[
https://issues.apache.org/jira/browse/PDFBOX-2816?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Tilman Hausherr resolved PDFBOX-2816.
-------------------------------------
Resolution: Fixed
Assignee: Maruan Sahyoun
Fix Version/s: 2.0.0
1.8.11
> PDFBox makes disallowed changes when signing a signed document
> --------------------------------------------------------------
>
> Key: PDFBOX-2816
> URL: https://issues.apache.org/jira/browse/PDFBOX-2816
> Project: PDFBox
> Issue Type: Bug
> Components: Signing
> Affects Versions: 1.8.9
> Reporter: Petras
> Assignee: Maruan Sahyoun
> Fix For: 1.8.11, 2.0.0
>
> Attachments: Fix_to_PDFBOX-2816.patch, acrosigned.pdf,
> acrosigned_signed.pdf, acrosigned_signed_fix.pdf
>
>
> It seems PDFBox make disallowed changes when signing a document containing a
> signature with visual appearance. Using the signing example
> {{org.apache.pdfbox.examples.signature.CreateSignature}} (modified to use BC
> 1.52) I signed (invisible signature) a document (_acrosigned.pdf_) containing
> signature with visual appearance. After signing Adobe Acrobat for the
> resulted pdf (_acrosigned_signed.pdf_) shows an error for the first
> signature: {quote}
> 1 Page(s) Modified
> Signature is invalid:
> Document has been altered or corrupted since it was signed.
> {quote}
> The first revision is intact after signing, but it seems PDFBox made some
> disallowed changes to the document. Adobe in its technical white paper [Adobe
> Acrobat 9 Digital Signatures, Changes and
> Improvements|http://wwwimages.adobe.com/www.adobe.com/content/dam/Adobe/en/devnet/reader/pdfs/readercomp_digitalsignatures.pdf]
> disallows such changes for the signed document:
> * Adding form fields other than signature fields
> * Changing page content
> Unfortunately, I could not identify the changes which caused this error,
> though I notice these changes in structure after signing:
> # Default resources (/DR) were droped from AcroForm dictionary;
> # An array of annotation dictionaries (value of /Annots in page object)
> became direct;
> And probably there are more...
> I thought the first change was fundamental, noticed that
> {{PDDocument#addSignature()}} method removes /DR key for invisible
> signatures. Tried to disable it in 1.8.10-SNAPSHOT sources, but unfortunately
> it didn't help. Didn't tried to reuse the same array object for /Annots yet.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
