Sign pdf asynchronously using digest

Question

I\'m trying to do the following setup for signing pdfs, broken down into asynchronous steps between a client and a server:

1. A server receives a pdf and computes it\

Answer 1

What I'm basically doing is sending that digest to the client to sign and then on the server redoing the above steps and setting the client signature

If you want those above steps to generate identical documents, you need to

• make sure the inputs to those steps are identical and
• provide the same revision id seed value.

If you do so, the outputs of the above steps are identical as is required for your task.

Making sure the inputs are identical

One step of your above steps is prone to result in different inputs:

Calendar date = Calendar.getInstance();
signature.setSignDate(date);

To guarantee identical inputs, you have to determine date only once and use that single value every time you execute those steps for the same signing transaction.

Providing the same revision id seed value

As recommended by the specification, PDFBox attempts to give each PDF revision its unique ID. In the case at hand, though, we need the same revision ID both times the above steps are executed.

Fortunately, PDFBox allows us to provide the seed value it uses to make the revision ID unique enough.

As we don't want to same revision ID all the time we sign the same document but merely during the current signing transaction, we should use the same seed value only in the same transaction. As the seed value is a long, we can simply use the time in milliseconds corresponding to the date already discussed above, i.e.:

pdDocument.setDocumentId(date.getTimeInMillis());