Successfully reported this slideshow.

Zenika - iText in Action


Published on

presentation for Zenika, Paris March 10, 2011

Published in: Technology
  • Be the first to comment

Zenika - iText in Action

  1. 1. iText in Action — 2nd Edition Bruno Lowagie @ Zenika March 10, 20111T3XT BVBA, the iText Company
  2. 2. About this talk• 2010: – History of iText: development & IP – How to write a book – Book preview• 2011: – Book overview – Samples: code snippets, PDFs, techniques – The future of iText1T3XT BVBA, the iText Company
  3. 3. First edition: 20061T3XT BVBA, the iText Company
  4. 4. Second Edition: 2010 10Q2: ebooks: 1526 pbooks: 19531T3XT BVBA, the iText Company
  5. 5. Examples on SourceForge1T3XT BVBA, the iText Company
  6. 6. Chapter info on itextpdf.com1T3XT BVBA, the iText Company
  7. 7. Part 1Creating PDF from scratch• Ch 1: Introducing PDF and iText• Ch 2: Using iText’s basic building blocks• Ch 3: Adding content at absolute positions• Ch 4: Organizing content in tables• Ch 5: Table, cell, and page events1T3XT BVBA, the iText Company
  8. 8. Creating PDF from scratch Hello WorldCreating PDF with iText // step 11. Create a Document Document document = new Document();2. Create a Writer // step 23. Open the Document PdfWriter.getInstance(4. Add content document, new FileOutputStream(filename)); // step 35. Close the Document; // step 4 document.add(new Paragraph("Hello World!")); // step 5 document.close(); 1T3XT BVBA, the iText Company
  9. 9. Basic Building Blocks1T3XT BVBA, the iText Company
  10. 10. Database1T3XT BVBA, the iText Company
  11. 11. Report using tables1T3XT BVBA, the iText Company
  12. 12. Report using direct content1T3XT BVBA, the iText Company
  13. 13. Combining approaches1T3XT BVBA, the iText Company
  14. 14. Part 2Manipulating existing PDF documents• Ch 6: Working with existing PDFs• Ch 7: Making documents interactive• Ch 8: Filling out interactive forms1T3XT BVBA, the iText Company
  15. 15. Invoice application1T3XT BVBA, the iText Company
  16. 16. An all PDF web app?!?1T3XT BVBA, the iText Company
  17. 17. AcroForm• AcroForm PdfReader reader = new PdfReader("resources/pdf/subscribe.pdf"); PdfStamper stamper = new PdfStamper(reader, new FileOutputStream("results/subscribed.pdf")); AcroFields form = stamper.getAcroFields(); form.setField("", "Bruno Lowagie"); form.setField("personal.loginname", "blowagie"); form.setField("personal.password", "12345678"); form.setField("personal.reason", "Because!nI want to be subscribed"); stamper.setFormFlattening(true); stamper.close();1T3XT BVBA, the iText Company
  18. 18. AcroForm Interactive Flattened1T3XT BVBA, the iText Company
  19. 19. XML Data1T3XT BVBA, the iText Company
  20. 20. XML Schema Definition1T3XT BVBA, the iText Company
  21. 21. Creating a dynamic XFA form1T3XT BVBA, the iText Company
  22. 22. Importing an XSD1T3XT BVBA, the iText Company
  23. 23. Rearranged fields1T3XT BVBA, the iText Company
  24. 24. Dynamic XFA form1T3XT BVBA, the iText Company
  25. 25. Fill out the form• XFA PdfReader reader = new PdfReader(src); PdfStamper stamper = new PdfStamper(reader, new FileOutputStream(dest)); AcroFields form = stamper.getAcroFields(); XfaForm xfa = form.getXfa(); xfa.fillXfaForm(new FileInputStream(xml)); stamper.close();1T3XT BVBA, the iText Company
  26. 26. Form with data1T3XT BVBA, the iText Company
  27. 27. A look inside the form1T3XT BVBA, the iText Company
  28. 28. Part 3Essential iText skills• Ch 9: Integrating iText in your web application• Ch 10: Brightening your document with color and images• Ch 11: Choosing the right font• Ch 12: Protecting your PDF1T3XT BVBA, the iText Company
  29. 29. Structure of a PDF file %PDF-1.x %âãÏ• Ó 1 0 obj ...A PDF file consists 2 0 objof a collection of ... (Hello World) Tj ...objects. xrefA PDF files starts 0 81 0000000000 65535 fwith %PDF-1.x and 0000000015 00000 n ...ends with %%EOF trailer << ... >> startxref 15787 %%EOF 1T3XT BVBA, the iText Company
  30. 30. Changing the content of a PDF file %PDF-1.x %âãÏ• Ó 1 0 obj ... 2 0 objYou can use ... (Hello People) Tj to change 121 0 obj ...the content of a xrefPDF document: 0 85 0000000000 65535 fchange a stream, 0000000015 00000 nadd objects (e.g ... trailerannotations), and << ... >>so on. startxref 16157 %%EOF 1T3XT BVBA, the iText Company
  31. 31. What are our concerns?• Integrity—we want assurance that the document hasn’t been changed somewhere in the workflow• Authenticity—we want assurance that the author of the document is who we think it is (and not somebody else)• Non-repudiation—we want assurance that the author can’t deny his authorship.1T3XT BVBA, the iText Company
  32. 32. Integrity• A digest is computed over a range of bytes from the file.• This ByteRange is signed using the private key of the sender.• This digest and the sender’s Certificate are embedded in the PDF.• The receiver compares the embedded digest with the digest of the content.1T3XT BVBA, the iText Company
  33. 33. Digital Signature field %PDF-1.x %âãÏ•Ó 1 0 obj ... 2 0 objA signed PDF file <<contains a signature /Type/Sig /Contents/... >>dictionary. ...The binary value of xref 0 81the PDF signature is 0000000000 65535 f ...placed into the trailerContents entry of a << ... >> startxrefsignature dictionary. 15787 %%EOF 1T3XT BVBA, the iText Company
  34. 34. Embedded Digital Signature %PDF-1.x %âãÏ• Ó ... 2 0 obj <<... /Type/Sig /Contents<The digital DIGITALsignature isn’t part SIGNATUREof the ByteRange. > ... >> xrefThere are no bytes 0 81in the PDF that 0000000000 65535 f ...aren’t covered, trailerother than the PDF << ... >> startxrefsignature itself. 15787 %%EOF 1T3XT BVBA, the iText Company
  35. 35. Cryptography• Symmetric key algorithms: the same key is used to encrypt and decrypt content.• Asymmetric key algorithms: a public key is used to encrypt, a private key is used to decrypt (for encryption purposes).• Or, a private key is used to encrypt, a public key is used to decrypt (for digital signatures).1T3XT BVBA, the iText Company
  36. 36. Obtain a public/private key• Create your own keystore (with the private key) and self-signed certificate (with the public key); e.g. using keytool• Ask a Certificate Authority (CA) to sign your certificate to prove your identity• A Certificate signed by a CA’s private key can be decrypted with the CA’s root certificate (stored in Adobe Reader)1T3XT BVBA, the iText Company
  37. 37. Digital SignaturesStored on the producer’s side Received by the consumer• Certificate %PDF-1.x – Public key ... /ByteRange ... – Identity info /Contents<• Private key DIGITAL SIGNATURE• Original document • Certificate • Signed Message Digest ByteRange • Timestamp >... %%EOF 1T3XT BVBA, the iText Company
  38. 38. Possible architecture Application Device %PDF-1.x ... DIGITAL SIGNATURE • Certificate • Signed Message Digest • Timestamp...%%EOF Existing PDF document Fill out signature field Externally sign digestCreated by PDF producer Using iText created with iText 1T3XT BVBA, the iText Company
  39. 39. Displaying digital signatures• Digital signatures are part of the file structure: it isn’t mandatory for a digital signature to be displayed on a page.• Digital signatures are listed in the signature panel.• A digital signature can be visualized as a field widget (this widget can consist of graphics, text,...).1T3XT BVBA, the iText Company
  40. 40. Invisible signature1T3XT BVBA, the iText Company
  41. 41. Visible signature1T3XT BVBA, the iText Company
  42. 42. Invalid signature1T3XT BVBA, the iText Company
  43. 43. Custom signature1T3XT BVBA, the iText Company
  44. 44. Important note• A signature signs the complete document.• The concept of signing separate pages in a document (“to initial a document”) doesn’t exist in PDF.• Legal issue: how to prove that a person who signed for approval has read the complete document?1T3XT BVBA, the iText Company
  45. 45. Serial signatures %PDF-1.x % Original document DIGITAL SIGNATURE 1 ...A PDF document can %%EOF Rev1be signed more than % Additional content 1once, but parallel ... DIGITAL SIGNATURE 2signatures aren’t ...supported, only %%EOF Rev2serial signatures: % Additional content 2 ...additional signatures DIGITAL SIGNATURE 3sign all previous ...signatures. %%EOF Rev3 1T3XT BVBA, the iText Company
  46. 46. Demo: two signatures1T3XT BVBA, the iText Company
  47. 47. Types of signatures• Certification (aka author) signature— only possible for the first revision; involves modification detection permissions.• Approval (aka recipient) signature— workflow with subsequent signers.• Usage Rights signature— involving Adobe’s private key to Reader enable a PDF (off-topic here).1T3XT BVBA, the iText Company
  48. 48. Problems solved?• Integrity—signature is invalidated if bytes are changed• Authenticity—Certificate Authority verifies the identity of the owner of the private key• Non-repudiation—the author is the only one who has access to the private key1T3XT BVBA, the iText Company
  49. 49. What if?• What if the author’s private key is compromised?• What if the author falsifies the creation date of the document?• What if the certificate expires too soon?1T3XT BVBA, the iText Company
  50. 50. Revocation checking• Certificate Revocation List (CRL) The certificate is checked against a list of revoked certificates.• Online Certificate Status Protocol (OCSP) The revokation status is obtained from a server. If the certificate was revoked, the signature is invalid.1T3XT BVBA, the iText Company
  51. 51. OCSP1T3XT BVBA, the iText Company
  52. 52. Timestamping• The timestamp of a signature can be based on the signer’s local machine time,• Or the signer can involve a Time Stamp Authority (TSA). The message digest is sent to a trusted timestamp server. This server adds a timestamp and signs the resulting hash using the TSA’s private key.• The signer can’t forge the time anymore.1T3XT BVBA, the iText Company
  53. 53. Timestamp1T3XT BVBA, the iText Company
  54. 54. PAdES - LTV• PAdES: PDF Advanced Electronic Signatures• LTV: Long Term Validation• Requires extensions to ISO-32000-1• Described by ETSI in TS 102 778 part 4• Requires Document Security Store (DSS) and Document Timestamp• A new DSS+TS are added before expiration of the last document timestamp1T3XT BVBA, the iText Company
  55. 55. Part 4Under the hood• Ch 13: PDFs inside-out• Ch 14: The imaging model• Ch 15: Page content and structure• Ch 16: PDF streams1T3XT BVBA, the iText Company
  56. 56. Parsing PDF1T3XT BVBA, the iText Company
  57. 57. Render listener interfaceRenderListener public void renderText( TextRenderInfo renderInfo) {beginTextBlock() System.out.print("<");renderText(TextRenderInfo info) System.out.print(renderInfo.getText());endTextBlock() System.out.print(" @ (");renderImage(ImageRenderInfo info) System.out.print( renderInfo.getBaseline() .getStartPoint().get(0)); System.out.print(", "); System.out.print( renderInfo.getBaseline() .getStartPoint().get(1)); System.out.print(") l: "); System.out.print( renderInfo.getBaseline() .getLength()); System.out.println(">"); } 1T3XT BVBA, the iText Company
  58. 58. Output1T3XT BVBA, the iText Company
  59. 59. Tagged PDF1T3XT BVBA, the iText Company
  60. 60. Optional Content• A different type of marked content: PdfLayer a1 = new PdfLayer("answer 1", writer); a1.setOn(false); BaseFont bf = BaseFont.createFont(); PdfContentByte cb = writer.getDirectContent(); cb.setRGBColorFill(0xFF, 0x00, 0x00); cb.beginText(); cb.setFontAndSize(bf, 18); cb.beginLayer(a1); cb.showTextAligned(Element.ALIGN_LEFT, "A1: Stanley Kubrick", 50, 742, 0); cb.endLayer(); cb.endText();1T3XT BVBA, the iText Company
  61. 61. Portable collections1T3XT BVBA, the iText Company
  62. 62. Creating a Flash Component1T3XT BVBA, the iText Company
  63. 63. Flash component in HTML1T3XT BVBA, the iText Company
  64. 64. Online XML data1T3XT BVBA, the iText Company
  65. 65. Crossdomain.xml1T3XT BVBA, the iText Company
  66. 66. Flash component in PDF1T3XT BVBA, the iText Company
  67. 67. The future of iTextFive ideas for 2011• The frustration of working with HTMLWorker• Finally start working on XFA to PDF conversion• Digital Signatures: PAdES, timestamps,...• Eclipse plug-in for iText• iText for AndroidAdditional ideas:• Accessibility (Tagged PDF, PDF/UA?)• GIS Options1T3XT BVBA, the iText Company
  68. 68. HTMLWorker• Support for straight forward HTML – No URL to PDF conversion yet – Support for more HTML tags and CSS styles – Target for iText 5.1 (April 2011) • HTML generated with FCKEditor and TinyMC • “Rich Text” as defined in XFA and PDF specs• Support for all HTML would be nice too – Full blown HTML to PDF conversion – Do what a browser does1T3XT BVBA, the iText Company
  69. 69. XFA to PDF• The new HTMLWorker will be based on a new class XMLWorker• XFA is the XML Forms Architecture• With Adobe’s “Rich Text”, we’re already implementing a small part of the XFA.• Once iText 5.1 is released we’re ready to start an XFA to PDF project, but...• Is there a sponsor for such a project?1T3XT BVBA, the iText Company
  70. 70. Digital Signatures• PAdES: needs to be in future iText version• Signing server: product?• Timestamp server: service?1T3XT BVBA, the iText Company
  71. 71. iText for Android• iText light for phones – Demo: Hello world• iText full for tablet PCs1T3XT BVBA, the iText Company