Source: http://itext.ugent.be/articles/eid-pdf/index.php?page=4#start
===============

the Belgian eID and PDF:
Forms and Digital Signatures

These are my notes for my GovCamp presentation in Brussels (September 21, 2006; between OSCon and DrupalCon).

I was asked to talk about the Belgian eID; the eID is the new Belgian identity card in the form of a smartcard. I am not an eID expert, so I decided to change the focus of the presentation to a technology I know rather well: the Portable Document Format (PDF).

In this article you will learn:

• how to create a PDF document containing an interactive form (an AcroForm)
• how to fill this form with data retrieved from the eID
• how to use your eID to add an ordinary digital signature (recipient signature) as well as a certifying signature (author signature) to a PDF document

The conclusion will be that you really don't need to be an eID expert to achieve all this. If I can do it, so can you ;-)

previous page | page 1 | page 2 | page 3 | page 4

Summary

In this presentation we have learned more about the following topics:

Forms in a PDF document

We have learned:

• How to create a form using iText
• How to use a PDF form in a web application
• How to use a PDF form as a template
• How to flatten a form
• How to retrieve data from a form

Note that XFA forms are not yet supported in iText, and that special usage rights can only be added using official Adobe software.

The Belgian eID and PDF

We have used an eID to:

1. Fill in a form with data retrieved from the eID
2. Learn about the different certificates on an eID
3. Add one or more recipient (or ordinary) signature to a PDF document
4. Add one author (or certifying) signature to a PDF document

Note that we have use the qualified (or non-repudiation) certificate to add the signatures. The hash of the PDF document content was generated on a Vasco DigiPass 850 smartcard reader.

We didn't go into details. I hope you agree you didn't have to be an eID specialist to understand the principles of using an eID in combination with PDF documents. You can find out more about PDF in my book. At the bottom of this page you'll find some interesting links to pages about the eID.

Extra links

Resources

• eIDpdf.ppt: a powerpoint presentation
• eid-pdf.zip: the source code, jars and PDF files that accompany this article

All examples in this article were created using the Java version of iText. There are also some .NET ports of iText available. If you have .NET eID software, it should be possible to adapt the examples so that they work in a .NET environment too.

Other articles on this subject

• Bill Segraves pages: Using iText to Save PDF Form Data
• The Code Project: E-signing PDF documents with iTextSharp by Alaa-eddine Kaddouri

Relevant mailinglist questions regarding signatures

• A digital signatures example to get you started in .NET: GMANE Nabble
• How to use an image for the signature appearance: GMANE Nabble
• Appearances created by iText: GMANE
• How to find the names of the signature fields: GMANE Nabble
• Can I remove a digital signature? GMANE Nabble
• How to remove a digital signature? GMANE Nabble
• How to avoid the removal of a digital signature? GMANE Nabble
• Multiple signatures: why don't they work? A very interesting extension of this short article, explaining the different levels of Certifying Signatures: GMANE Nabble

Note that some questions can't be answered because some requirements depend on wrong assumptions:

• You can't change a document without invalidating the signature: GMANE Nabble
• You can't change the appearance of an existing digital signature: GMANE Nabble
• You can't set the Usage Rights of a PDF file with iText: GMANE Nabble

About the book

This article was made from the notes of my presentation for GovCamp Brussels. It is an extended version of Appendix D of the book iText in Action.

You will need this book if you want to know more about creating and manipulating PDF documents.

For instance:

• How to create tables
• How to create PDF documents in an automated process
• How to create forms
• How to fill a form programmatically
• How to sign and verify PDF documents
• and much more besides...

About the eID

This is a list of useful links if you want to know more about the eID

1. GoDot.be: the website of Danny De Cock
2. eid.belgium.be: Belgium's eID portal
3. The Belgian Identity Card (Overview): a short introduction to the eID written by Danny De Cock, Christopher Wolf, and Bart Preneel.
4. FIDIS: a study on id documents
5. rijksregister.fgov.be: the National Registry
6. Certipost: check and download certificates
7. MicroSoft: the eID page
8. Thesis Alexander Goossens (in Dutch): eID; Wat is het? Hoe werkt het? Wat zijn de mogelijkheden?

Further reading on cryptography and digital signatures

1. Wikipedia: digital signature, Certificate Authority, PKI,...
2. The PKI Page
3. Bouncy Castle: Java cryptography resources and open source code
4. Legal issues: A Comparison of Digital and Handwritten Signatures (Paper for MIT 6.805/STS085: Ethics and Law on the Electronic Frontier, Fall 1997)
5. Digital Signatures and Electronic Documents: A Cautionary Tale (IFIP Conference on Communications and Multimedia Security, September 2002)

Acknowledgements

I would like to thank the following people:

• Paulo Soares wrote the code to provide support for ordinary signatures in iText. He also wrote the article How to sign a PDF using iText
• Antonio Iacono provided source code to support certifying signatures in iText
• Danny De Cock wrote the GoDot tool and maintains a site full of useful information on the eID.
• Philippe Frankinet wrote the first code sample on how to sign a PDF using iText
• Bart Van Herreweghe for the invitation to present iText at GovCamp Brussels