Can you add a timestamped no-tamper-proof to a PDF without "signing" it?
When signing a PDF using digital signature, one can use a trusted timestamping service to add a time-stamp token that is signed by the timestamping authority. When viewing the signature of the PDF then, it will say that it contains a signed timestamp and that it has not been tampered with since that time (if it hasn't).
Technically what happens isn that the hash of the pdf content gets sent to the TSA (RCF3161), that hash is put into a structure together with the current timestamp (as determined by the timestamping authority) plus some metadata and that is then signed and sent back. This then provides proof that a PDF has not been changed since this point in time.
Technically it should be possible therefore to create such a timestamp proof without signing the document itself with an additional signature. Is that somehow supported though by the PDF standard (and also in terms of Acrobat Reader then being able to show this timestamp somehow)?
Of course I could just do it manually, take the SHA-256 hash of the file's binary representation, send it to the TSA service and store the received token in an external file, but preferrably I'd like to embedd the no-tamper proof into the PDF and such that Acrobat Reader can display it.
Is this possible? If so, how?
You can embed pure RFC 3161 time stamps in a PDF. This construct is called a document timestamp.
This structure has been originally specified in ETSI TS 102 778-4 (Annex A.2) in 2009 as a means to purely timestamp a previously signed PDF with some validation related information added in revisions after the signed one. As PAdES developed, this specification finally found its way into ETSI EN 319 142-1 (section 5.4.3).
While ETSI could only specify the structure as extension to ISO 32000-1 (PDF 1.7), the responsible ISO committee added it to the core ISO 32000-2 (PDF 2) in 2017.
Concerning your questions in comments:
Is this compatible with PDF/A?
I think they are not compatible with PDF/A-1, PDF/A-2, and PDF/A-3. As PDF/A-4 is based on ISO 32000-2, though, I assume it will be compatible. (I have not yet had a look at ISO 19005-4...)
Is there a way to create those with Acrobat Reader?
It should be possible with some Adobe Acrobat version. It is (currently) not possible with the base Adobe Acrobat Reader version. Probably, though, Adobe Acrobat Reader with some of its fee-based, built-in tools can create them.
optimally I'd like to have a cli tool or be able to do it through some library
Any not outdated general PDF signing library should support the creation of document time stamps.
but first I want to test how they are displayed later in Acrobat Reader
Like this:
The first entry is a Signature with an embedded signature timestamp, the second entry is a document time stamp.
- Extracting RFC 3161 timestamp from digitally signed PDF using Javascript
- PDF.JS Preview large pdf file (> 200MB) on client side, that was sent from server side
- PostScript - Preserve internal hyperlinks in PDF
- How to program a text search and replace in PDF files
- Loop to enter email address and attach applicable pdf
- 404 error when fetching PDFs in my github repository
- Combining PDF with GhostScript: Using Original Bookmarks with corrected page numbers
- Python string: extract duplicated and randomly merged substring
- Scale Quarto PDF table output to fit page
- Convert PDF page to image with PyPDF2 and BytesIO
- Apply PDFA Conformance Level using itext7 Unexpected end of file
- How to compare 2 pdfs and return true/false if they are the same (have same content) without using any pdf library?
- How to get a PDF/print version of kubernetes' docs?
- How to delete the hidden cropped elements from a pdf from the command line?
- How to Merge Two PDF Files Using jsPDF
- Java: need to create PDF from byte array
- C# IronPDF send plain text to a PDF
- Extract Devanagari text from PDF file and insert into NSTextView while retaining original font?
- How can I process a pdf using Open AI's APIs (GPTs)?
- How to use mPDF for Chinese Language
- django - pisa : adding images to PDF output
- Issue Sharing Images from Multi-Page PDF in Flutter
- Ranges in CMap files
- How to enter external pdf into quarto book while keeping page layout+numbering
- Vue + Laravel: How to properly download a PDF file?
- C# 4.0: Convert pdf to byte[] and vice versa
- What can I do to change this Edge PDF frame behaviour without JavaScript (Firefox works OK)
- Change some input-fields in a PDF?
- Can't draw SVG in PDF with Apache FOP - Unknown formatting object "{}svg" encountered (a child of fo:instream-foreign-object}
- The PDF file starts with the header %pdf. Can a valid pdf file have more than 1 such headers?