Uploaded image for project: 'PDFBox'
  1. PDFBox
  2. PDFBOX-2816

PDFBox makes disallowed changes when signing a signed document

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 1.8.9, 2.0.0
    • Fix Version/s: 1.8.11, 2.0.0
    • Component/s: Signing
    • Labels:
      None

      Description

      It seems PDFBox make disallowed changes when signing a document containing a signature with visual appearance. Using the signing example org.apache.pdfbox.examples.signature.CreateSignature (modified to use BC 1.52) I signed (invisible signature) a document (acrosigned.pdf) containing signature with visual appearance. After signing Adobe Acrobat for the resulted pdf (acrosigned_signed.pdf) shows an error for the first signature:

      1 Page(s) Modified
      Signature is invalid:
      Document has been altered or corrupted since it was signed.


      The first revision is intact after signing, but it seems PDFBox made some disallowed changes to the document. Adobe in its technical white paper Adobe Acrobat 9 Digital Signatures, Changes and Improvements disallows such changes for the signed document:

      • Adding form fields other than signature fields
      • Changing page content

      Unfortunately, I could not identify the changes which caused this error, though I notice these changes in structure after signing:

      1. Default resources (/DR) were droped from AcroForm dictionary;
      2. An array of annotation dictionaries (value of /Annots in page object) became direct;

      And probably there are more...
      I thought the first change was fundamental, noticed that PDDocument#addSignature() method removes /DR key for invisible signatures. Tried to disable it in 1.8.10-SNAPSHOT sources, but unfortunately it didn't help. Didn't tried to reuse the same array object for /Annots yet.

        Attachments

        1. acrosigned.pdf
          100 kB
          Petras
        2. acrosigned_signed.pdf
          120 kB
          Petras
        3. acrosigned_signed_fix.pdf
          120 kB
          Petras
        4. Fix_to_PDFBOX-2816.patch
          7 kB
          Petras

          Activity

            People

            • Assignee:
              msahyoun Maruan Sahyoun
              Reporter:
              abyss Petras
            • Votes:
              3 Vote for this issue
              Watchers:
              6 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: