PDF Comparison Check

Question

I know that there are several ways of achieving this solution so I was hoping for some advice from anybody that might have implemented such a solution previously or anybody that has an idea.

I need to authenticate a PDF as 'unequivocally' genuine. I am currently tending towards providing an upload section on the web application and then using a binary check to authenticate it. The PDFs are originally generated by a web application and whilst the PDFs are generated/destroyed dynamically so I don't have access to the exact PDF that was originally generated, I can regenerate the PDF on demand.

My concerns are:

• Assuming all the settings are identical, would the PDF generating software theoretically generate binary identical PDFs each time?
• Would the PDF binary be changed (at all) by being sent as an email?

Thanks in advance for any advice.

Answer 1

I need to authenticate a PDF as 'unequivocally' genuine

I think should not re-invent the wheel. You can use PDF Digital Signatures which were created for this purpose. Most PDF generating libraries support this feature.

Assuming all the settings are identical, would the PDF generating software theoretically generate binary identical PDFs each time?

It depends on the "PDF generating software". While generating a PDF file sometimes unique IDs are needed, depending on how these IDs are generated you may or may not get identical files at a binary level.

Would the PDF binary be changed (at all) by being sent as an email?

It should not, if it does it will probably get corrupt.

Answer 2

No, the PDFs will not be binary identical: PDFs should contains their creation time (which will be different) and an ID (which should also be unique).