search

unidoc / unipdf-examples

Examples for creating and processing PDF files with UniPDF https://github.com/unidoc/unipdf
https://unidoc.io
272 stars 101 forks source link

Digital signing lags when opening pdf with Adobe Reader #106

Closed Duksic closed 4 years ago

Duksic commented 4 years ago

I just self signed a document using your library, and it is having problems with Adobe Reader. It loads extremely slow on linux and on windows and OS x it gets stuck or even crashes. Do you know if this is an problem with the unipdf lib or adobe reader?

gunnsth commented 4 years ago

@Duksic Please submit the code you are using and files. The information provided here is too vague to be able to provide any information.

Duksic commented 4 years ago

@gunnsth i was using this code (pdf_sign_generate_keys.go) to generate keys and sign pdf. The pdf created crashes on start up in adobe reader DC. I managed to sign it using my own .pfx, but using automatic generation resulted in a crash. I sent you pdf that I signed. So i'm wondering what could the problem be with the generate_keys.go result.pdf

gunnsth commented 4 years ago

@Duksic Can you attach the original file so we can fully reproduce and analyze?

Duksic commented 4 years ago

Here you go @gunnsth

testing.pdf result.pdf

adrg commented 4 years ago

Hi @Duksic,

I believe Adobe Reader does not like that the certificate does not have a common name set. Could you try setting one and let us know if it still crashes on Windows and OS X? BasicConstraintsValid should be removed as well although it does not seem to cause any issues.

template := x509.Certificate{
    SerialNumber: big.NewInt(1),
    Subject: pkix.Name{
        CommonName:   "any",
        Organization: []string{"Test Company"},
    },
    NotBefore: now.Add(-time.Hour),
    NotAfter:  now.Add(time.Hour * 24 * 365),

    KeyUsage:              x509.KeyUsageDigitalSignature,
    ExtKeyUsage:           []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth},
}

Or better yet, a more complete template:

template := x509.Certificate{
    SerialNumber: new(big.Int),
    Subject: pkix.Name{
        CommonName:   "any",
        Organization: []string{"Test Company"},
    },
    NotBefore:          now.Add(-time.Hour).UTC(),
    NotAfter:           now.Add(time.Hour * 24 * 365).UTC(),
    PublicKeyAlgorithm: x509.RSA,
    KeyUsage: x509.KeyUsageKeyEncipherment |
        x509.KeyUsageDigitalSignature |
        x509.KeyUsageDataEncipherment,
}
ahall commented 4 years ago

This sounds like something we should have on help.unidoc.io :)

Duksic commented 4 years ago

@adrg i added that which you mentioned and it worked like a charm, thank you for your assistance ^^

Duksic commented 4 years ago

@adrg can i ask you a question, i needed to do re-signing of digital signatures, i decided to go through reader AcroForm and just remove all Signature types and then just add a new signature, will that be a sufficient solutiion for re-signing, what do you think? It works on quick testing, but im wondering if that is good enough