PDF Signatures and Open Source
The Portable Document Format (PDF) standard is a good way to store documents that need to be accessible to multiple platforms. The standard provides formats for the display of many types of data, such as text, images, interactive forms, and multimedia content. The PDF standard also provides for security capabilities, including file encryption and digital signatures. The digital signature capability makes the PDF format very attractive for businesses that require an accessible, strong method of authentication for document workflows.
There are currently several open source libraries available for converting documents to PDF format, parsing existing PDFs, and even allowing access to some of the inner attributes of PDF files. Most of them also support the encryption capabilities defined by the PDF standard. However, it is rare (if not impossible) to find an open source PDF library that supports digital signatures in more than a rudimentary way. With some clever programming, someone with detailed understanding of the PDF file format can take an open source PDF tool such as PDFBox, chip away at the Cos Object Stream (COS) layer to find the information needed to verify a signature, and then manually call a cryptography library to perform the verification. Some of the OSS projects may even support this capability; however, none provide the ability to create a digital signature and apply it to a document.
This limitation is due to the way that many of these libraries parse and subsequently internally store the PDF file. When used as intended by the standard, a PDF file will never shrink in size over the course of its lifetime, even if displayed content is removed. PDFs, as implemented by Adobe Acrobat follow a model in which any modifications to the document are appended to the end of the file, using what is known as a cross reference dictionary. This is not the case with open source libraries like PDFBox, which parse the document into internal data structures, allow the user to alter those structures, and then save the document by streaming the altered content from scratch, with no consideration of the document’s original contents. This approach makes supporting digital signatures impossible. Digital signatures require that the contents of the document at the time it was signed never change – otherwise the signature will not be valid. While it may be possible to apply a single digital signature to a document using this model, multiple signatures will never be supported. The creation of subsequent signatures will modify any previous signature’s signed data by modifying the contents and appearance of the signed field.
This simplified approach is fine for simple documents, but it removes the ability to track changes to a document over time, which in turn removes the ability to support multiple digital signatures. A new approach to parsing and internally storing document data needs to be taken in order to incorporate these features into the libraries that are freely available now. The PDF standard supplies the necessary rules to implement these features; it would be useful to developers if open source projects would take steps to support them.