We're sorry Aspose doesn't work properply without JavaScript enabled.

Free Support Forum - aspose.com

PDF signing questions (multiple Digital Signatures (PKI)) PAdES support

Does Aspose PDF support digital signing a PDF that already has a digital signature without invalidating the first signature? I believe this is referred to as Serial Signing

Example: A PDF is authored by a third party and signed to authenticate the author. We want to append some additional information then apply our signature. We would like both signatures to be intact, the signature on the original portion of the document and the signature on the whole (outer) document.

iText supports this as it supports PAdES (PDF Advanced Electronic Signatures)

Hi Mark,


Thanks for contacting support.

Aspose.Pdf for .NET supports the feature to digitally sign the PDF files but we have not yet tested addition of digital signature to already signed PDF file. Can you please share your sample PDF file, so that we can test the scenario at our end.

I do not have any sample documents (we are current users of Aspose Word and are researching PDF libraries). However a more valuable test (at least for us) would be to take any PDF document and using Aspose PDF append something to it and sign it with the appended information included in the signing hash. This should be just a straight forward digital signature. Take the resulting document created by Aspose PDF and repeat the process, by appending something else and signing again.

Also is the whole certificate chain included (embedded) in the signature portion of the PDF? I think that is a requirement for PAdES (PDF Advanced Electronic Signature).
http://en.wikipedia.org/wiki/PAdES

Hi Mark,


Thanks for sharing the details.

I have tested the scenario using Aspose.Pdf for .NET 9.6.0 where I have used the code snippet shared over Digitally sign PDF file link and as per my observations, the digital signature is properly being added to PDF file. I have also repeated the same problem to add a signature to already signed PDF and both signatures appear in resultant PDF. Can you please try using our API and in case you face any issue, please share the resource files i.e. Digital Signature, PDF etc so that we can further investigate the issue in our environment.

Hi, I am facing the same problem and I do not know waht to do because convert PDF to PDFA is mandatory before signing it and always I try two sign it for the second time the first signature got invalid.


Please help me.

It’s something Urgent and as I could see it’s a known problem.

Thanks in advance

I have attached a PDF file converted to PDFA by aspose pdf

If you try to sign it twice or more, the first signature will get invalid

If I do not use Aspose to convert it, it works fine.

Jonatas:
Hi, I am facing the same problem and I do not know waht to do because convert PDF to PDFA is mandatory before signing it and always I try two sign it for the second time the first signature got invalid.

Please help me.

It’s something Urgent and as I could see it’s a known problem.

Thanks in advance

I have attached a PDF file converted to PDFA by aspose pdf

If you try to sign it twice or more, the first signature will get invalid

If I do not use Aspose to convert it, it works fine.
Hi Andre,

Thanks for contacting support.

As per my understanding, you are first converting PDF file to PDF/A_1b format and then digitally signing the PDF/A file. In order to test the scenario, I have used one of my sample digital signatures and when I have tried digitally signing PDF/A document, the PDF/A compliance is lost. Because as per PDF/A standards, the documents cannot be modified and if we make any changes, the compliance is lost.

Furthermore, when signing the document twice, it corrupts/invalidates the signature inside the document and it has already been logged in our issue tracking system as PDFNET-40288. However request you to please share some more details on why you need to sign the document twice and your digital signature so that we can further look into this matter. For your reference, I have also attached the output generated over my end.

We are sorry for this inconvenience.

[C#]

// path to digital signature<o:p></o:p>

string pbxFile = “c:/pdftest/MySPC.pfx”;<o:p></o:p>

string inFile = @“c:/pdftest/99180_d8390159-b0f0-45c8-bdff-683472a31cc1.pdf”;<o:p></o:p>

// load input PDF file<o:p></o:p>

Document doc = new Document(inFile);<o:p></o:p>

// convert document to PDF/A compliacne format<o:p></o:p>

doc.Convert(new MemoryStream(), PdfFormat.PDF_A_1B, ConvertErrorAction.Delete);<o:p></o:p>

// save PDF/A output<o:p></o:p>

doc.Save(“c:/pdftest/ConvertedPDF_A_1b.pdf”); <o:p></o:p>

string outFile = @“c:/pdftest/99180_d8390159-b0f0-45c8-bdff-683472a31cc1_DigitallySign_out.pdf”;<o:p></o:p>

using (Document document = new Document(“c:/pdftest/ConvertedPDF_A_1b.pdf”))<o:p></o:p>

{<o:p></o:p>

using (PdfFileSignature signature = new PdfFileSignature(document))<o:p></o:p>

{<o:p></o:p>

Aspose.Pdf.Forms.PKCS7 pkcs = new Aspose.Pdf.Forms.PKCS7(pbxFile, “test”); // Use PKCS7/PKCS7Detached objects<o:p></o:p>

Aspose.Pdf.Forms.DocMDPSignature docMdpSignature = new Aspose.Pdf.Forms.DocMDPSignature(pkcs, Aspose.Pdf.Forms.DocMDPAccessPermissions.FillingInForms);<o:p></o:p>

System.Drawing.Rectangle rect = new System.Drawing.Rectangle(100, 100, 200, 100);<o:p></o:p>

// Set signature appearance<o:p></o:p>

signature.SignatureAppearance = @“c:/pdftest/Conversion.PNG”;<o:p></o:p>

// Create any of the three signature types<o:p></o:p>

signature.Certify(1, “Signature Reason”, “Contact”, “Location”, true, rect, docMdpSignature);<o:p></o:p>

// Save output PDF file<o:p></o:p>

signature.Save(outFile);<o:p></o:p>

}<o:p></o:p>

}<o:p></o:p>

using (Document document = new Document(outFile))<o:p></o:p>

{<o:p></o:p>

using (PdfFileSignature signature = new PdfFileSignature(document))<o:p></o:p>

{<o:p></o:p>

System.Collections.IList sigNames = signature.GetSignNames();<o:p></o:p>

if (sigNames.Count > 0) // Any signatures?<o:p></o:p>

{<o:p></o:p>

if (signature.VerifySigned(sigNames[0] as string)) // Verify first one<o:p></o:p>

{<o:p></o:p>

if (signature.IsCertified) // Certified?<o:p></o:p>

{<o:p></o:p>

if (signature.GetAccessPermissions() == Aspose.Pdf.Forms.DocMDPAccessPermissions.FillingInForms) // Get access permission<o:p></o:p>

{<o:p></o:p>

// Do something<o:p></o:p>

}<o:p></o:p>

}<o:p></o:p>

}<o:p></o:p>

}<o:p></o:p>

}<o:p></o:p>

}

The issues you have found earlier (filed as PDFNET-40288) have been fixed in Aspose.PDF for .NET 21.7.