From: Pablo Rodriguez via ntg-context <ntg-context@ntg.nl>
To: ConTeXt users <ntg-context@ntg.nl>
Cc: Pablo Rodriguez <oinos@gmx.es>
Subject: [NTG-context] issue with signing
Date: Mon, 3 Jun 2024 16:35:02 +0200 [thread overview]
Message-ID: <ac8b68d0-13b6-4e35-a6ad-fbf0ff09d67d@gmx.es> (raw)
[-- Attachment #1: Type: text/plain, Size: 1612 bytes --]
Dear list,
I have the following sample
\setupinteraction[state=start]
\definefield[signature][signed]
\defineoverlay[signature][my signature]
\starttext
\startTEXpage[offset=1ts,frame=on,framecolor=darkblue]
sign: \inframed[background=signature,framecolor=darkred]
{\fieldbody[signature][width=3cm,option=hidden]}
\stopTEXpage
\stoptext
After compiling, I sign it with the following command (in latest from
2024.05.31 18:50):
mtxrun --script pdf --sign --certificate=mycert.pfx --password=ABCabc a
It requires the pass phrase (again?) and I get a signed PDF document.
But Acrobat cannot find (or display) any signature in that PDF document.
pdfsig (from poppler-utils-24.02.0) complains about digest mismatch:
$ pdfsig a.pdf
Digital Signature Info of: a.pdf
Signature #1:
- Signature Field Name: signature
- Signer Certificate Common Name: John Doe
- Signer full Distinguished Name: CN=John Doe,O=No Brainer
- Signing Time: Jun 03 2024 16:24:03
- Signing Hash Algorithm: SHA-256
- Signature Type: adbe.pkcs7.detached
- Signed Ranges: [0 - 6428], [10527 - 10912]
- Not total document signed
- Signature Validation: Digest Mismatch.
mutool sign (from mupdf-1.24.1) also complains about modified document
after signing:
$ mutool sign -v a.pdf
Verifying signature 3:
Distinguished name: cn=John Doe, o=No Brainer, ou=, email=, c=XX
Certificate error: Self-signed certificate.
Digest error: Signature invalidated by change to document.
Sorry, but what am I doing wrong here?
Many thanks for your help,
Pablo
[-- Attachment #2: mycert.pfx --]
[-- Type: application/x-pkcs12, Size: 2736 bytes --]
[-- Attachment #3: Type: text/plain, Size: 511 bytes --]
___________________________________________________________________________________
If your question is of interest to others as well, please add an entry to the Wiki!
maillist : ntg-context@ntg.nl / https://mailman.ntg.nl/mailman3/lists/ntg-context.ntg.nl
webpage : https://www.pragma-ade.nl / https://context.aanhet.net (mirror)
archive : https://github.com/contextgarden/context
wiki : https://wiki.contextgarden.net
___________________________________________________________________________________
reply other threads:[~2024-06-03 14:35 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ac8b68d0-13b6-4e35-a6ad-fbf0ff09d67d@gmx.es \
--to=ntg-context@ntg.nl \
--cc=oinos@gmx.es \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).