[NTG-context] issue with signing

ntg-context - mailing list for ConTeXt users
 help / color / mirror / Atom feed

* [NTG-context] issue with signing
@ 2024-06-03 14:35 Pablo Rodriguez via ntg-context
  0 siblings, 0 replies; only message in thread
From: Pablo Rodriguez via ntg-context @ 2024-06-03 14:35 UTC (permalink / raw)
  To: ConTeXt users; +Cc: Pablo Rodriguez

[-- Attachment #1: Type: text/plain, Size: 1612 bytes --]

Dear list,

I have the following sample

  \setupinteraction[state=start]
  \definefield[signature][signed]
  \defineoverlay[signature][my signature]
  \starttext
    \startTEXpage[offset=1ts,frame=on,framecolor=darkblue]
      sign: \inframed[background=signature,framecolor=darkred]
              {\fieldbody[signature][width=3cm,option=hidden]}
    \stopTEXpage
  \stoptext

After compiling, I sign it with the following command (in latest from
2024.05.31 18:50):

 mtxrun --script pdf --sign --certificate=mycert.pfx --password=ABCabc a

It requires the pass phrase (again?) and I get a signed PDF document.

But Acrobat cannot find (or display) any signature in that PDF document.

pdfsig (from poppler-utils-24.02.0) complains about digest mismatch:

  $ pdfsig a.pdf
  Digital Signature Info of: a.pdf
  Signature #1:
    - Signature Field Name: signature
    - Signer Certificate Common Name: John Doe
    - Signer full Distinguished Name: CN=John Doe,O=No Brainer
    - Signing Time: Jun 03 2024 16:24:03
    - Signing Hash Algorithm: SHA-256
    - Signature Type: adbe.pkcs7.detached
    - Signed Ranges: [0 - 6428], [10527 - 10912]
    - Not total document signed
    - Signature Validation: Digest Mismatch.

mutool sign (from mupdf-1.24.1) also complains about modified document
after signing:

  $ mutool sign -v a.pdf
  Verifying signature 3:
    Distinguished name: cn=John Doe, o=No Brainer, ou=, email=, c=XX
    Certificate error: Self-signed certificate.
    Digest error: Signature invalidated by change to document.

Sorry, but what am I doing wrong here?

Many thanks for your help,

Pablo

[-- Attachment #2: mycert.pfx --]
[-- Type: application/x-pkcs12, Size: 2736 bytes --]

[-- Attachment #3: Type: text/plain, Size: 511 bytes --]

___________________________________________________________________________________
If your question is of interest to others as well, please add an entry to the Wiki!

maillist : ntg-context@ntg.nl / https://mailman.ntg.nl/mailman3/lists/ntg-context.ntg.nl
webpage  : https://www.pragma-ade.nl / https://context.aanhet.net (mirror)
archive  : https://github.com/contextgarden/context
wiki     : https://wiki.contextgarden.net
___________________________________________________________________________________

^ permalink raw reply	[flat|nested] only message in thread

only message in thread, other threads:[~2024-06-03 14:35 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2024-06-03 14:35 [NTG-context] issue with signing Pablo Rodriguez via ntg-context

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).