Shashimee
Reputation: 264
PDF Certification invalid : "Document has been altered or corrupted since it was signed"
I am doing a PDF signing feature for my application. Here is the workflow :
- The PDF is stored on the server.
- I include all the signatures fields necessary into the file and compute the byterange etc using an extension of ZendPDF called FaritPDF.
- I compute the hash according to the computed ByteRange using SHA256.
- The hash is sent to the client.
- The client sign the hash using a PFX file and creates a PKCS7 object containing the hash.
- The PKCS7 object is sent to the server.
- The PKCS7 object is included in the PDF and the PDF is rendered.
Which leads me to the following error : "Document has been altered or corrupted since it was signed". The ByteRange is correct, I didn't modify any byte of the file. I am using the same algorithm as Acrobat Reader. What could I be doing wrong ?
Here is my PDF file, sorry I can't upload it from work :
%PDF-1.3
%âãÏÓ
1 0 obj
<<
/Type /Catalog
/Outlines 2 0 R
/Pages 3 0 R
>>
endobj
2 0 obj
<<
/Type /Outlines
/Count 0
>>
endobj
3 0 obj
<<
/Type /Pages
/Count 2
/Kids [ 4 0 R 6 0 R ]
>>
endobj
4 0 obj
<<
/Type /Page
/Parent 3 0 R
/Resources <<
/Font <<
/F1 9 0 R
>>
/ProcSet 8 0 R
>>
/MediaBox [0 0 612.0000 792.0000]
/Contents 5 0 R
>>
endobj
5 0 obj
<< /Length 1074 >>
stream
2 J
BT
0 0 0 rg
/F1 0027 Tf
57.3750 722.2800 Td
( A Simple PDF File ) Tj
ET
BT
/F1 0010 Tf
69.2500 688.6080 Td
( This is a small demonstration .pdf file - ) Tj
ET
BT
/F1 0010 Tf
69.2500 664.7040 Td
( just for use in the Virtual Mechanics tutorials. More text. And more ) Tj
ET
BT
/F1 0010 Tf
69.2500 652.7520 Td
( text. And more text. And more text. And more text. ) Tj
ET
BT
/F1 0010 Tf
69.2500 628.8480 Td
( And more text. And more text. And more text. And more text. And more ) Tj
ET
BT
/F1 0010 Tf
69.2500 616.8960 Td
( text. And more text. Boring, zzzzz. And more text. And more text. And ) Tj
ET
BT
/F1 0010 Tf
69.2500 604.9440 Td
( more text. And more text. And more text. And more text. And more text. ) Tj
ET
BT
/F1 0010 Tf
69.2500 592.9920 Td
( And more text. And more text. ) Tj
ET
BT
/F1 0010 Tf
69.2500 569.0880 Td
( And more text. And more text. And more text. And more text. And more ) Tj
ET
BT
/F1 0010 Tf
69.2500 557.1360 Td
( text. And more text. And more text. Even more. Continued on page 2 ...) Tj
ET
endstream
endobj
6 0 obj
<<
/Type /Page
/Parent 3 0 R
/Resources <<
/Font <<
/F1 9 0 R
>>
/ProcSet 8 0 R
>>
/MediaBox [0 0 612.0000 792.0000]
/Contents 7 0 R
>>
endobj
7 0 obj
<< /Length 676 >>
stream
2 J
BT
0 0 0 rg
/F1 0027 Tf
57.3750 722.2800 Td
( Simple PDF File 2 ) Tj
ET
BT
/F1 0010 Tf
69.2500 688.6080 Td
( ...continued from page 1. Yet more text. And more text. And more text. ) Tj
ET
BT
/F1 0010 Tf
69.2500 676.6560 Td
( And more text. And more text. And more text. And more text. And more ) Tj
ET
BT
/F1 0010 Tf
69.2500 664.7040 Td
( text. Oh, how boring typing this stuff. But not as boring as watching ) Tj
ET
BT
/F1 0010 Tf
69.2500 652.7520 Td
( paint dry. And more text. And more text. And more text. And more text. ) Tj
ET
BT
/F1 0010 Tf
69.2500 640.8000 Td
( Boring. More, a little more text. The end, and just as well. ) Tj
ET
endstream
endobj
8 0 obj
[/PDF /Text]
endobj
9 0 obj
<<
/Type /Font
/Subtype /Type1
/Name /F1
/BaseFont /Helvetica
/Encoding /WinAnsiEncoding
>>
endobj
10 0 obj
<<
/Creator (Rave \(http://www.nevrona.com/rave\))
/Producer (Nevrona Designs)
/CreationDate (D:20060301072826)
>>
endobj
xref
0 11
0000000000 65535 f
0000000019 00000 n
0000000093 00000 n
0000000147 00000 n
0000000222 00000 n
0000000390 00000 n
0000001522 00000 n
0000001690 00000 n
0000002423 00000 n
0000002456 00000 n
0000002574 00000 n
trailer
<<
/Size 11
/Root 1 0 R
/Info 10 0 R
>>
startxref
2714
%%EOF
1 0 obj
<</Type /Catalog /Outlines 2 0 R /Pages 3 0 R /Perms <</DocMDP 11 0 R >> /AcroForm <</Fields [12 0 R ] /SigFlags 3 >> /Names 15 0 R >>
endobj
3 0 obj
<</Type /Pages /Count 2 /Kids [4 0 R 6 0 R ] >>
endobj
4 0 obj
<</Type /Page /Parent 3 0 R /Resources <</Font <</F1 9 0 R >> /ProcSet 8 0 R >> /MediaBox [0 0 612 792 ] /Contents 5 0 R >>
endobj
6 0 obj
<</Type /Page /Parent 3 0 R /Resources <</Font <</F1 9 0 R >> /ProcSet 8 0 R >> /MediaBox [0 0 612 792 ] /Contents 7 0 R >>
endobj
11 0 obj
<</Type /Sig /Filter /Adobe.PPKLite /SubFilter /adbe.pkcs7.detached /ByteRange [0 3660 15404 678 ] /Contents <3082092b06092a864886f70d010702a082091c30820918020101310f300d06096086480165030402010500300b06092a864886f70d010701a08205cf308205cb308203b3a003020102020900d0ffeb9c9f715144300d06092a864886f70d0101050500307c310b30090603550406130246523111300f06035504080c084252455441474e45310f300d06035504070c0652454e4e4553310d300b060355040a0c0441544f53310b3009060355040b0c0242533110300e06035504030c07746573742e6672311b301906092a864886f70d010901160c7465737440746573742e6672301e170d3137303731383037343433355a170d3138303731383037343433355a307c310b30090603550406130246523111300f06035504080c084252455441474e45310f300d06035504070c0652454e4e4553310d300b060355040a0c0441544f53310b3009060355040b0c0242533110300e06035504030c07746573742e6672311b301906092a864886f70d010901160c7465737440746573742e667230820222300d06092a864886f70d01010105000382020f003082020a0282020100df7b0bfe8369008eed0719fd59b90780746a4a15058985e99559f0f5bb83cd4fdfa53ca43a797f39b9e308561fde0e48924af78399f50c3ef1793088f941ef3f0eeb93b2a2e0615a0164f3c979c96c0a703d4e4f475b27b6c21f7cce37b9cdad8098e8de26f2afc69e50e7153f8928cbd2f504b3b1ec5c082b9175d92074849330479f2db361b522e144795e59a65cc92b48d2a0237b3515315d432d951746bdcf872d32ad3b2e454813051bde3544e053c9098b3d428bd783c3a527650b69a419a0f262643b93d3e24b0ecec65d9ced1ac16879079794de9c46edc1b5675f400fd596e984379eafe115847d6f52c581b4a5c08dcb271f1b264578e805d53bae54fc3bcde0a82675a49759e662a3b43796911f3c6e76030be5099508054297c2403b8a5b0c4c27c096efaf1335495d99807aa6b191ddbe3719c93f0943995a8a4246fbb98b1279883df625c3823650f70130076c5cb444b0f153652304b6cb48ce93c969b2ece9f0073a992a7d2a089feb5386c7af7ff0bb7e073dfa485d2df24e79c2e8b4ef6e68123b2be8befbd2f01130438408dad3b6a11843fcf794bda25f3764dd8b2900202d308ff4aff2dd34b04cd39cfc3a2357a7e30eaac4afc520488b05f9405538405d30c61418f14e8a2ed55a55b4e32d59ef41846dae7fd163786fd41966bc7e5a4e03d064a793f301f74fa4717885332daf35dbda46889d2d0203010001a350304e301d0603551d0e0416041428518f33e55c29ed1dbfb4a0a54d8732cc9013a5301f0603551d2304183016801428518f33e55c29ed1dbfb4a0a54d8732cc9013a5300c0603551d13040530030101ff300d06092a864886f70d0101050500038202010008207d9828c97c982a2ac85517ef1e56bfa14174c4e0a95611057237cb1a134a1966709f42e45c1b9487c5cb2b34e1b8cd2ddae91f8eb2b53e7ee10488ab483162899c1035c287a2183bc7c031d99e21ebf4cbd9f116928ca1fa65295dbddbe13a77059cc8cb3c32ec8d61c2c2baa2ae3ada698843f7dd7b9a58abf1ce50f926bdc09b2da423ecaca667d47e93fa85372acadc4f45b1343cdf6298dfcc732c76a94fbaab051ae8de3ff45fad16be3c020c2449428c36eaeb25b4c3ae4cd8055f3210ecf58de9928635549182490d1cbf9765bbe2c903c6648b9d9621290a37aff1e9e5509fbf866d60d0f0796f2c9d896ba9cc3be76aba99e780af83f8c96667f2e1122957ed9df0a1406c9466b383c3c9528788805e8ebfd5003e29d9e8250c18b22ae1bb86a98436d9216f5d4f9e0e339bf883a71c7b16abddc65cead101d5161458b22f4978a39be42d85776c96e86fa3f942115793e7d539e5f03d7358d2869a601afbafce454d8122f23fadef3b162d375746c38e64785e4d26760b3fceec604f04afd27470c56f31695b457cd8f4caf1dcf9fe783b377567f1584f93c87e24277af0c265e666ecc91a2dd15561dbaa6f4d2eb293621abf1026edc093706f45dfc1e3dd6915d51171f1353b49802cfc224dd8d5a574dc870fd05502fdd8ba2d520cfbbe8cb30a7a7935bf530c14fd8d9964de127255714b6baf7a88cf86318203203082031c020101308189307c310b30090603550406130246523111300f06035504080c084252455441474e45310f300d06035504070c0652454e4e4553310d300b060355040a0c0441544f53310b3009060355040b0c0242533110300e06035504030c07746573742e6672311b301906092a864886f70d010901160c7465737440746573742e6672020900d0ffeb9c9f715144300d06096086480165030402010500a069301c06092a864886f70d010905310f170d3137303732303135303032335a301806092a864886f70d010903310b06092a864886f70d010701302f06092a864886f70d01090431220420943ada36057634a46f7deeb370e01d1b61fd5532007156eb88f4dc50787a098c300d06092a864886f70d01010b050004820200b7f6c6f4cd88f838d8ceb0a965cbb2e55a6d73e77a2be36414a3626a3413cd3bdb53a57ca2dd1e88abdf3e1ef7a231e0329c79d2d3804860cf88d4a49b9f4a82f78d9c11db1f67d684510f2563bd7f194f7fefee497a6bd92ca3099ec7c8755fd839aca6c1952f62be94ef234794003ceeb66bdd69e1d115c10613ac87ceb061db9bda977ce106a867f50a10ca2e3173cba74300ed9cdbdc9386e2915c8b9f541ed6d2947432ed43da572c38a94c7d89677155774101492077ecdd9912b012cb58b83cdb7e98b5ba0d910abba0db8a9449c1fd76ee262891d1e60c95b72fe77ee1488238cae03e038cb46b3e2a9e753d44dcece286a9217cd5bd292976cfb007fc0da26e1997cbffd9c2f1336ef58eda13942ca3da3cc9783509be6276c11d15e1708c97aa92c873d8ecbc12ef12fee55998ee190d6d37aefdc83a44d42e96e4e0e0ca19a786738a345bf68f555e60c7aed711b44fa0e668121d91c26ee613f8c7e8b153653a4953e820f4f65e0ebf634fdbf57f258f41f2ba69516f02f9c1934399445a44ae6efdd29424aa1b2809fab3485c37dd49ee41817895623b780aa90af83fecb0c65682d4e4b2f2ff275190e087e71d8c95171a2483c03830be744d67ef80c8481a44a8b2917756bf880cfd94d060acda822e975a884bc21db39adc5b2608030bb90e394f8e271cd65761daf3b3f9a8a0c09970c3e95eb71ee302c900000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000>
/Reference [<</Type /SigRef /TransformMethod /DocMDP /TransformParams <</Type /TransformParams /V /1.2 /P 3 >> >> ] /M (D:20170720170036+02'00') >>
endobj
12 0 obj
<</Type /Annot /SubType /Widget /Rect [0 0 0 0 ] /P 4 0 R /F 4 /FT /Sig /T (Signature) /Ff 0 /V 11 0 R >>
endobj
13 0 obj
[]
endobj
14 0 obj
<</Names 13 0 R >>
endobj
15 0 obj
<</Dests 14 0 R >>
endobj
xref
0 2
0000000000 65535 f
0000003028 00000 n
3 2
0000003179 00000 n
0000003243 00000 n
6 1
0000003383 00000 n
11 5
0000003523 00000 n
0000015561 00000 n
0000015684 00000 n
0000015704 00000 n
0000015740 00000 n
trailer
<</Size 16 /Root 1 0 R /Info 10 0 R /Prev 2714 >>
startxref
15776
%%EOF
Upvotes: -1
Views: 797
Answers (1)
Patrick Gallot
Reputation: 625
Your assertion that you did not modify any byte of the file is contradicted by step 7. You may want to diff the before and after of step 7 and make sure that the PKCS7 object is being written in the part of the file that is not part of the byterange used to calculate the hash.
Upvotes: 0
Related Questions
- Java IText7 PDF Sign Problem - Document has been altered or corrupted since it was signed
- Document has been altered or corruped since the Signature was applied itext 5.5.11
- PDF becoming corrupted after signing
- Document has been altered or corrupted since it was signed
- "At least one signature has problems” message when signed PDF is opened
- Signed PDF showing message "The validity of the document is unknown", iText
- PDF Byte range invalid
- PDF Unknown signing icon
- pdfbox - document has been altered or corrupted since it was signed
- "The document has been altered or corrupted since the signature was applied" error comes after signature was applied to pdf using itext