Creating Secure / encrypted PDFs

  

Hello,

I have a web app where a client signs a contract online with a digital signature. The app then uses the htmltopdf forge component to create pdf's and then email the pdf agreement to the client as an attachment. I am not using the standard ousystems email but instead all emails are beings sent through an API integration through the company's exchange servers.


My question is: How can I create the pdf document (attached to the email) to be secure / certified / unchangable or encrypted, or have some kind of seal so that you know when the document has been tampered with?


Any suggestions will be much appreciated. 


Thanks

Hi Vonnelize,


You could digitally sign the PDF document after being produced using a server extension that uses iText (for example).


For deep understanding I would suggest the free (and extensive) white paper iText has about it: 

https://pages.itextpdf.com/ebook-digital-signatures-for-pdf.html


Cheers,

Renato




 

Vonnelize Haupt wrote:

Hello,

I have a web app where a client signs a contract online with a digital signature. The app then uses the htmltopdf forge component to create pdf's and then email the pdf agreement to the client as an attachment. I am not using the standard ousystems email but instead all emails are beings sent through an API integration through the company's exchange servers.


My question is: How can I create the pdf document (attached to the email) to be secure / certified / unchangable or encrypted, or have some kind of seal so that you know when the document has been tampered with?


Any suggestions will be much appreciated. 


Thanks



Hi Vonnelize,

Typically, this is done when the user signs the contract. We use a service from a digital signing company, and after signing, the signature is added to the PDF that we have first produced, and it is digitially signed*. This is the only way that makes sense legally, as the digital signing company is certified to digitally sign the PDF, and can prove it's temper-free. If you are having the customer sign, and your code has the signature as a seperate PNG or JPG, and you show that signature on a screen so you can html2pdf it, it's very likely not legally sound, as you could put any signature underneath the contract, or you could alter the contents of the contract on screen, before making a PDF out of it. Securing the document afterwards seems to have very little legal value, though note IANAL (although I've spoken with a number of lawyers on exactly this topic).

So tl;dr, of you really need it legally secure, use a digital signing company. If you don't need it to be full legally secure, there's no need for trying to make the PDF tamper proof**.

*Note there's a difference in the customer digitally signing and the digitial signing of the document to prevent tempering. Terminology is a bit confusing here.

**We use digital signing via a specialized company for important documents, or documents the customer wants to postpone signing. For less important, immeditately signable documents, we use a mobile device with the Signature plug-in, show that on the mobile screen, and create a PDF on the fly, on the mobile device, after which we delete the signature image. We don't secure the PDF in this case.

Kilian Hekhuis wrote:

Hi Vonnelize,

Typically, this is done when the user signs the contract. We use a service from a digital signing company, and after signing, the signature is added to the PDF that we have first produced, and it is digitially signed*. This is the only way that makes sense legally, as the digital signing company is certified to digitally sign the PDF, and can prove it's temper-free. If you are having the customer sign, and your code has the signature as a seperate PNG or JPG, and you show that signature on a screen so you can html2pdf it, it's very likely not legally sound, as you could put any signature underneath the contract, or you could alter the contents of the contract on screen, before making a PDF out of it. Securing the document afterwards seems to have very little legal value, though note IANAL (although I've spoken with a number of lawyers on exactly this topic).

So tl;dr, of you really need it legally secure, use a digital signing company. If you don't need it to be full legally secure, there's no need for trying to make the PDF tamper proof**.

*Note there's a difference in the customer digitally signing and the digitial signing of the document to prevent tempering. Terminology is a bit confusing here.

**We use digital signing via a specialized company for important documents, or documents the customer wants to postpone signing. For less important, immeditately signable documents, we use a mobile device with the Signature plug-in, show that on the mobile screen, and create a PDF on the fly, on the mobile device, after which we delete the signature image. We don't secure the PDF in this case.

Hi Killian


Thanks so much for the response. I am going to discuss your comments with my client and see what they decide. I I agree that we should not be able to touch the document after the client signed. I will keep you posted.




Renato Torres wrote:

Hi Vonnelize,


You could digitally sign the PDF document after being produced using a server extension that uses iText (for example).


For deep understanding I would suggest the free (and extensive) white paper iText has about it: 

https://pages.itextpdf.com/ebook-digital-signatures-for-pdf.html


Cheers,

Renato




 

Vonnelize Haupt wrote:

Hello,

I have a web app where a client signs a contract online with a digital signature. The app then uses the htmltopdf forge component to create pdf's and then email the pdf agreement to the client as an attachment. I am not using the standard ousystems email but instead all emails are beings sent through an API integration through the company's exchange servers.


My question is: How can I create the pdf document (attached to the email) to be secure / certified / unchangable or encrypted, or have some kind of seal so that you know when the document has been tampered with?


Any suggestions will be much appreciated. 


Thanks




Thanks Renato! I am reading through the info on your link. I need to discuss Killian's comments with the clients and will then see what should be done.

Kilian Hekhuis wrote:

Typically, this is done when the user signs the contract. We use a service from a digital signing company, and after signing, the signature is added to the PDF that we have first produced, and it is digitially signed*. 

Hi Killian,

When you have the document digitally signed, I take it that you mean having it certified using a certified signature, and not necessarily that someone has signed the document. I.e. The document's integrity is ensured by the author through certification.

I assume that certification happens from within the application that generates the PDF. Do you use a web service, provided by your digital signing company, or did you create your own web service? 

I imagine that if we wanted to certify PDF documents at generation time we would either have to use a provided web service, or write out own web service or extension?

Thanks

Albert

Hi Albert,

In fact both. We send our PDF via a REST interface to the digital signing company, they send a notification to our client to sign the document, the client signs (via their website) and the company puts the signature inside the document and digitally signs it, so it is tamper proof.

Kilian Hekhuis wrote:


Thanks Killian.