Second digital signature invalidates the first one #4
Comments
|
The incremental update mechanism is a complex beast and there are many bugs in legacy PoDoDo. In my tests, the main reason the previous signatures invalidates after the following one is that the incremental update unnecessarily rewrites several objects of the previous revision. The objects may be rewritten without changes but Acrobat Reader decides this is a violation of the restrictions that are imposed in incremental updates to consider previous signatures as valid. With this regard, PoDoFo was buggy/lacking in these areas:
All of these areas were taken care in pdfmm in several commits through the last 2-3 years. Here it follows an incomplete list:
This probably means that there's no simple fix for the kind of issue you're seeing, not at least in the general case. One option would be (keep trying?) using pdfmm, or wait for PoDoFo-next to be introduced, which should be a matter of weeks[1], and trying to see if this fixes the issue for you. Other options is looking through the list of commits I wrote here to look if you can craft a fix yourself, or find other maintainers interested in looking through this issue in 0.9.x. As I previously clarified with the community, I won't look through 0.9.x code. [1] https://www.mail-archive.com/podofo-users@lists.sourceforge.net/msg04855.html |
|
PoDoFo-next (soon it will be 0.10) is now up and I recommend retry the issue with it for correct working. Please read carefully the FAQ, which are now currently 100% focused on signing. |
|
The issue is probably fixed in 0.10.0. If it's not, please re-open. |
When you apply a second digital signature to a pdf that already has a digital signature, the first one is invalidated, this digital signature is not more valid and adobe reader says "the document has been modified after the digital signature".
This happens because the incremental update doesn't work correctly.
The text was updated successfully, but these errors were encountered: