m32
commented
3 years ago traceback ? some more info ?
Closed nolanding closed 2 years ago
m32
commented
3 years ago traceback ? some more info ?
nolanding
commented
3 years ago /my_drive/pdf_signature/venv/bin/python /my_drive/pdf_signature/pdf_sign_verification.py
Traceback (most recent call last):
File "/my_drive/pdf_signature/pdf_sign_verification.py", line 164, in
m32
commented
3 years ago Please share signed and unsigned pdf document.
nolanding
commented
3 years ago I only have signed pdf.
On Wed, Feb 3, 2021 at 5:41 PM Grzegorz Makarewicz notifications@github.com wrote:
Please share signed and unsigned pdf document.
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/m32/endesive/issues/87#issuecomment-772462677, or unsubscribe https://github.com/notifications/unsubscribe-auth/AFCRRAG3RWUEX7ZFQR2TZPLS5E4OXANCNFSM4XAVMB3A .
m32
commented
3 years ago ok
nolanding
commented
3 years ago Did you get why I was facing the issue?
m32
commented
3 years ago How do you think I can find out where the problem is? I don't have a pdf document, I don't know your code - traceback alone is not enough information. Use the examples, there is a pdf-verify.py file, does it work for you?
nolanding
commented
3 years ago I shared the signed document with you. Using only pdf.verify function I was trying to get if my signature is valid or not. I'm unable to follow the error message which I'm getting. For the given examples I tried few it worked for me. Can you suggest me some changes in pdf which I should try to get more insight of the error which I'm getting.
On Fri, 5 Feb, 2021, 2:52 pm Grzegorz Makarewicz, notifications@github.com wrote:
How do you think I can find out where the problem is? I don't have a pdf document, I don't know your code - traceback alone is not enough information. Use the examples, there is a pdf-verify.py file, does it work for you?
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/m32/endesive/issues/87#issuecomment-773907201, or unsubscribe https://github.com/notifications/unsubscribe-auth/AFCRRAFCYEBGKAA262JAKT3S5O2HHANCNFSM4XAVMB3A .
m32
commented
3 years ago I don't see any link to the pdf file in this conversation.
There are different ways to sign a pdf file, endesive only uses one of them. Without a pdf file, I can't say anything about the reason, and from what I can see there is practically nothing: File "/my_drive/pdf_signature/venv/lib/python3.9/site-packages/asn1crypto/core.py", line 230, load signature is not present
nolanding
commented
3 years ago The above message was from exception, which I wrote to handle the error. Please find attached file,I was actually using mails. sample09.pdf
m32
commented
3 years ago I was wrong. The document is signed with a root certificate. I think this is not a normal situation, but will add some code to check this situation.
nolanding
commented
3 years ago Thanks for the update. Can you tell what was error actually about, then I'll also be able to work around to solve it and cover other cases.
m32
commented
3 years ago /Contents <0481807645e70c3eabeb4bc186b806e373710f05caecadf75cf18118c90cf345a0aee0865715eeef868930668d98115dbf71fcad9789852e8db876b5cc26be41f3f00a39c7688cfceb08d88d4821dc703206dfdfce939a6664 c4e5b7921633285749c1be4ca60bb3f495cb23d44b7b2fb735e7cb8c8079638445622d52964d8eb9803c>/SubFilter/adbe.x509.rsa_sha1/Location(Sign Location / city)/ByteRange [0 30700 30964 181761 ]
According to the pdf documentation, Contents should be cms.ContentInfo but here is asncrypto.core.OctetString. From my point of view, this is some strange case that I don't want to spend any time on. If you have an idea how to read it, I am waiting for PR.
<</Reference[<</Data 13 0 R/Type/SigRef/TransformParams<</Type/TransformParams/V/1.2/P 1>>/DigestMethod/MD5/DigestLocation[0 0]/DigestValue(aa)/TransformMethod/DocMDP>>]/Type/Sig/Name(Alice) /M(D:20091004152818+05'00')/Cert(.....CERT IS HERE...)
m32
commented
3 years ago Ideally /SubFilter has value /adbe.pkcs7.detached but in this case /SubFilter/adbe.x509.rsa_sha1 Will assert this in code Probably this Contents is only SHA1(document), and signature is elsewhere (in xml ?). Just another uncommon case of signatures in pdf.
panzi
commented
3 years ago All the government signed PDFs here in Austria give me this error. Any idea on how I can verify such a PDF?
Filter: Adobe.PPKLite
SubFilter: adbe.x509.rsa_sha1@panzi There is no single method of saving a signature in pdf documents, so there is no single method to verify them. If the situation repeats, maybe it is worth adding it to the endesive code - it will be useful to you, maybe others too.
panzi
commented
3 years ago The situation does repeat in as much all PDFs signed by any Austrian government agency seem to be signed that way. I managed to write my own hacky verifier (that only supports these kinds of PDFs) now, though. I hope I did everything right, i.e. don't have any vulnerabilities.
m32
commented
3 years ago Add a signature verification test, and if all tests pass successfully, we can add your code to endesive.
panzi
commented
3 years ago Well, the document(s) that I have to validate are confidential (health stuff), so I don't know how to write a test that can be publicly shared for that.
m32
commented
3 years ago Cut confidential data and send it to me (e.g. e-mail) - the document will not be legible or verifiable, but I will be able to see where and how the signature information is written. This will give me a chance to write a program.
m32
commented
2 years ago The old ways of signing are not supported by endesive, adbe.x509.rsa_sha1 is just that. Out of curiosity I added the script: pdf-verify-rsa_sha1.py, it only works for the simplest case DigestLocation = [0 0], DigestValue = 'aa'
ValueError: Error parsing asn1crypto.cms.ContentInfo - method should have been constructed, but primitive was found