Where to place digital signature in PDF (openpgp.js)?

A

askold20132018-03-08 11:47:53

JavaScript

askold2013, 2018-03-08 11:47:53

Hello!
I implement a digital signature of pdf files using openpgp.js.
The question is - how / where to place the signature so that the file itself is not damaged?
If done straight:

const file = fs.readFileSync('./testdoc.pdf', 'utf-8');
let privkey = fs.readFileSync('./private1.key', 'utf-8'); //encrypted private key
let passphrase = 'secret'; //what the privKey is encrypted with
const privKeyObj = openpgp.key.readArmored(privkey).keys[0];
privKeyObj.decrypt(passphrase);

openpgp.sign({
    data: file, // input as String (or Uint8Array)
    privateKeys: privKeyObj, // for signing
    //detached: true,
})
.then(signed => {
    //console.log(signed.signature);
    fs.writeFileSync('./testdoc.pdf', signed.data);
});

Then after the signature, the file will become corrupted, as a header will appear at the beginning:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

%PDF-1.3
%����
4 0 obj
<<
/Type /Page

If we make detached: true and write the signature to a separate file (which is not very good for me),
then the verification fails:

var message = openpgp.message.readSignedContent(file, sig); //file - исходный файл, без подписи, sig - файл с сигнатурой, в кодировке utf-8
var result = message.verify(openpgp.key.readArmored(pubkey).keys); // result.valid=false всегда

+ signatures can be not one but many on 1 file - how to make them independent from each other?
What is the mechanism here? Where should the signature be placed?

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

R

Rsa97, 2018-03-08
@Rsa97

According to the PDF standard , a digital signature is stored in a special structure in the tree of the document itself.
The TCPDF library has a setSignature() method to add a signature to a PDF ( example ).