Quantcast
iText - General

sign and encrypt a signed file

classic Classic list List threaded Threaded
2 messages Options
Alexander Raitskin
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate
star

sign and encrypt a signed file

Alexander Raitskin
Hello,
If I sign and encrypt a PDF - the signature remains valid and the PDF is protected by a password.

However if I sign the document first (in append mode) and then sign again and encrypt (as I did before) - the first signature becomes invalid while the second one is OK (and the document
is protected by a password).

Is there a way to sign several a PDFs and finally to sign and encrypt it?



R. Alexander
 
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
iText-questions mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/itext-questions

iText(R) is a registered trademark of 1T3XT BVBA.
Many questions posted to this list can (and will) be answered with a reference to the iText book: http://www.itextpdf.com/book/
Please check the keywords list before you ask for examples: http://itextpdf.com/themes/keywords.php
mkl
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate
star

Re: sign and encrypt a signed file

mkl
Alexander,
Alexander Raitskin wrote
Is there a way to sign several a PDFs and finally to sign  *and* encrypt it?
Whenever you have a PDF with signatures, these signatures contain hash values of some revision of the PDF (with the signature bytes themselves excluded).

When you want encrypt such a PDF, your intention surely encompasses the encryption of all the text already signed; thus, when you encrypt the file, you change all the string values in the document. This implies that the hash values calculated during signature creation don't match the hash values after encryption anymore. (Actually there are other problems, too, obstructing the encryption of PDFs with integrated signatures.)

Thus, in a nutshell, encrypting a document breaks any formerly applied signatures in it.

Regards,   Michael

PS: The situation may differ in case of XFA XML signatures: If those XML signatures are checked only after decryption of the XFA XML stream, they might not be invalidated by encrypting the document.
Loading...
Powered by Nabble Edit this page