I want to embed custom data to pdf file. These data are information about user. The data will be encrypted.
I would like to store this encrypted data as securely as possible in a pdf document. I would like to protect this data from unauthorized access and attempts to extract it from the document.
After adding this data, the document will be signed with a digital certificate to ensure the integrity of the document.
But first I am wondering how to save this data securely to a pdf file.
I have heard about adding such data to metadata, but it seems to me that it is too dangerous and the user can access this data very easily, I am looking for a better and safer way.
I would appreciate it very much if you could direct me to a solution and give me ideas
@KJ thank you for your response! The pdfs will be specific, they will be medical related and according to local law such files must have user biometrics. This is a project for my studies, I need to create such a full-fledged application compliant with good security practices and eIDSA. The app will generate a pdf file with user’s encrypted biometric data in it, and the pdf will be stored on the app’s server and send to the user. I am at the stage where I am wondering how best to store such data in a pdf and what are the best practices.
@KJ I’ve tried to look for information, but unfortunately I haven’t found anything about it, honestly I don’t even know where to look for such specialized knowledge about pdfs
@KJ This data must be an integrated part of pdf file, because of the law in European Union :/. Pdfs will be stored in organization, but also send to the user.
and ofc the user’s data will be encrypted using AES algorithm so in case someone pulls the data it won’t give them too much
Yeah u are right, but my situation is different. Only the signature will be visible and that as an image. The user’s data is the biometric data, that is, the string of digits that define his signature and all the data about this signature such as pressure, speed, signature time, etc. It will be encrypted on the server and only I should have a possibility to decrypt the biometric signature data.
Show 13 more comments