This document summarizes Bruno Lowagie's presentation on the second edition of the book "iText in Action". The presentation provides an overview of the book, shows code samples and techniques from the book, and discusses the future of iText. It also provides information on how the book covers creating PDFs from scratch, manipulating existing PDFs, and essential iText skills.
A digital signature is a mathematical scheme for demonstrating the authenticity of a digital message or document. A valid digital signature gives a recipient reason to believe that the message was created by a known sender, such that the sender cannot deny having sent the message (authentication and non-repudiation) and that the message was not altered in transit (integrity). Digital signatures are commonly used for software distribution, financial transactions, and in other cases where it is important to detect forgery or tampering.
Digital signatures are often used to implement electronic signatures, a broader term that refers to any electronic data that carries the intent of a signature, but not all electronic signatures use digital signatures. In some countries, including the United States, India, and members of the European Union, electronic signatures have legal significance.
Half hour presentation about Free/Open Source Software and Intellectual Property. Case study about the Research Agreement to make an overview of the IP of iText, a Java-PDF library. Some examples of issues that were dealt with.
Belgium and the US: a mutual introductionBruno Lowagie
Slide deck for my guest lecture at the University College Leuven Limburg about doing business in Belgium and doing business in the US, based on my own experience at iText.
Doing business in the US: Yes, You Can!Bruno Lowagie
Draft of the slide deck for my talk at VOKA on Friday, September 5, 2014: http://www.voka.be/oost-vlaanderen/opleidingen/2014/9/zakelijk-succes-in-de-vs/
Waarom iText de Leeuw van de Export 2016 moet winnenBruno Lowagie
10 redenen waarom iText volgende week de Leeuw van de Export niet mag verliezen. We zijn #1 exportkampioen, #2 groeikampioen, #3 werkgever, #4 innovator, #5 expert, #6 evangelist, #7 ambassadeur, #8 ondernemer, #9 reiziger, en #10 winnaar.
A digital signature is a mathematical scheme for demonstrating the authenticity of a digital message or document. A valid digital signature gives a recipient reason to believe that the message was created by a known sender, such that the sender cannot deny having sent the message (authentication and non-repudiation) and that the message was not altered in transit (integrity). Digital signatures are commonly used for software distribution, financial transactions, and in other cases where it is important to detect forgery or tampering.
Digital signatures are often used to implement electronic signatures, a broader term that refers to any electronic data that carries the intent of a signature, but not all electronic signatures use digital signatures. In some countries, including the United States, India, and members of the European Union, electronic signatures have legal significance.
Half hour presentation about Free/Open Source Software and Intellectual Property. Case study about the Research Agreement to make an overview of the IP of iText, a Java-PDF library. Some examples of issues that were dealt with.
Belgium and the US: a mutual introductionBruno Lowagie
Slide deck for my guest lecture at the University College Leuven Limburg about doing business in Belgium and doing business in the US, based on my own experience at iText.
Doing business in the US: Yes, You Can!Bruno Lowagie
Draft of the slide deck for my talk at VOKA on Friday, September 5, 2014: http://www.voka.be/oost-vlaanderen/opleidingen/2014/9/zakelijk-succes-in-de-vs/
Waarom iText de Leeuw van de Export 2016 moet winnenBruno Lowagie
10 redenen waarom iText volgende week de Leeuw van de Export niet mag verliezen. We zijn #1 exportkampioen, #2 groeikampioen, #3 werkgever, #4 innovator, #5 expert, #6 evangelist, #7 ambassadeur, #8 ondernemer, #9 reiziger, en #10 winnaar.
Easy contributable internationalization process with Sphinx (PyCon APAC 2015 ...Takayuki Shimizukawa
Sphinx can extract paragraphs from sphinx document and store them into gettext format translation catalog files.
Gettext format translation catalog is easy to translate from one language to other languages.
Also Sphinx support internationalization by using such catalog files.
You can use your favolite editors or services to translate your sphinx docs.
In this session, I'll explain 3 things; (1) entier process to translate sphinx docs. (2) automation mechanism for the process. (3) tips, tricks and traps for wrinting docs and translating.
Easy contributable internationalization process with Sphinx @ pyconsg2015Takayuki Shimizukawa
Sphinx can extract paragraphs from sphinx document and store them into gettext format translation catalog files.
Gettext format translation catalog is easy to translate from one language to other languages.
Also Sphinx support internationalization by using such catalog files.
You can use your favorite editors or services to translate your sphinx docs.
In this session, I'll explain 3 things; (1) entire process to translate sphinx docs. (2) automation mechanism for the process. (3) tips, tricks and traps for writing docs and translating.
Hiding Malicious Content in PDF Documentsdeathwing
Proof-of-concept demonstration for a specific digital signatures vulnerability that shows the ineffectiveness of the WYSIWYS (What You See Is What You Sign) concept.
How to Integrate Internet of Things with Webserver with Ionela
The project is integrating several technologies, found during the investigation of Flyport :
- Web server
- Wifi connection
- Dynamic variables substitutions (in xml files)
- Ajax callbacks
- jQuery use case
- Dynamic Memory allocation (malloc/free) (see heap.s)
- Web service calls : for tweeter, thingspeak and nimbits
http://openpicus.blogspot.com/2012/01/flyport-web-controlled-simulator-tweet.html
Easy contributable internationalization process with Sphinx @ pyconmy2015Takayuki Shimizukawa
Sphinx can extract paragraphs from sphinx document and store them into gettext format translation catalog files.
Gettext format translation catalog is easy to translate from one language to other languages.
Also Sphinx support internationalization by using such catalog files.
You can use your favorite editors or services to translate your sphinx docs.
In this session, I'll explain 3 things; (1) entire process to translate sphinx docs. (2) automation mechanism for the process. (3) tips, tricks and traps for writing docs and translating.
Tweepy is an open source Python package that gives you a very convenient way to access the Twitter API with Python. Tweepy includes a set of classes and methods that represent Twitter's models and API endpoints, and it transparently handles various implementation details, such as: Data encoding and decoding.
Easy contributable internationalization process with Sphinx @ PyCon APAC 2016Takayuki Shimizukawa
Sphinx can extract paragraphs from sphinx document and store them into gettext format translation catalog files.
Gettext format translation catalog is easy to translate from one language to other languages.
Also Sphinx support internationalization by using such catalog files.
You can use your favorite editors or services to translate your sphinx docs.
In this slide, I'll explain 3 things; (1) entire process to translate sphinx docs. (2) automation mechanism for the process. (3) tips for writing docs and translating.
How bol.com makes sense of its logs, using the Elastic technology stack.Renzo Tomà
Presentation given by Renzo Tomà as "Tech and Use Case Deep Dive", during the Elastic{ON}Tour 2015 event in Amsterdam on October 29th.
Explanation of how bol.com is using the Elastic ELK stack to power a logsearch platform. Lots of details on the types of sources and number of feeds. Some history and reasoning why the current set of in-process JSON based logshippers are used. Links to the bol.com github account for the logshipper projects. The presentation ends with two special sauces: fun things you can do with lots of data in Elasticsearch. The 1st sauce is 'the call stack' - tagging each request with a unique ID, passing that ID along to all service calls and making sure this ID ends up in all access logging, enables you to group all calls together and get a call stack. The 2nd sauce is a way of generating a service map using access logging and some logstash magic.
I love questions and feedback. My mail address can be found in the presentation.
In this presentation, I look at the valuation of start-ups from two different angles: from the point of view of the founder/owner and from the point of view of the investor/business angel.
Open Source Survival: A Story from the TrenchesBruno Lowagie
In this slide deck, I discuss eight different ways you can make money as an open source developer. It's part of a series of presentations to promote my book "Entreprenerd."
Easy contributable internationalization process with Sphinx (PyCon APAC 2015 ...Takayuki Shimizukawa
Sphinx can extract paragraphs from sphinx document and store them into gettext format translation catalog files.
Gettext format translation catalog is easy to translate from one language to other languages.
Also Sphinx support internationalization by using such catalog files.
You can use your favolite editors or services to translate your sphinx docs.
In this session, I'll explain 3 things; (1) entier process to translate sphinx docs. (2) automation mechanism for the process. (3) tips, tricks and traps for wrinting docs and translating.
Easy contributable internationalization process with Sphinx @ pyconsg2015Takayuki Shimizukawa
Sphinx can extract paragraphs from sphinx document and store them into gettext format translation catalog files.
Gettext format translation catalog is easy to translate from one language to other languages.
Also Sphinx support internationalization by using such catalog files.
You can use your favorite editors or services to translate your sphinx docs.
In this session, I'll explain 3 things; (1) entire process to translate sphinx docs. (2) automation mechanism for the process. (3) tips, tricks and traps for writing docs and translating.
Hiding Malicious Content in PDF Documentsdeathwing
Proof-of-concept demonstration for a specific digital signatures vulnerability that shows the ineffectiveness of the WYSIWYS (What You See Is What You Sign) concept.
How to Integrate Internet of Things with Webserver with Ionela
The project is integrating several technologies, found during the investigation of Flyport :
- Web server
- Wifi connection
- Dynamic variables substitutions (in xml files)
- Ajax callbacks
- jQuery use case
- Dynamic Memory allocation (malloc/free) (see heap.s)
- Web service calls : for tweeter, thingspeak and nimbits
http://openpicus.blogspot.com/2012/01/flyport-web-controlled-simulator-tweet.html
Easy contributable internationalization process with Sphinx @ pyconmy2015Takayuki Shimizukawa
Sphinx can extract paragraphs from sphinx document and store them into gettext format translation catalog files.
Gettext format translation catalog is easy to translate from one language to other languages.
Also Sphinx support internationalization by using such catalog files.
You can use your favorite editors or services to translate your sphinx docs.
In this session, I'll explain 3 things; (1) entire process to translate sphinx docs. (2) automation mechanism for the process. (3) tips, tricks and traps for writing docs and translating.
Tweepy is an open source Python package that gives you a very convenient way to access the Twitter API with Python. Tweepy includes a set of classes and methods that represent Twitter's models and API endpoints, and it transparently handles various implementation details, such as: Data encoding and decoding.
Easy contributable internationalization process with Sphinx @ PyCon APAC 2016Takayuki Shimizukawa
Sphinx can extract paragraphs from sphinx document and store them into gettext format translation catalog files.
Gettext format translation catalog is easy to translate from one language to other languages.
Also Sphinx support internationalization by using such catalog files.
You can use your favorite editors or services to translate your sphinx docs.
In this slide, I'll explain 3 things; (1) entire process to translate sphinx docs. (2) automation mechanism for the process. (3) tips for writing docs and translating.
How bol.com makes sense of its logs, using the Elastic technology stack.Renzo Tomà
Presentation given by Renzo Tomà as "Tech and Use Case Deep Dive", during the Elastic{ON}Tour 2015 event in Amsterdam on October 29th.
Explanation of how bol.com is using the Elastic ELK stack to power a logsearch platform. Lots of details on the types of sources and number of feeds. Some history and reasoning why the current set of in-process JSON based logshippers are used. Links to the bol.com github account for the logshipper projects. The presentation ends with two special sauces: fun things you can do with lots of data in Elasticsearch. The 1st sauce is 'the call stack' - tagging each request with a unique ID, passing that ID along to all service calls and making sure this ID ends up in all access logging, enables you to group all calls together and get a call stack. The 2nd sauce is a way of generating a service map using access logging and some logstash magic.
I love questions and feedback. My mail address can be found in the presentation.
In this presentation, I look at the valuation of start-ups from two different angles: from the point of view of the founder/owner and from the point of view of the investor/business angel.
Open Source Survival: A Story from the TrenchesBruno Lowagie
In this slide deck, I discuss eight different ways you can make money as an open source developer. It's part of a series of presentations to promote my book "Entreprenerd."
Slides for the book presentation of "Entreprenerd: Building a Multi-Million-Dollar Business with Open Source Software" in which Bruno Lowagie tells the story about how he developed the open source PDF library iText, how he created an international group of companies for the project, and how he grew the business from start-up to exit.
Open source: an introduction to IP and LegalBruno Lowagie
Open Source India (OSI) Days talk by Bruno Lowagie about intellectual property in the context of open source, about open source licenses, and about keeping track of the IP of your project.
My slides for the Startup Weekend Ghent (December 5-7). It's also kind of a "Best of BizCamp" overview. Three really short, provocative, 10-minute talks about doing business.
Community Leadership Summit - Calistoga March 2013Bruno Lowagie
These are the slides of team 3 at the Community Leadership Summit in Calistoga (at the Open Source Think Tank). Our group discussed the topic "Developer Growth", answering questions such as: How will you attract new developers to participate? How will you retain developers so they become significant and sustained contributors? How will you attract new demographic of developers, outside of the current industry? How will you encourage existing partner organizations to contribute developers to the project? How will you deal with organizational requirements (e.g. NDAs, copyright assignment, re-licensing requirements, etc)? How will you keep developers motivated and feeling they have a sense of personal influence on the project? How will you avoid entitlement?
Bizcamp #8: The Founder's Dilemmas, Control vs. Wealth decisionsBruno Lowagie
In this talk, scheduled for May 28th, Bruno Lowagie, the CEO of the iText Software Group, will talk about the book "The Founder's Dilemmas" by Noam Wasserman, explain the different Control vs. Wealth decisions discussed in this book, and apply what is said in the book to his own business.
Ik heb een paar schetsen gemaakt van een kruispunt dat gevaarlijk is voor fietser. Ik heb twee scenario's getekend om dit kruispunt over te steken. De vragen die ik hierbij heb, zijn: "Heb ik de plicht om dit kruispunt op de gevaarlijke manier over te steken?" of "Heb ik het recht om dit kruispunt op de veilige manier over te steken?"
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Leading Change strategies and insights for effective change management pdf 1.pdf
Zenika - iText in Action
1. iText in Action — 2nd Edition
Bruno Lowagie @ Zenika
March 10, 2011
1T3XT BVBA, the iText Company http://itextpdf.com/
2. About this talk
• 2010:
– History of iText: development & IP
– How to write a book
– Book preview
• 2011:
– Book overview
– Samples: code snippets, PDFs, techniques
– The future of iText
1T3XT BVBA, the iText Company http://itextpdf.com/
6. Chapter info on itextpdf.com
1T3XT BVBA, the iText Company http://itextpdf.com/
7. Part 1
Creating PDF from scratch
• Ch 1: Introducing PDF and iText
• Ch 2: Using iText’s basic building blocks
• Ch 3: Adding content at absolute
positions
• Ch 4: Organizing content in tables
• Ch 5: Table, cell, and page events
1T3XT BVBA, the iText Company http://itextpdf.com/
8. Creating PDF from scratch
Hello World
Creating PDF with iText // step 1
1. Create a Document Document document = new Document();
2. Create a Writer // step 2
3. Open the Document PdfWriter.getInstance(
4. Add content document, new FileOutputStream(filename));
// step 3
5. Close the Document
document.open();
// step 4
document.add(new Paragraph("Hello World!"));
// step 5
document.close();
1T3XT BVBA, the iText Company http://itextpdf.com/
14. Part 2
Manipulating existing PDF documents
• Ch 6: Working with existing PDFs
• Ch 7: Making documents interactive
• Ch 8: Filling out interactive forms
1T3XT BVBA, the iText Company http://itextpdf.com/
25. Fill out the form
• XFA
PdfReader reader = new PdfReader(src);
PdfStamper stamper = new PdfStamper(reader,
new FileOutputStream(dest));
AcroFields form = stamper.getAcroFields();
XfaForm xfa = form.getXfa();
xfa.fillXfaForm(new FileInputStream(xml));
stamper.close();
1T3XT BVBA, the iText Company http://itextpdf.com/
27. A look inside the form
1T3XT BVBA, the iText Company http://itextpdf.com/
28. Part 3
Essential iText skills
• Ch 9: Integrating iText in your web
application
• Ch 10: Brightening your document with
color and images
• Ch 11: Choosing the right font
• Ch 12: Protecting your PDF
1T3XT BVBA, the iText Company http://itextpdf.com/
29. Structure of a
PDF file %PDF-1.x
%âãÏ•
Ó
1 0 obj
...
A PDF file consists 2 0 obj
of a collection of ... (Hello World) Tj ...
objects. xref
A PDF files starts 0 81
0000000000 65535 f
with %PDF-1.x and 0000000015 00000 n
...
ends with %%EOF trailer
<< ... >>
startxref
15787
%%EOF
1T3XT BVBA, the iText Company http://itextpdf.com/
30. Changing the
content of a
PDF file %PDF-1.x
%âãÏ•
Ó
1 0 obj
...
2 0 obj
You can use ... (Hello People) Tj ...
software to change 121 0 obj
...
the content of a xref
PDF document: 0 85
0000000000 65535 f
change a stream, 0000000015 00000 n
add objects (e.g ...
trailer
annotations), and << ... >>
so on. startxref
16157
%%EOF
1T3XT BVBA, the iText Company http://itextpdf.com/
31. What are our concerns?
• Integrity—we want assurance that the
document hasn’t been changed
somewhere in the workflow
• Authenticity—we want assurance that
the author of the document is who we
think it is (and not somebody else)
• Non-repudiation—we want assurance
that the author can’t deny his authorship.
1T3XT BVBA, the iText Company http://itextpdf.com/
32. Integrity
• A digest is computed over a range of
bytes from the file.
• This ByteRange is signed using the private
key of the sender.
• This digest and the sender’s Certificate
are embedded in the PDF.
• The receiver compares the embedded
digest with the digest of the content.
1T3XT BVBA, the iText Company http://itextpdf.com/
33. Digital
Signature
field %PDF-1.x
%âãÏ•Ó
1 0 obj
...
2 0 obj
A signed PDF file <<
contains a signature /Type/Sig /Contents/...
>>
dictionary. ...
The binary value of xref
0 81
the PDF signature is 0000000000 65535 f
...
placed into the trailer
Contents entry of a << ... >>
startxref
signature dictionary. 15787
%%EOF
1T3XT BVBA, the iText Company http://itextpdf.com/
34. Embedded
Digital
Signature %PDF-1.x
%âãÏ•
Ó
...
2 0 obj
<<... /Type/Sig /Contents<
The digital
DIGITAL
signature isn’t part SIGNATURE
of the ByteRange. > ... >>
xref
There are no bytes 0 81
in the PDF that 0000000000 65535 f
...
aren’t covered, trailer
other than the PDF << ... >>
startxref
signature itself. 15787
%%EOF
1T3XT BVBA, the iText Company http://itextpdf.com/
35. Cryptography
• Symmetric key algorithms: the same key
is used to encrypt and decrypt content.
• Asymmetric key algorithms: a public key
is used to encrypt, a private key is used to
decrypt (for encryption purposes).
• Or, a private key is used to encrypt, a
public key is used to decrypt (for digital
signatures).
1T3XT BVBA, the iText Company http://itextpdf.com/
36. Obtain a public/private key
• Create your own keystore (with the
private key) and self-signed certificate
(with the public key); e.g. using keytool
• Ask a Certificate Authority (CA) to sign
your certificate to prove your identity
• A Certificate signed by a CA’s private key
can be decrypted with the CA’s root
certificate (stored in Adobe Reader)
1T3XT BVBA, the iText Company http://itextpdf.com/
37. Digital Signatures
Stored on the producer’s side Received by the consumer
• Certificate %PDF-1.x
– Public key ...
/ByteRange ...
– Identity info
/Contents<
• Private key DIGITAL SIGNATURE
• Original document • Certificate
• Signed Message Digest
ByteRange • Timestamp
>...
%%EOF
1T3XT BVBA, the iText Company http://itextpdf.com/
38. Possible architecture
Application Device
%PDF-1.x
...
DIGITAL SIGNATURE
• Certificate
• Signed Message
Digest
• Timestamp
...
%%EOF
Existing PDF document Fill out signature field Externally sign digest
Created by PDF producer Using iText created with iText
1T3XT BVBA, the iText Company http://itextpdf.com/
39. Displaying digital signatures
• Digital signatures are part of the file
structure: it isn’t mandatory for a digital
signature to be displayed on a page.
• Digital signatures are listed in the
signature panel.
• A digital signature can be visualized as a
field widget (this widget can consist of
graphics, text,...).
1T3XT BVBA, the iText Company http://itextpdf.com/
44. Important note
• A signature signs the complete
document.
• The concept of signing separate pages in
a document (“to initial a document”)
doesn’t exist in PDF.
• Legal issue: how to prove that a person
who signed for approval has read the
complete document?
1T3XT BVBA, the iText Company http://itextpdf.com/
45. Serial
signatures %PDF-1.x
% Original document
DIGITAL SIGNATURE 1
...
A PDF document can %%EOF Rev1
be signed more than % Additional content 1
once, but parallel ...
DIGITAL SIGNATURE 2
signatures aren’t
...
supported, only %%EOF Rev2
serial signatures: % Additional content 2
...
additional signatures
DIGITAL SIGNATURE 3
sign all previous
...
signatures. %%EOF Rev3
1T3XT BVBA, the iText Company http://itextpdf.com/
47. Types of signatures
• Certification (aka author) signature—
only possible for the first revision;
involves modification detection
permissions.
• Approval (aka recipient) signature—
workflow with subsequent signers.
• Usage Rights signature— involving
Adobe’s private key to Reader enable a
PDF (off-topic here).
1T3XT BVBA, the iText Company http://itextpdf.com/
48. Problems solved?
• Integrity—signature is invalidated if bytes
are changed
• Authenticity—Certificate Authority
verifies the identity of the owner of the
private key
• Non-repudiation—the author is the only
one who has access to the private key
1T3XT BVBA, the iText Company http://itextpdf.com/
49. What if?
• What if the author’s private key is
compromised?
• What if the author falsifies the creation
date of the document?
• What if the certificate expires too soon?
1T3XT BVBA, the iText Company http://itextpdf.com/
50. Revocation checking
• Certificate Revocation List (CRL)
The certificate is checked against a list of
revoked certificates.
• Online Certificate Status Protocol (OCSP)
The revokation status is obtained from a
server.
If the certificate was revoked, the
signature is invalid.
1T3XT BVBA, the iText Company http://itextpdf.com/
52. Timestamping
• The timestamp of a signature can be
based on the signer’s local machine time,
• Or the signer can involve a Time Stamp
Authority (TSA). The message digest is
sent to a trusted timestamp server. This
server adds a timestamp and signs the
resulting hash using the TSA’s private key.
• The signer can’t forge the time anymore.
1T3XT BVBA, the iText Company http://itextpdf.com/
54. PAdES - LTV
• PAdES: PDF Advanced Electronic Signatures
• LTV: Long Term Validation
• Requires extensions to ISO-32000-1
• Described by ETSI in TS 102 778 part 4
• Requires Document Security Store (DSS)
and Document Timestamp
• A new DSS+TS are added before expiration
of the last document timestamp
1T3XT BVBA, the iText Company http://itextpdf.com/
55. Part 4
Under the hood
• Ch 13: PDFs inside-out
• Ch 14: The imaging model
• Ch 15: Page content and structure
• Ch 16: PDF streams
1T3XT BVBA, the iText Company http://itextpdf.com/
66. Flash component in PDF
1T3XT BVBA, the iText Company http://itextpdf.com/
67. The future of iText
Five ideas for 2011
• The frustration of working with HTMLWorker
• Finally start working on XFA to PDF conversion
• Digital Signatures: PAdES, timestamps,...
• Eclipse plug-in for iText
• iText for Android
Additional ideas:
• Accessibility (Tagged PDF, PDF/UA?)
• GIS Options
1T3XT BVBA, the iText Company http://itextpdf.com/
68. HTMLWorker
• Support for straight forward HTML
– No URL to PDF conversion yet
– Support for more HTML tags and CSS styles
– Target for iText 5.1 (April 2011)
• HTML generated with FCKEditor and TinyMC
• “Rich Text” as defined in XFA and PDF specs
• Support for all HTML would be nice too
– Full blown HTML to PDF conversion
– Do what a browser does
1T3XT BVBA, the iText Company http://itextpdf.com/
69. XFA to PDF
• The new HTMLWorker will be based on a
new class XMLWorker
• XFA is the XML Forms Architecture
• With Adobe’s “Rich Text”, we’re already
implementing a small part of the XFA.
• Once iText 5.1 is released we’re ready to
start an XFA to PDF project, but...
• Is there a sponsor for such a project?
1T3XT BVBA, the iText Company http://itextpdf.com/
70. Digital Signatures
• PAdES: needs to be in future iText version
• Signing server: product?
• Timestamp server: service?
1T3XT BVBA, the iText Company http://itextpdf.com/
71. iText for Android
• iText light for phones
– Demo: Hello world
• iText full for tablet PCs
1T3XT BVBA, the iText Company http://itextpdf.com/