Until validating multiple signatures is added, this is a stopgap measure to allow the first certificate in a PDF to be verified.
While https://github.com/ninja-labs-tech/verify-pdf/issues/108 is correct, an individual ByteRange should cover to the end of the "file", a PDF can contain multiple ByteRanges, especially because a PDF can be modified by incremental update, and a 2nd ByteRange is added then to cover the modification. The original ByteRange only covers up to the %%EOF where the original file ended before modification.
The proper fix is to implement support for multiple signatures. I might be able to work on this but for now I need a stopgap to support my use case.
Until validating multiple signatures is added, this is a stopgap measure to allow the first certificate in a PDF to be verified.
While https://github.com/ninja-labs-tech/verify-pdf/issues/108 is correct, an individual ByteRange should cover to the end of the "file", a PDF can contain multiple ByteRanges, especially because a PDF can be modified by incremental update, and a 2nd ByteRange is added then to cover the modification. The original ByteRange only covers up to the
%%EOF
where the original file ended before modification.The proper fix is to implement support for multiple signatures. I might be able to work on this but for now I need a stopgap to support my use case.