Signature is not PAdES compliant and "The signature is not intact!"

[ElTimuro]

Hi Valery,

first of all great project. I hope I can contribute soon, since I am currently building an open-source signing service called Documenso.com. While checking out your library I found this issue:

Describe the bug and the expected behaviour

• The PDF signature produces "The signature/seal is not a valid AdES digital signature!" when validated by the official EU framework here (just upload "signed file"): https://ec.europa.eu/digital-building-blocks/DSS/webapp-demo/validation
• Also the validation call the signature not intact. So far I'm not sure what that means. I validated other PDFs (created using https://github.com/open-pdf-sign/open-pdf-sign for example) and there it seems to work. Since a pure NPM Packge is much better than java I would love to help fix those issue here.

Is it a bug in signing or in the helpers? I used plainAddPlaceholder, not sure if the helper is the problem.

To Reproduce Simple sign any PDF and Validate using the EU tool. (just upload "signed file"): https://ec.europa.eu/digital-building-blocks/DSS/webapp-demo/validation

• I used

const pdfBufferToSign = plainAddPlaceholder({
    pdfBuffer,
    subFilter: SUBFILTER_ETSI_CADES_DETACHED,
  });

to sign.

Give us a failing test.

• PDF used for signing by me: https://drive.google.com/file/d/1sqgedjsGzDDx4QSG6XuAfbn-dsvjMVcj/view?usp=sharing
• Signed Version and Validation result: https://drive.google.com/drive/folders/1H2ljTKRLm227bNUwnwF6W85te58IQwLG?usp=sharing

Cheers from Hamburg Timur

[vbuch]

149 #71

I think people complained about the same before. I could trace it up to https://github.com/vbuch/node-signpdf/issues/70#issuecomment-861435746 Nobody ever suggested a PR hence it is not fixed in the library. Try it out and everyone would love it if you can come up with a PR.

[ElTimuro]

I will do my best, but I'm currently new in the matter so it will thank some time to get into it. I was hoping you had more insight as to why, since the implementation is working well otherwise as far as I can tell and you seem to know PAdES. I'm considering completely writing a node/ TS library port of the https://github.com/esig/dss library, tho probably only PAdES for now.

I will let you know if I find something. Meanwhile, if you have any idea where to start that would be helpful.

[ElTimuro]

PR: https://github.com/vbuch/node-signpdf/pull/187

[ElTimuro]

Fixed and merged 🎉

[vbuch]

Released in 1.5.1

[hmpvillegas]

good day to you all, was wondering PAdES mode for signing is multiple signature supported ? thanks