gdelugre
commented
7 years ago I think the reason is you forgot to configure the issuer of the certificate.
I am getting the correct result with:
require 'openssl'
require 'origami'
include Origami
key = OpenSSL::PKey::RSA.new 2048
name = OpenSSL::X509::Name.parse 'CN=nobody/DC=example'
cert = OpenSSL::X509::Certificate.new
cert.version = 2
cert.serial = 0
cert.not_before = Time.now
cert.not_after = Time.now + 3600
cert.public_key = key.public_key
cert.subject = name
cert.issuer = name # try adding this line here
cert.sign key, OpenSSL::Digest::SHA1.new
open 'certificate.pem', 'w' do |io| io.write cert.to_pem end
OUTPUTFILE = "outfile.pdf"
pdf = PDF.read('testing.pdf')
pdf.sign(cert, key,
:method => 'adbe.pkcs7.sha1',
:location => "Portugal",
:contact => "myemail@email.tt",
:reason => "Proof of Concept"
)
pdf.save(OUTPUTFILE)
signed_cert = OpenSSL::X509::Certificate.new(File::read('certificate.pem'))
pdf = PDF.read("outfile.pdf")
if pdf.signed?
p pdf.verify(trusted_certs: [signed_cert]) #This should give true now
end
Using the following code i added digital signature into pdf.
After that i used the following code to verify digital signature using stored certificate. But it gives false.