAdES will. – rmhrisk Dec 04 '18 at 20:14
0

Short answer. Your assumption is basically right. A digital signature is mostly not visible and is not printable.
However, when using Adobe Acrobat at least, you can choose if and what image you want to display as a "signature". The default is just a field where there is the name of the signee, the date and some other stuff, but you could, if you really need to, insert a picture of your analog signature. Please only use this if you really need to print the document.

There is also a question about signing a file at security stack: https://security.stackexchange.com/questions/198423/what-does-signing-a-file-really-mean

Lithilion
  • 1,097
  • 2
  • 11
  • 26