I need to digitally sign MS Office and PDF files that are stored on a server. I really mean a digital signature that is integrated in the document, according to each specific file formats.
This is the process I had in mind :
- Create a hash of the file's content
- Send the hash to a custom written java applet in the browser
- The user encrypts the hash with his/her private key (on an usb token via PKCS#11 for example), thus effectively signing the file.
- The applet then sends the signature to the server
- On the server I would then incorporate the signature in the file's (MS Office and PDF files can do that without changing the file's content, probably by just setting some metadata field)
What is cool is that you never have to download and upload the complete file to the server again. What is even cooler, the customer doesn't need Office or PDF Writer to sign the files.
Parts 2, 3 and 4 are OK for me, my company bought all the JAVA technology I need for that for a previous project I worked on.
Problem : I can't seem to find any documentation/examples to do parts 1 and 5 for Office files . Are my google skills failing me this time ?
Do you have any pointers to documentation or examples for doing that for MS Office files ? The underlying technology isn't that important to me : I can use Java, .Net, COM, any working technology is OK !
Note : I'm 95% sure I can nail points 1 and 5 for PDF files using iText
Thanks
** Edit : If I can't do that with hashes and must download the complete file to the client, it's also possible. But then I still need the documentation to be able to sign Office file... in java this time (from an applet)