Thanks, a few key points you gave cleared up my issues. I am still interested, however, just for my own education on how to identify and remove incremental sections if anyone can direct me how to do that.
-----Original Message----- From: Brzrk One [mailto:[email protected]] Sent: Thursday, April 10, 2014 2:03 PM To: [email protected] Subject: Re: Validating signatures and removing signatures I iterate through the list returned by PDDocumentCatalog.getAcroForm().getFields() and build a new list that does not contain the PDField.findFieldType() == "Sig", then use PDAcroForm.setFields() to have the form use the new field list, or PDDocumentCatalog.setAcroForm( null ) if the new field list is empty. I also iterate through COSDocument.getSignatureDirectories() and remove them from the document. On Thu, Apr 10, 2014 at 3:49 PM, Ross Woolf <[email protected]> wrote: > As further comment, when I tried to use the method of removing > signatures via deleting the signature fields from the fields array. > It first appeared to work. When the pdf is opened in the adobe reader > it does not indicate anything about signatures and it seems as if none > exist, but if I scroll through the document it will then all of a > sudden display a banner that says that a signature requires > validating, but you can't open the signature panel to investigate. So > apparently just removing the signature fields is not enough. > Something remains in the document that causes it to have this odd behavior. > > Therefore I would like to pursue the approach of removing the > incremental section, but I have no clue how to even find this section or > identify it. > Any help would be appreciated. > > -----Original Message----- > From: Ross Woolf > Sent: Wednesday, April 09, 2014 4:31 PM > To: [email protected] > Subject: RE: Validating signatures and removing signatures > > It has been awhile but I am now back on this project. In terms of > removing signatures, I'm interested in the approach of just removing > the incremental section, but being new to PDFBox I am clueless as to > how to do this. Could anyone point me in the direction of how I would > go about finding and removing this section? > > Thanks > > -----Original Message----- > From: Thomas Chojecki [mailto:[email protected]] > Sent: Friday, January 03, 2014 2:37 PM > To: [email protected] > Subject: Re: Validating signatures and removing signatures > > Am Thu, 2 Jan 2014 23:58:51 +0000 > schrieb Ross Woolf <[email protected]>: > > > I have two related questions regarding signed PDF documents > > > > 1. Is it possible with PDFBox to validate signatures? > Not directly. You can extract the cms signature and verify it with > bouncy castle. You can load the document and grab all signatures with > doc.getSignatureDictionaries(). > > The PDSignatureDictionary provides two methods: > 1. byte[] getSignedContent(InputStream pdfFile) This extract the > signed content. The part that the signature covers. > This will extract the Content using the ByteRange. > > 2. byte[] getContents(InputStream pdfFile) With this one you can > extract the signature from the document. This will extract the > signature using the gap declarated by the ByteRange. > > > Next you need to convert the byte[] into a CMS signature object and > verify the signature using the extracted signed content. The > certificate can be extracted from the CMS signature. > > > > 2. Is it possible to remove signatures using PDFBox that were > > previously signed using PDFBox (the same certificate as signing will > > be available)? > Yes, there are two different ways to do that. PDFBox create > incremental updates for each signature. So if you remove the made > incremental section, the document will be exactly the same as before signing. > > The second way is to flatten the document. For this you need to get > the AcroForms from the Catalog and remove the SignatureField from the > Fields array. > > PDDocumentCatalog catalog = doc.getDocumentCatalog(); PDAcroForm > acroform = catalog.getAcroForm(); List fields = acroform.getFields(); > > Now you need to find the right signature field and remove it from the > document. I did not know if this work properly, some people on the > mailinglist means, this method does not work. > > > But if you just add new content and sign it again, you can leave the > signatures where it is. The signature covers only a specific part of > the document and does not break if new content will be add > incremental. At the moment the pdfbox only support incremental updates > for signature. If you want to add additional content like pages, you > will break the signature if you save the document the convetional way. > > If you add a new page and add a signature,this maybe will work. I've > don't test it yet. > > > For integrity sake before appending the pages I want to check that > > the original signature is valid, and if so, then remove the original > > signature, append the necessary data, and then sign the document > > anew relative to the modified document and then send it on to the > > requester. > > Try the last made sugestion with adding a page and signature and > perform a saveIncremental. > > Best regards > Thomas >
