Logo
My Account |  Site Map | Contact Us  
Welcome Guest Search | Active Topics | Sign In | Register

Securing a PDF - Prevent editing PDF in other programs like MS Word Options
DCG
Posted: Tuesday, June 4, 2019 10:11:31 AM
Rank: Newbie
Groups: Member

Joined: 11/16/2015
Posts: 3
Hello there.

We're currently trying to optimize the security of PDF-files which are generated using EO PDF in our web-application.

I've currently added document 'security' and 'information' fields to the download function in the form of a Post_Handler.
Ultimately we want the PDF to be non-editable at all. Yet with the example below people can easily open the PDF in MS Word and edit the fields.

See example of the code below.


Quote:


MVCToPDF.RenderAsPDF(Post_Handler);
return View(model);
}

protected void Post_Handler(object sender, PdfDocumentEventArgs e)
{
EO.Pdf.HtmlToPdfResult result = MVCToPDF.Result;
if (result != null)
{
result.PdfDocument.Security.Disallow(PdfDocumentPermissions.ModifyingContents);
result.PdfDocument.Security.OwnerPassword = "APassword";
result.PdfDocument.Info.Author = "AnAuthorName";
result.PdfDocument.Info.Creator = "ACreatorName";
result.PdfDocument.Info.CreationDate = DateTime.Now;

}
}



When opening the PDF in Adobe programms, these seems to 'respect' the set security and prevent editing the downloaded PDF unless a user gives in a password.
I've read we might be able to add a PDF certificate using EO PDF.
How can I add this using the code above and what are the benefits of using a PDF certificate?
Does it prevent users from editing the PDF format and is there anyway to atleast prevent the really easy editing in programs like MS Word?
eo_support
Posted: Tuesday, June 4, 2019 10:35:53 AM
Rank: Administration
Groups: Administration

Joined: 5/27/2007
Posts: 21,568
Hi,

People will always be able to edit your PDF file no matter what you do. The PDF permission settings are basically a "gentleman's agreement" between the PDF file and the PDF Viewer application:

1. When you only set the owner's password:

1.a. The file can be opened without a password. In this case it means you are an "user" and the PDF Viewer supposes to honor the permission flags;
1.b. The file can also be opened with the owner password. in this case it means you are the "owner" and the PDF Viewer should allow you to change the permission;

2. When you set both owner's and user's password, a password must be provided in order to open the PDF file. However once the file is opened, depending on which password was used, rule 1.a and 1.b applies;

This means there is no technical barriers to prevent a file from being modified. The only thing here is you set the flag and the PDF Viewer application honors it. However a PDF Viewer application can always choose to ignore those flags.

Digital certificate is something different and it does not address the above issue directly --- even though it may serve your purpose somewhat. A digital certificate signs the file so that once the file is being modified, the digital signature will be broken unless you resign it. The following sequence describes what happens:

1. You create a PDF file and sign it with a certificate (you can do this with our PdfSigner class);
2. User open the PDF file, the PDF Viewer application would usually display something like "this file has a digital signature and the signature is valid";
3. User modifies the file and resave it;
4. If user open the PDF file again, the PDF Viewer will display something like "The digital signature is invalid";
5. The user can resign it thus validate of the signature again;

It is possible that a PDFViewer application will choose to disallow step 3 --- but again there is no technical barriers to forbid that because it is perfectly logical that a user may indeed want to modify the contents and then resign it. So the conclusion here again is there is nothing technical to prevent the file from be modified.

Hope this helps.

Thanks!
DCG
Posted: Friday, June 7, 2019 10:28:58 AM
Rank: Newbie
Groups: Member

Joined: 11/16/2015
Posts: 3
Hello eo_support,

thank you for your insightful reply and clear explanation of the PDF format and what we can do in EO pdf.
If you do not mind. I had a few more questions about it.

The Digital certificate is something we're interested in.
Is it reccomend to buy a 'GlobalSign' certificate?

Ive looked into annual certificates that offer 25k 'signing events' I assume this is the amount of times a PDF can be generated and downloaded with the valid certificate.

Can PDFs still be generated with EO pdf after the certificate (added with the PDFSigner class) has expired or exceeded 25k signings?
Will the PDF generator still be able to generate the PDF's but will a user that opens the PDF get a warning?

And what will happen if the PDF certificate of a downloaded PDF expired and the downloaded PDF is opened after expiration date?

Thank you!
eo_support
Posted: Friday, June 7, 2019 12:21:09 PM
Rank: Administration
Groups: Administration

Joined: 5/27/2007
Posts: 21,568
Hi,

We are not in a position to offer advice on digital certificate since that is both beyond the scope of our support and beyond the scope of our expertise. We can only provide a general technical view of the PDF signer feature to you.

The PDF signer takes a digital certificate and signs the document with the private key of that certificate (creating a digital signature using the certificate's private key). It will then store both the certificate's public key and the signature in the file. A PDF Viewer application would then read the public key and the signature and using the public key to verify whether the signature is valid. This works because public key/private key exist in pairs --- information encoded by a private key can only be properly decoded by the corresponding public key.

When you pay a company for a digital certificate, you are basically paying for a public/private key pair. Since the algorithm to create public/private key pairs are well known so anyone can create such pairs. The difference between a paid one and a self created one is a paid one is linked to a trusted "certificate authority" (CA) that will check and confirm your identity. Regardless a certificate is linked to a trusted CA or not, a PDF Viewer application can detect the signature no longer match if the file has been modified. However a trusted CA is often important since anyone can modify a file signed by your certificate and then resign it with their own certificate. In this case the PDF Viewer application will still display "digital signature is valid" for the modified and resigned file. The difference is the new digital signature is no longer yours. As such identity of the signature is as important as the validity of the signature. However its common for organizations to setup their own CA to confirm identifies within their own organization. This way they can issue their own certificates without having to pay anyone but they can only be used within the organization since it can not be validated outside. This is often sufficient for internal networks.

There is no technical limits on how many times you can use a key pair if you are provided the key pair directly (often in the form of a .cer file). However some companies may decide to without the actually key pair from you and charge/limit how many times you can use it instead. That's probably what the "25K" is. However as mentioned we are not in that business so we could be very well wrong on this.

Hope this helps.

Thanks!
DCG
Posted: Tuesday, June 11, 2019 2:53:48 AM
Rank: Newbie
Groups: Member

Joined: 11/16/2015
Posts: 3
Hello EO-Support,

Thank you very much for the thorough reply.
It has been very useful and has given me some understanding into adding a certificate using the EO PDF generator.
eo_support
Posted: Tuesday, June 11, 2019 12:28:03 PM
Rank: Administration
Groups: Administration

Joined: 5/27/2007
Posts: 21,568
Great. Glad that we were able to help.


You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.