You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@pdfbox.apache.org by Predrag Stojković <Pr...@comtrade.com.INVALID> on 2024/02/27 10:38:03 UTC
Adding Annotations to Signed PDF Causes Signatures To Appear Invalid
Hello all,
I'm using Apache PDFBox 3.0.1, and I tried to add annotations to an existing PDF document, using basically the same code as supplied in example class org.apache.pdfbox.examples.pdmodel.AddAnnotations.
There are only few differences to the original code, i.e. I'm loading an existing document using
PDDocument document = Loader.loadPDF(new RandomAccessReadBufferedFile(args[0]))
instead of making a new one, and I'm skipping the lines in example where contents of new file are created, because my file already has some content.
This existing document has electronic signature on it.
After running the example code, and adding annotations to the document, when I open that document in Adobe Acrobat Reader (should be the latest version, 23.8.20555.0), and then try to validate signatures, it first shows an error message:
There was an error creating a temporary file.
Then, when I look at the Signature Panel, it show the following:
Signature is invalid:
There are errors in the formatting or information contained in this signature (support information: SigDict /Contents illegal data)
My code, as well as the PDF document can be found on address:
https://files.fm/u/bsm5vzg9wk
This PDF was signed most likely by custom code based on an old version of iText, but I have also tried on another document which was produced by Adobe Acrobat and signed by GetAccept service (I haven't provided this document, but I probably could if needed), and the behaviour is the same after adding annotations.
Can you please check what is happening here?
Best regards,
Predrag Stojković
Re: Adding Annotations to Signed PDF Causes Signatures To Appear Invalid
Posted by Tilman Hausherr <TH...@t-online.de>.
Hi,
You're using an ordinary save(). The signature will no longer work
because the signed file segment has changed. You need to use
saveIncremental(). Use the method that takes a list of COSDictionaries.
And remove the showPageNo() part, I assume Adobe will not like that
because you're changing the looks of the page. Another problem is that
the DocMDP value is 3, which means:
2 Permitted changes shall be filling in forms, instantiating page
templates, and signing; other changes shall invalidate the signature.
3 Permitted changes shall be the same as for 2, as well as annotation
creation, deletion, and modification; other changes shall invalidate the
signature.
Thus add annotations only, don't change the page contents. Assuming that
the annotations array already existed, you need to include the page
COSDictionary object and each annotation COSDictionary object to the
list mentioned earlier. (possibly the annotation appearance too).
Tilman
On 27.02.2024 11:38, Predrag Stojković wrote:
> Hello all,
>
> I'm using Apache PDFBox 3.0.1, and I tried to add annotations to an existing PDF document, using basically the same code as supplied in example class org.apache.pdfbox.examples.pdmodel.AddAnnotations.
>
> There are only few differences to the original code, i.e. I'm loading an existing document using
> PDDocument document = Loader.loadPDF(new RandomAccessReadBufferedFile(args[0]))
> instead of making a new one, and I'm skipping the lines in example where contents of new file are created, because my file already has some content.
>
> This existing document has electronic signature on it.
> After running the example code, and adding annotations to the document, when I open that document in Adobe Acrobat Reader (should be the latest version, 23.8.20555.0), and then try to validate signatures, it first shows an error message:
> There was an error creating a temporary file.
>
> Then, when I look at the Signature Panel, it show the following:
> Signature is invalid:
> There are errors in the formatting or information contained in this signature (support information: SigDict /Contents illegal data)
>
> My code, as well as the PDF document can be found on address:
> https://files.fm/u/bsm5vzg9wk
>
> This PDF was signed most likely by custom code based on an old version of iText, but I have also tried on another document which was produced by Adobe Acrobat and signed by GetAccept service (I haven't provided this document, but I probably could if needed), and the behaviour is the same after adding annotations.
>
> Can you please check what is happening here?
>
> Best regards,
> Predrag Stojković
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@pdfbox.apache.org
For additional commands, e-mail: users-help@pdfbox.apache.org