开发者

Where to place the digital signature of the documents in my system?

I am developing an archiving system that stores documents in a database and provides various functionalities to the user. I have added a part to sign and verify any document in the database. However, I am stuck with the logic and wondering where should I place the signing function.

Hints about my aims:

  • No document should be uploaded on the database without a signature
  • If a document is not changed it sho开发者_运维知识库uld retain its signature
  • If the document does not own a signature .. it should be signed with uploader's signature
  • The signature will not encrypt the file so it will still be readable after the signing process is applied

    The initial solution I have used is to place the signing procedure in in the form that is called by the Upload button and store the signature of the file in a separate column in the Documents table in the database. However, that solution turned out to be invalid for my scenario as if an employee downloaded a file and then uploaded it again, then it will be signed by him and thus, the original signature will be lost. Also, the signature will be with no significance out side the system.

    My main question:

    Is there a way to store the signature inside the documents?

    Hint: My system will deal only with PDF, JPEG, Tiff, MS Office and TXT Documents.

    Subsidiary Request: It would be awesome if there's a way to store the signature in any type of files!


    Is there a way to store the signature inside the documents?

    A digital signature must be built using a hash of the document that is being signed. Since adding a signature to a document modifies the document (which invalidates the hash), there is no general solution to storing a digital signature inside a document.

    Some document formats allow for digital signing and define what portion is to be excluded from the hash, but those formats that were listed—as far as I know—are not among them. (Though PGP could be used on TXT documents.)


    Since signatures sign the hash of a document, you could simply create a table mapping hashes to signatures. Thus, downloading and re-uploading a document will not remove existing signatures, since the hash will remain the same. The usefulness of this approach depends, of course, on the semantic meaning of a signature in your system.

  • 0

    上一篇:

    下一篇:

    精彩评论

    暂无评论...
    验证码 换一张
    取 消

    最新问答

    问答排行榜