You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@pdfbox.apache.org by "Thomas Chojecki (JIRA)" <ji...@apache.org> on 2011/01/08 13:37:52 UTC
[jira] Issue Comment Edited: (PDFBOX-912) PDF signing interface and
improvments
[ https://issues.apache.org/jira/browse/PDFBOX-912?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12979119#action_12979119 ]
Thomas Chojecki edited comment on PDFBOX-912 at 1/8/11 7:37 AM:
----------------------------------------------------------------
Hi Adam and a happy new year :)
1. The user can't pass a COSFIlterInputStream, because he didn't know the ByteRang to parametrize the Stream.
2. Memory efficient isn't easy with the crypto. library BouncyCastle (BC). I can't find a method that accept InputStreams of the content that should be sign. Only a OutputStream is offert. Realy crappy, because the output is a small signature. Don't know how to fix this without modifying BC. Thats why i recommend to provide a additional jar file for the implementation, because there aren't a good way to use the code on cellphones or mobile devices.
Optimization
1. Good work, the RandomAccess File will help a lot in saving some memory.
To look inside a pdf you didn't need to decompress it. Use a hex editor and look at the end for startxref and the offset [1]. You will find the offset and then you can jump to it and you will find the xref table [2].
2. see the upper 2. section. But your right. the involved people can answer it better.
3. documents with much objects are mostly linearized because the xref table grow and xrefstreams are compressed. also every web optimized document is linearized. The benefit is that the document is splitted in chunks and the browser didn't need to load the whole document for display the current page.
to implement this xref stream, the developer need some knowledge about png kompression.
Attachment
[1] http://media-nation.de/~rayman2200/pdf1.png
[2] http://media-nation.de/~rayman2200/pdf2.png
was (Author: tchojecki):
Hi Adam and a happy new year :)
1. The user can't pass a COSFIlterInputStream, because he didn't know the ByteRang to parametrize the Stream.
2. Memory efficient isn't easy with the crypto. library BouncyCastle (BC). I can't find a method that accept InputStreams of the content that should be sign. Only a OutputStream is offert. Realy crappy, because the output is a small signature. Don't know how to fix this without modifying BC. Thats why i recommend to provide a additional jar file for the implementation, because there aren't a good way to use the code on cellphones or mobile devices.
Optimization
1. Good work, the RandomAccess File will help a lot in saving some memory.
To look inside a pdf you didn't need to decompress it. Use a hex editor and look at the end for startxref and the offset [1]. You will find the offset and then you can jump to it and you will find the xref table [2].
2. see the upper 2. section. But your right. the involved people can answer it better.
3. documents with much objects are mostly linearized because the xref table grow and xrefstreams are compressed. also every web optimized document is linearized. The benefit is that the document is splitted in chunks and the browser didn't need to load the whole document for display the current page.
to implement this xref stream, the developer need some knowledge about png kompression.
> PDF signing interface and improvments
> -------------------------------------
>
> Key: PDFBOX-912
> URL: https://issues.apache.org/jira/browse/PDFBOX-912
> Project: PDFBox
> Issue Type: Improvement
> Components: PDFReader, PDModel, PDModel.AcroForm, Writing
> Affects Versions: 1.4.0
> Reporter: Thomas Chojecki
> Assignee: Adam Nichols
> Priority: Minor
> Attachments: cos_object_improvement_patch.txt, fields_annotations_patch.txt, interface_options_patch.txt, io_patch.txt, main_documents_patch.txt, parser_patch.txt, signature_exception_patch.txt, test.pdf, test_signed.pdf, writer_patch.txt
>
>
> This is a first version of a signing interface for pdfbox. There are some design issues i could not handle without rewriting too much of the code.
> Here we go:
> - incremental update support (tested for signatures with pdf/a compatibility), not compatible with encrypted documents nor with xref-streams
> - cos object improvment
> -- COSString with ability to force writing hexbin for given string
> -- COSBase with ability to write direct into a dictionary (that means if this is set, no indirect object will be wrote) (sry hard to explain what i mean, actualy needed for incremental update to lower the rate of indirect objects)
> -- COSBase with ability to force writing object (this hook help the COSWriter write needed objects for inkremental update)
> -- COSName added new names
> -- COSDocument some getter and setter for handling new signature and incremental features
> - SignatureException with some exceptions for handling the bunch of new possible errors
> -Parser improvments
> -- PDFParser saves now the position of the last startxref
> -- VisualSignatureParser (hook for parsing visual signature templates) (it's only for prepared visualisation that should be merged with the document)
> -IO improvments
> -- COSFilterInput helps to find the proper content that should be hashed / signed
> -- COSStandardOutputStream is tricky, it helps the writer to jump to the right place in the document
> -- COSWriter got some improvments for incremental update
> -- COSWriterXRefEntry needed for incremental updates and writing the new Xref table
> - PDDocument
> -- got a new method addSignature with the needed implementation (do the whole signature stuff)
> -- cleanup
> - Fields and Annotations
> -- PDSignature represent the signature dictionary
> -- PDSignatureFild / Annotation are the visible & unvisible signature representations
> - Signature Interface and options
> -- SignatureInterface the interface that shall be implemented for proper signing
> -- SignatureOptions, some additional options for signing
> Patch splited into pieces
> sry for spelling, didn't include a spellchecker for english.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.