Digital Signature is Invalid: Document has been altered or corrupted since it was signed

@danilos,

Can you try using the latest version, please?

If you do not have access to it, you can use this link(https://helpdesk.aspose.com) to request a trial version to test it before buying it.

Let me know if the problem persists on the current version.

Hello Carlos,

I have tested with a temporary license and the 23.2 version of the dlls, and this version corrects the issue described above, but I am experiencing a number of other issues.

One problem is that while the code works it generates very large files when signing the document. From a pdf file of 25KB containing a tiff image, it generates a file of over 500KB just for adding the signature.

Another problem is that a PDFA document cannot be signed, and converting to PDFA a signed document also invalidates the signature.

many thanks for the help

@danilos,

I am a bit confused about how you describe the issues and the code you share, so I will explain in a generic way, but it applies to your case anyways.

That is normal with a signed document. When you sign one, the whole chain of trust is stored in the Pdf document for offline verification. That is standard behavior and cannot be changed.

Also, you cannot convert, modify or make any alteration to a signed document because, by definition, a sign also prevents anyone from modifying a document, so whatever you signed gets unmodified and really represent what was signed.

Hi Carlos,

thank you for the reply, in version 19.8 of the Aspose libraries we were converting the document to PDFA and then signing it and the document resulted both PDFA conformant and with a valid signature. Recently, when running the code, we noted that Adobe was reporting that the signature was invalid because the file resulted modified or corrupted. So we tried with version 22.1 since we had purchased that license, version 22.1 had the same issue as version 19.8 for the signature, but also the additional issue of not allowing the signing of a document converted to PDFA.

Following your advice, I downloaded version 23.2, and obtained a temporary license. This version corrects the problem of the invalid signature but does not allow to sign a document converted to PDFA format, as well as a few other issues.

The code for the PDFA conversion is:

        Aspose.Pdf.Document pdfDocument = new Aspose.Pdf.Document(sourceFilename);

        MemoryStream m = new MemoryStream();
        pdfDocument.Convert(m, (PdfFormat)pdfFormat, ConvertErrorAction.None);
        pdfDocument.Save(targetFilename);

and it was not changed from the previous version that worked well, but I might be doing something wrong

@danilos,

When adding a code snippet, do not exclude variables outside the scope. For example, I do not know what format you are passing.

But anyways, the code looks fine for conversion to a specific format. You are not doing anything wrong.

Just for the sake of testing could you add the save format type:

pdfDocument.Save(outputStream, SaveFormat.Pdf); 

Also, the conversion or the signing is what is failing?

Hi Carlos,

I generally use the PDA_A_3B format, but the process can pass any of the PDFA formats available. I have tested with a few, they all give the same result.

The file is converted correctly but the signature results as invalid when the document is signed. According to Adobe, the file still claims to be in PDF/A format but the signature results as invalid with the same message., example using a time server:

Document has been altered or corrupted since it was signed.
Signer’s identity is valid.
Signature is a document timestamp signature.
Signature is LTV enabled

I have tested with the pdfDocument.Save(outputStream, SaveFormat.Pdf); - I get the same result

Hi Carlos,
I just wanted to inform you, I have now tested with version 23.4 of the pdf library, which seems to have been released a few days ago, and the problems of the signature on PDFA converted files and size of the files generated by the signing, are still present.
Thank you for all the help
Regards

@danilos,

That goes to the definition of a signed document. After signing, you cannot try to alter any document or convert it to a different format.

This is taken out of Adobe page:

Link: https://www.adobe.com/lt/sign/digital-signatures.html#:~:text=A%20digital%20signature%20is%20a,document%20and%20can%20be%20verified.

Do not try to alter or spoof or modify or convert a signed document as it goes against its nature,

I am not trying to convert the document after the signature, the document is converted before the signature. Here is the list of results I’ve got from the conversion and signature with versions 22.1, 22.2 and 23.2 and 23.4 of the libraries:

Conversion + Signature:

PDFA 1A not recognized as PDFA format by Reader
PDFA 1B not recognized as PDFA format by Reader
PDFA 2A valid PDFA invalid signature, can verify format with Aspose
PDFA 2B valid PDFA invalid signature, can verify format with Aspose
PDFA 2U not recognized as PDFA format by Reader
PDFA 3A not recognized as PDFA format by Reader
PDFA 3B valid PDFA invalid signature, can verify format with Aspose
PDFA 3U not recognized as PDFA format by Reader

all documents are not corrupted, they are opened correctly by a PDF reader, it’s only the format is not recognized as PDFA

@danilos,

The whole thing gets confusing because my main reference is the code you added before. That code does not represet everything you are describing. BEcause is just two pieces of code with no relation to each other.

Can you post the whole code snippet along with a pdf that is beein affected?

Hi here are a few snippets of the code:

	//DC library
	static public void ConvertToFormat(string sourceFilename, string targetFilename, PDFFormat pdfFormat)
    {
        if (license == null) SetLicense();

        using (Aspose.Pdf.Document pdfDocument = new Aspose.Pdf.Document(sourceFilename))
        {
            using (MemoryStream m = new MemoryStream())
            {
                pdfDocument.Convert(m, (PdfFormat)pdfFormat, ConvertErrorAction.None);
                pdfDocument.Save(targetFilename, SaveFormat.Pdf);
            }
        }
    }
	
	
	//test app
	private void button_convertToPDFA_Click(object sender, EventArgs e)
    {
		textBox_targetDocumentPath.Text = textBox_sourceDocumentPath.Text.Replace(".pdf", "_a.pdf");
		DCDocument.ConvertToFormat(textBox_sourceDocumentPath.Text, textBox_targetDocumentPath.Text, getPDFFormat(comboBox_PDFCompliance.Text));

		string tempFilename = textBox_sourceDocumentPath.Text;
		textBox_sourceDocumentPath.Text = textBox_targetDocumentPath.Text;
		LoadSourceFile(textBox_sourceDocumentPath.Text);
	}
	
	private void button_signFile_Click(object sender, EventArgs e)
    {
        textBox_targetDocumentPath.Text = textBox_sourceDocumentPath.Text.Replace(".pdf", "_s.pdf");
        File.Copy(textBox_sourceDocumentPath.Text, textBox_targetDocumentPath.Text, true);

        DCDocument.UseLTV = checkBox_useLTV.Checked;								// LTV does not work! Raises an Exception
        DCDocument.UseTimeStampServer = checkBox_useTimeServer.Checked;
        if (checkBox_useTimeServer.Checked)
        {
            if (!textBox_timeServerURL.Text.Equals(""))
            { 
                DCDocument.TimeStampServer = textBox_timeServerURL.Text;
                DCDocument.TimeStampServerPassword = textBox_timeServerPassword.Text;
            }
        }

        DCDocument.SignFile(textBox_targetDocumentPath.Text, comboBox_certificateCN.Text);

        string tempFilename = textBox_sourceDocumentPath.Text;
        textBox_sourceDocumentPath.Text = textBox_targetDocumentPath.Text;
        LoadSourceFile(textBox_sourceDocumentPath.Text);

        //File.Delete(tempFilename);
    }

Attached are some sample files sample.pdf the original file, sample_s.pdf the file signed without conversion, sample_a.pdf the file converted to pdfa_3b format, sample_a_s.pdf the pdfa file signed with the same time server.

sample.pdf (3.0 KB)
sample_a.pdf (90.7 KB)
sample_a_s.pdf (645.9 KB)
sample_s.pdf (557.1 KB)

Notice the size of the file increases dramatically when signed

@danilos,

I already explained why that happened. The whole chain of trust is stored in the PDF to validate it when it is offline.

I will be checking the code because I still have my doubts, and I cannot declare it a bug or present it to the dev team this way.

Edit: Can you sign your document using this example? Add digital signature or digitally sign PDF in C#|Aspose.PDF for .NET

Hi Carlos.

The is a problem with how Aspose performs the PDFA conversion. I used the original sample.pdf above and converted the document to pdfa format using freepdfconvert.comm and I signed the converted file with the code above and the signature results as valid.

If how I make the PDFA conversion is correct then the problem is a software defect in the Aspose dll.
Regards

sample.pdf (3.0 KB)
sample_pdfa_freepdfconvert…pdf (10.2 KB)
sample_pdfa_freepdfconvert._s.pdf (565.7 KB)

the verify format also must have a defect, it does not validate the PDFA document converted using freepdfconvert.com

I have also tested the size of the signed file with DocuSign, DocuSign generates a signed file of 140KB, while Aspose generates a file larger than 500KB for the same file.

I also find that the Verify Signatures validates a document signed with Aspose even though Reader considers the signature invalid, and considers invalid a signature in a document signed with DocuSign.

@danilos,
Just so we are on the same thought before creating a ticket to the dev team, and it is incorrect.

Using Aspose PDF API you convert a Pdf document to PDFA format, then you sign it, and the signature is invalid.

Can you provide a piece of code that does that? The code above is different methods for specific functionality and signing is not even handled by the Aspose API.

So for the sake of giving to the dev team all the tools they need, can create a single method that converts to PDFA and then sign the document using the Aspose PDF API, and provide the input and output PDF documents?

With those things, I can create a ticket for the development team.

Thank you so much for your time.

EDIT: In the ticket I will also mention the size problem you have.

Hi Carlos,

in the actual project, everything is handled by the Aspose library, including the signature. I just used the other libraries and web sites to check and compare results, and find out what is wrong with what I get with the Aspose library.

“Using Aspose PDF API you convert a Pdf document to PDFA format, then you sign it, and the signature is invalid.” - CORRECT! The signature of the converted PDFA document results invalid according to the pdf Readers.

A sample visual studio project is attached. You will need to make sure the code can reference an Aspose.pdf assembly version 23.2 or 23.4 and by changing the global variables you should be able to perform all tests including the format and signature validation with third parties libraries.

I hope it helps
Regards

AsposeCMD.zip (725.9 KB)

1 Like

@danilos,

Sorry but I think I made a mistake in my explanation, and why I am so focused on this is because otherwise, the ticket will be rejected. After all, it is normal behavior. You cannot sign a document and then convert it as I said in my message above. That will modify a signed document triggering and invalidation on the signature. That is normal.

But I read the code you sent me, and the method convertAndSign does it the other way around, the right way, which is to convert the document first and then sign it.

Can you verify this is the way it is triggering your error?

With this information confirmed, I will process creating a ticket for the dev team.

Also, thanks for adding those 3 documents, input, input converted, then input converted signed. That is key for the person who will check the code.

I can confirm, the document are first converted to PDFA and then Signed, just as the code shows. The documents in the debug folder were produced by executing the code in the project from the sample.pdf file - and if you compile and execute, the code will generate a new version of the converted and signed files with the certificate you specify from the sample.pdf (or a source pdf you specify, if you change the source).

The sequence is:

  1. convert to PDFA
  2. sign document

@danilos
We have opened the following new ticket(s) in our internal issue tracking system and will deliver their fixes according to the terms mentioned in Free Support Policies.

Issue ID(s): PDFNET-54549

You can obtain Paid Support Services if you need support on a priority basis, along with the direct access to our Paid Support management team.