[jira] [Commented] (PDFBOX-1751) SignDict/Contents illegal data

[David KELLER (JIRA)]

    [ 
https://issues.apache.org/jira/browse/PDFBOX-1751?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13800875#comment-13800875
 ] 

David KELLER commented on PDFBOX-1751:
--------------------------------------

on google you have only fives topics  
https://www.google.fr/search?q=SignDict/Contents+illegal+data

you can find some hints here:
http://itext-general.2136553.n4.nabble.com/iText-error-in-signing-big-PDF-files-SigDict-Contents-illegal-data-td4655309.html#none

---------------------------------------------------------------------------------------
this indeed is a bug in iText.

Everything in the signing process is done correctly, merely the serialization 
of the signed byte range into the resulting PDF is somewhat inaccurate.

PdfSignatureAppearance.preClose(HashMap) creates the byte sequence representing 
the signed ranges like this:

                ByteBuffer bf = new ByteBuffer();
                bf.append('[');
                for (int k = 0; k < range.length; ++k)
                    bf.append(range[k]).append(' ');
                bf.append(']');

ByteBuffer is com.itextpdf.text.pdf.ByteBuffer, range is a long[] member of 
PdfSignatureAppearance.

Unfortunately there is no ByteBuffer method append(long); thus, the overload 
append(float) is called here by Java instead (and not append(double) as one 
might have hoped for). As the conversion long -> float is lossy, the numbers in 
the /ByteRange array are merely approximations... ;)

Adding a decent ByteBuffer.append overload for long arguments should fix this 
issue.

Regards,   Michael

PS: Reposted as the original post seems to have gone awol on its way to the 
mailing list. 


> SignDict/Contents illegal data
> ------------------------------
>
>                 Key: PDFBOX-1751
>                 URL: https://issues.apache.org/jira/browse/PDFBOX-1751
>             Project: PDFBox
>          Issue Type: Bug
>          Components: Signing
>    Affects Versions: 1.8.0
>         Environment: Windows 8.1
>            Reporter: David KELLER
>              Labels: security, signature
>         Attachments: PADESSigner.java
>
>
> 1/ I sign a file using this method
>       public static void signByPdfbox(
>                       File inputPDF,
>                       File outputPDF,
>                       KeyStore ks,
>                       String password) 
>       throws IOException, UnrecoverableKeyException, KeyStoreException, 
> NoSuchAlgorithmException, COSVisitorException, SignatureException {
>               PDDocument inputDoc = PDDocument.load(inputPDF);
>               
>               
>               PADESSigner signer = new PADESSigner(ks, password);
>               
>               signer.setSignatureName("Hello1");
>               signer.setSignatureReason("Why noy");
>               signer.setSignatureLocation("Curacao");
>               signer.setSignatureContactInfo("david.keller...@gmail.com");
>               
>               signer.signPDF(inputDoc, outputPDF);
>       }
> 2/ I resign the same file using the same method and in acrobat reader I have 
> this error : SignDict/Contents illegal data
> I have googelized it, and I found only old topics for iText lib.
> I have tried the same with iText 5.X, and double signatures works



--
This message was sent by Atlassian JIRA
(v6.1#6144)