You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@pdfbox.apache.org by Thomas Chojecki <in...@rayman2200.de> on 2013/03/04 09:30:21 UTC
Re: Multiple signatures
Am 21.02.2013 10:38, schrieb Vlad Mateescu:
> Hello,
Hi,
> I'm trying to add two signatures with two different certificates in a
> PDF
> file but as soon as it adds the second one, the first signature
> becomes
> invalid.
Can you please try it again with the pdfbox trunk. There were done some
fixes in the last patch. I think your problem isn't related with the one
shown in PDFBOX-1370. The problem there is signing different pages and
this cause that one or more signatures would be invalid.
> I started with the code provided at [1], modified here and there (I'm
> still
> able to sign the document once....or more times using the same
> certificate) and added a function for the second signature. I
> currently
> sign the document like this:
Hmm, sounds for me like an cms issue not an pdf. But please send me one
sample and I try analyse it.
> PDFSigner signer = new PDFSigner(input, output);
> signer.sign(keystore1, password1);
> signer.signR(keystore2, password2);
> signer.document.saveIncremental(.....);
>
> Thanks!
I have to thank you for reporting that issue.
Best regards
Thomas
>
>
> [1] https://issues.apache.org/jira/browse/PDFBOX-1370
Re: Multiple signatures
Posted by Thomas Chojecki <in...@rayman2200.de>.
Am 04.03.2013 12:21, schrieb Maruan Sahyoun:
>> Am 04.03.2013 10:39, schrieb Maruan Sahyoun:
>>> Hi,
>>>
>>> how did you verify that the signature is invalid? It might be the
>>> intended behavior if the verification means that you have e.g. a
>>> yellow exclamation mark in Adobe Acrobat. Why might that be
>>> correct?
>> The exclamation mark tells only that there are minor problems with
>> the signature. If a signature is invalid or can't be parsed, Adobe
>> will show a X instead of a exclamation mark [1]. All other symbols
>> shows that the signature _isn't_ invalid. Adobe complains on the
>> screenshot that the certificate isn't trustful. Trustful means adobe
>> can not check this certificate against his known trust center or the
>> certificate is selfsigned. So if the adobe reader should show a
>> checkmark [2], the certificate need to be marked as trustfulness.
>
> That's why we need to know how you came to the conclusion that the
> signature is invalid.
>
Ok, sorry for that misunderstanding. The screenshot comes from me. I
wanted prove that I can not reproduce that issue. My mistake that I
signed the same page twice so the signature was correct. The problem is
signing different pages and I can reproduce it with the 1.7.x and trunk
(1.8 snapshot) pdfbox version. I hope I can find some time to fix it
soon.
1. I can reproduce it with the sample code signing two different pages
and so the issue is still up-to-date.
2. My appended screenshot shows the wrong case and should be ignored.
>>
>>> Well adding the first signature means the signature is applied with
>>> the state the PDF has as that point in time. Adding the second
>>> signature means adding additional content after the first signature
>> No, that's not correct. The signature covers the whole document
>> incl. the incremental update. So if you sign once you sign the
>> original and the first update. After doing the second sign you sign
>> the update 1 and update 2. See [3] The first signature covers it own
>> changes. if you alter a document after signing, the signature isn't
>> automatically invalid. Adobe will inform the user that the document
>> was altered after signing. The signature stay intact.
>
> That's what I wanted to say here. But as soon as a second signature
> is applied there will be a visual hint to the first signature in
> Adobe
> Acrobat or Reader. As you correctly state this doesn't mean that the
> first signature is invalid. It only shows that the document was
> altered after applying the first signature in this case by applying
> the second signature.
>
I've tested it now again. Signed twice and alter the document after
signing with a new incremental update. I need to correct my last
statement, the adobe reader give no hit that someone altered the
document after signing. The only thing that is shown for each signature
is, that the revision wasn't altered after signing.
PS: Please let discuss this outside the mailing list, the author of the
original mail has a different problem.
Re: Multiple signatures
Posted by Maruan Sahyoun <sa...@fileaffairs.de>.
> Am 04.03.2013 10:39, schrieb Maruan Sahyoun:
>> Hi,
>>
>> how did you verify that the signature is invalid? It might be the
>> intended behavior if the verification means that you have e.g. a
>> yellow exclamation mark in Adobe Acrobat. Why might that be correct?
> The exclamation mark tells only that there are minor problems with the signature. If a signature is invalid or can't be parsed, Adobe will show a X instead of a exclamation mark [1]. All other symbols shows that the signature _isn't_ invalid. Adobe complains on the screenshot that the certificate isn't trustful. Trustful means adobe can not check this certificate against his known trust center or the certificate is selfsigned. So if the adobe reader should show a checkmark [2], the certificate need to be marked as trustfulness.
That's why we need to know how you came to the conclusion that the signature is invalid.
>
>> Well adding the first signature means the signature is applied with
>> the state the PDF has as that point in time. Adding the second
>> signature means adding additional content after the first signature
> No, that's not correct. The signature covers the whole document incl. the incremental update. So if you sign once you sign the original and the first update. After doing the second sign you sign the update 1 and update 2. See [3] The first signature covers it own changes. if you alter a document after signing, the signature isn't automatically invalid. Adobe will inform the user that the document was altered after signing. The signature stay intact.
That's what I wanted to say here. But as soon as a second signature is applied there will be a visual hint to the first signature in Adobe Acrobat or Reader. As you correctly state this doesn't mean that the first signature is invalid. It only shows that the document was altered after applying the first signature in this case by applying the second signature.
>
>> was applied. This will be reflected in Acrobat by displaying the
>> yellow exclamation mark. Inspecting the message in the signature
>> dialog will say that after the signature was added changes were done
>> to the PDF - which is correct.
> The signature will be added incremental. The previouse sections wouldn't be altered at all. If you compare both documents with a diff tool that can handle pdf as text you would see, that the new signature doesn't change the prevouse document. What will happen is, that with a incremental update the xref table/stream refer to altered and/or new objects. So if I want sign the first page, the pdfbox need to alter the page object and write a new one. The new page use the same object id and will be refered by the xref table/stream. So if the parser read the document and show it on the screen, he will find the altered page. The most error happens if the altered or new objects, or the xref table/stream are broken.
>
>> In order to verify if there might be an issue could you please
>> provide some additional information.
>>
>> With kind regards
>>
>> Maruan
>>
>
> PS: sorry for the wide explanation of the problematic. The signing process is a little bit complex and can't be explained in one or two sentence. If you have questions about signing, you can mail me direct for not going too much offtopic.
>
>
> [1] http://itext-general.2136553.n4.nabble.com/file/n4657575/invalid_signature.png
> [2] http://s1.www.textcontrol.com/en_US/blog/archive/20110803/assets/tx_acrobat_zoom.png
> [3] http://partners.adobe.com/public/developer/en/images/tip3-2.jpg
Re: Multiple signatures
Posted by Thomas Chojecki <in...@rayman2200.de>.
Am 04.03.2013 10:39, schrieb Maruan Sahyoun:
> Hi,
>
> how did you verify that the signature is invalid? It might be the
> intended behavior if the verification means that you have e.g. a
> yellow exclamation mark in Adobe Acrobat. Why might that be correct?
The exclamation mark tells only that there are minor problems with the
signature. If a signature is invalid or can't be parsed, Adobe will show
a X instead of a exclamation mark [1]. All other symbols shows that the
signature _isn't_ invalid. Adobe complains on the screenshot that the
certificate isn't trustful. Trustful means adobe can not check this
certificate against his known trust center or the certificate is
selfsigned. So if the adobe reader should show a checkmark [2], the
certificate need to be marked as trustfulness.
> Well adding the first signature means the signature is applied with
> the state the PDF has as that point in time. Adding the second
> signature means adding additional content after the first signature
No, that's not correct. The signature covers the whole document incl.
the incremental update. So if you sign once you sign the original and
the first update. After doing the second sign you sign the update 1 and
update 2. See [3] The first signature covers it own changes. if you
alter a document after signing, the signature isn't automatically
invalid. Adobe will inform the user that the document was altered after
signing. The signature stay intact.
> was applied. This will be reflected in Acrobat by displaying the
> yellow exclamation mark. Inspecting the message in the signature
> dialog will say that after the signature was added changes were done
> to the PDF - which is correct.
The signature will be added incremental. The previouse sections
wouldn't be altered at all. If you compare both documents with a diff
tool that can handle pdf as text you would see, that the new signature
doesn't change the prevouse document. What will happen is, that with a
incremental update the xref table/stream refer to altered and/or new
objects. So if I want sign the first page, the pdfbox need to alter the
page object and write a new one. The new page use the same object id and
will be refered by the xref table/stream. So if the parser read the
document and show it on the screen, he will find the altered page. The
most error happens if the altered or new objects, or the xref
table/stream are broken.
> In order to verify if there might be an issue could you please
> provide some additional information.
>
> With kind regards
>
> Maruan
>
PS: sorry for the wide explanation of the problematic. The signing
process is a little bit complex and can't be explained in one or two
sentence. If you have questions about signing, you can mail me direct
for not going too much offtopic.
[1]
http://itext-general.2136553.n4.nabble.com/file/n4657575/invalid_signature.png
[2]
http://s1.www.textcontrol.com/en_US/blog/archive/20110803/assets/tx_acrobat_zoom.png
[3] http://partners.adobe.com/public/developer/en/images/tip3-2.jpg
Re: Multiple signatures
Posted by Maruan Sahyoun <sa...@fileaffairs.de>.
Hi,
how did you verify that the signature is invalid? It might be the intended behavior if the verification means that you have e.g. a yellow exclamation mark in Adobe Acrobat. Why might that be correct? Well adding the first signature means the signature is applied with the state the PDF has as that point in time. Adding the second signature means adding additional content after the first signature was applied. This will be reflected in Acrobat by displaying the yellow exclamation mark. Inspecting the message in the signature dialog will say that after the signature was added changes were done to the PDF - which is correct.
In order to verify if there might be an issue could you please provide some additional information.
With kind regards
Maruan
Am 04.03.2013 um 09:30 schrieb Thomas Chojecki <in...@rayman2200.de>:
> Am 21.02.2013 10:38, schrieb Vlad Mateescu:
>> Hello,
> Hi,
>
>> I'm trying to add two signatures with two different certificates in a PDF
>> file but as soon as it adds the second one, the first signature becomes
>> invalid.
> Can you please try it again with the pdfbox trunk. There were done some fixes in the last patch. I think your problem isn't related with the one shown in PDFBOX-1370. The problem there is signing different pages and this cause that one or more signatures would be invalid.
>
>> I started with the code provided at [1], modified here and there (I'm still
>> able to sign the document once....or more times using the same
>> certificate) and added a function for the second signature. I currently
>> sign the document like this:
>
> Hmm, sounds for me like an cms issue not an pdf. But please send me one sample and I try analyse it.
>
>> PDFSigner signer = new PDFSigner(input, output);
>> signer.sign(keystore1, password1);
>> signer.signR(keystore2, password2);
>> signer.document.saveIncremental(.....);
>>
>> Thanks!
>
> I have to thank you for reporting that issue.
>
> Best regards
> Thomas
>
>>
>>
>> [1] https://issues.apache.org/jira/browse/PDFBOX-1370