| | <<<Back 1 day (to 2019/08/13) | Fwd 1 day (to 2019/08/15)>>> | 20190814 |
| DaVinci | Hi, need a little help with signing. | 17:22.48 |
| | does mutools sign do a simple append, or can it use a comment field? | 17:23.22 |
| sebras | DaVinci: mutool sign -c is meant to remove the digital signature from a signature annotation while mutool sign -s is meant to add a new digital signature to an existing signature annotation. | 17:27.25 |
| | DaVinci: I'm suspecting that what you want is to _add_ a new signature annotation? | 17:27.40 |
| DaVinci | yes. My exact command is `mutool sign -s certificate.pfx -P 123Simple! sample.pdf -o sample-out.pdf` | 18:00.08 |
| | nothing recognizes the signature though. | 18:01.03 |
| sebras | DaVinci: flags like -o go before the input filename, the order ought be using `mutool sign -s certificate.pfx -P 123Simple! -o sample-out.pdf sample.pdf` but crucially you also do not list a signature object number after the input document. | 18:08.30 |
| | DaVinci: so I would expect that mutool sign does nothing in this case. | 18:08.41 |
| DaVinci | A signature object number? | 18:09.26 |
| | is that the file section that I want signed? | 18:09.58 |
| sebras | DaVinci: yes, the object number of the signature you want to sign. | 18:10.04 |
| DaVinci | I would expect all prior objects to be signed by default. | 18:10.17 |
| | so how do I list objects? | 18:10.52 |
| sebras | DaVinci: no, it is an annotation, just like when you can draw freehand annotations on a PDF. there is a special one called Signature Field whose object number you must list here. | 18:11.22 |
| DaVinci | How do I find that? | 18:11.41 |
| sebras | DaVinci: the easiest for you is probably to use mupdf-gl and simply click on the signature annotation there. | 18:12.06 |
| ator | DaVinci: mutool sign -l will list the id numbers of all signatures in the document | 18:12.09 |
| | sorry, just mutool sign sample.pdf (no -l required, just no -s or -c flag) | 18:13.02 |
| sebras | ator: thanks, I had forgotten how we had implemented that. we should probably support a -l too just to be obvious. | 18:13.51 |
| ator | sebras: go for it :) | 18:14.07 |
| DaVinci | Yes, that does list existing signatures. | 18:14.15 |
| sebras | ator: btw, we don't handle ink annotations with a single point in the ink list very well. | 18:14.32 |
| | ator: when we update the appearance stream we create one with a single moveto-operator. | 18:14.44 |
| DaVinci | But nothing if it's not signed | 18:14.46 |
| sebras | ator: that means in MuPDF Viewer there is nothing visible to click to select (but the rect is there, and _it_ can be clicked, even if it is invisible) | 18:15.32 |
| DaVinci | so how do I list the objects in a pdf( in order to determine what I want signed)? | 18:17.11 |
| | mupdf-gl does not appear to provide a way of signing the file. | 18:19.53 |
| sebras | DaVinci: so your PDF lacks a signature field, in that case. | 18:35.53 |
| | DaVinci: I'm not sure mupdf-gl allows for creating one. | 18:36.17 |
| DaVinci | Yes. I am not interested in stamps, only digital signatures that can be verified by Adobe pdf | 18:36.32 |
| sebras | DaVinci: right, so you want the "invisible" digital signature without an annotation? | 18:37.01 |
| DaVinci | Yes. | 18:37.10 |
| sebras | I'm not sure we allow for creating these document level digital signatures without any annotation field at all. | 18:37.56 |
| | and mupdf-gl probably has no way of interacting with those. | 18:38.26 |
| DaVinci | hmmm. I've only found 2 ways to do this so far on linux. PortableSigner and the LibreOffice pdf signing function. | 18:39.35 |
| | I don't want to use java, and LibreOffice doesn't get it quite right. | 18:39.58 |
| | I found a couple of commercial utilities, but those are not a real option either. | 18:40.28 |
| sebras | right, mupdf signature support focused on digital signatures with stamps (these are the signature fields I spoke of before, and they have object numbers needed for mutool sign) | 18:41.15 |
| | I should probably try to add support for the type without stamps too, but at the moment I'm doing something else. :) | 18:41.48 |
| DaVinci | I really don't get the point of the stamp, it looks like it could be used to backdoor the enduser. | 18:42.53 |
| sebras | DaVinci: usually signature fields are just an annotation on the page that you can click and then the viewer will show information about the signature. | 18:44.58 |
| | DaVinci: I'm not sure how that allows you to backdoor anything. | 18:45.07 |
| DaVinci | It requires the user to know that they have to dig, that a stamp is meaningless without a digital signature. At best, an annotation is redundant, otherwise it's just confusing. | 18:46.12 |
| sebras | DaVinci: I think the original idea was that the appearance could be e.g. an image of your signature done by hand and scanned, then if you click that signature you will get the digital signature information. | 18:47.58 |
| | at least that's how I read the pdf spec. | 18:48.10 |
| DaVinci | Yes. I see that, but users are dumb. What if I just put a stamp of my signature in the pdf. When does it click with a DEU that it has no value without the digital signature. | 18:49.16 |
| sebras | DaVinci: agreed, but I think you might be expecting too much of some users to understand the concept certificates, chains of trust, revocation lists, etc. | 18:50.38 |
| DaVinci | It's the only way digital signatures work. Adding in some cargocult concepts of a signature only bring confusion | 18:51.20 |
| | I also want to sign all the document objects, not just the signature. | 18:53.25 |
| | /signature/picture of a signature/ | 18:53.42 |
| sebras | DaVinci: in PDF a digital signature signs the entire file, but is connected to a specific annotation. | 18:53.53 |
| DaVinci | soooo, can we just add an invisible object and put the signature there? | 18:54.40 |
| sebras | DaVinci: a digitally signed file can later be amended, and a good viewer will tell you that the digital signature was valid at one point, but that the file has since been updated. | 18:54.48 |
| DaVinci | Yes, I understand that there is a strong relationship between the viewer and the document in order the create any kind of security with these stamps. | 18:55.36 |
| sebras | DaVinci: I don't think that's how that type of signature works. I think those are referred to from the Document Catalog or something. I haven't read up on the details about those, I just know that they exist and that Acrobat Reader can verify them in a side panel. | 18:55.50 |
| DaVinci | This is what I need. Honestly I am a little confused why the engineers allowed stamps to pollute such a strong signing technique. | 18:59.16 |
| sebras | DaVinci: did you see this? https://www.pdf-insecurity.org/ | 19:00.43 |
| DaVinci | havn't, but reading it now. | 19:04.29 |
| | can I just sign the last object? | 22:43.46 |
| sebras | DaVinci: no, it doesn't work that way. it needs to be a special kind of object that other pdf viewers recognize like a digital signature. | 22:51.52 |
| DaVinci | and the object can't be created simply? | 23:19.33 |
| sebras | DaVinci: I don't know. | 23:19.44 |
| DaVinci | looking at the example, it looks like a tagged language. what's the best library for working with it? | 23:20.40 |
| sebras | DaVinci: we are using mupdf. | 23:21.01 |
| DaVinci | can it create new objects? | 23:21.28 |
| sebras | DaVinci: it can. pdf_add_object() is used to create new objects, and existing objects can be manipulated. | 23:21.56 |
| | I'd wager that it is not trivial to add support for this, but have at it if you want to try. :) | 23:22.29 |
| DaVinci | so create a new object of zero size and the annotation attribute? | 23:22.55 |
| sebras | DaVinci: no, you probably need to hook that object into the correct location in the hierarchy, and also populate it with the necessary key-value pairs. | 23:24.04 |
| | DaVinci: but I don't know what those are. | 23:24.12 |
| DaVinci | well, you already have the capacity to sign and fill an existing object. | 23:24.53 |
| | seems like all you need to do is make a new object to contain the signature | 23:25.19 |
| sebras | that depends on the viewer attempting to verify the digital signature after you have signed it. if the signature is not in the location it expects (i.e. according to spec), then the signature will fail. | 23:26.57 |
| | signature check that is. | 23:27.05 |
| DaVinci | I only need it to pass A-pdf | 23:27.49 |
| sebras | I don't know what A-pdf is. | 23:28.26 |
| DaVinci | Adobe pdf reader | 23:28.35 |
| | <<<Back 1 day (to 2019/08/13) | Forward 1 day (to 2019/08/15)>>> | |
Log of #mupdf at irc.freenode.net.