You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@pdfbox.apache.org by "David KELLER (JIRA)" <ji...@apache.org> on 2013/10/21 19:54:41 UTC

[jira] [Commented] (PDFBOX-1751) SignDict/Contents illegal data

    [ https://issues.apache.org/jira/browse/PDFBOX-1751?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13800875#comment-13800875 ] 

David KELLER commented on PDFBOX-1751:
--------------------------------------

on google you have only fives topics  https://www.google.fr/search?q=SignDict/Contents+illegal+data

you can find some hints here:
http://itext-general.2136553.n4.nabble.com/iText-error-in-signing-big-PDF-files-SigDict-Contents-illegal-data-td4655309.html#none

---------------------------------------------------------------------------------------
this indeed is a bug in iText.

Everything in the signing process is done correctly, merely the serialization of the signed byte range into the resulting PDF is somewhat inaccurate.

PdfSignatureAppearance.preClose(HashMap) creates the byte sequence representing the signed ranges like this:

                ByteBuffer bf = new ByteBuffer();
                bf.append('[');
                for (int k = 0; k < range.length; ++k)
                    bf.append(range[k]).append(' ');
                bf.append(']');

ByteBuffer is com.itextpdf.text.pdf.ByteBuffer, range is a long[] member of PdfSignatureAppearance.

Unfortunately there is no ByteBuffer method append(long); thus, the overload append(float) is called here by Java instead (and not append(double) as one might have hoped for). As the conversion long -> float is lossy, the numbers in the /ByteRange array are merely approximations... ;)

Adding a decent ByteBuffer.append overload for long arguments should fix this issue.

Regards,   Michael

PS: Reposted as the original post seems to have gone awol on its way to the mailing list. 


> SignDict/Contents illegal data
> ------------------------------
>
>                 Key: PDFBOX-1751
>                 URL: https://issues.apache.org/jira/browse/PDFBOX-1751
>             Project: PDFBox
>          Issue Type: Bug
>          Components: Signing
>    Affects Versions: 1.8.0
>         Environment: Windows 8.1
>            Reporter: David KELLER
>              Labels: security, signature
>         Attachments: PADESSigner.java
>
>
> 1/ I sign a file using this method
> 	public static void signByPdfbox(
> 			File inputPDF,
> 			File outputPDF,
> 			KeyStore ks,
> 			String password) 
> 	throws IOException, UnrecoverableKeyException, KeyStoreException, NoSuchAlgorithmException, COSVisitorException, SignatureException {
> 		PDDocument inputDoc = PDDocument.load(inputPDF);
> 		
> 		
> 		PADESSigner signer = new PADESSigner(ks, password);
> 		
> 		signer.setSignatureName("Hello1");
> 		signer.setSignatureReason("Why noy");
> 		signer.setSignatureLocation("Curacao");
> 		signer.setSignatureContactInfo("david.keller.fr@gmail.com");
> 		
> 		signer.signPDF(inputDoc, outputPDF);
> 	}
> 2/ I resign the same file using the same method and in acrobat reader I have this error : SignDict/Contents illegal data
> I have googelized it, and I found only old topics for iText lib.
> I have tried the same with iText 5.X, and double signatures works



--
This message was sent by Atlassian JIRA
(v6.1#6144)