EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Signing "minimal" PDF file fails

Also by EldoS: MsgConnect
Cross-platform protocol-independent communication framework for building peer-to-peer and client-server applications and middleware components.
#20690
Posted: 06/29/2012 11:00:40
by Stephane Grobety (Priority Standard support level)
Joined: 04/18/2006
Posts: 170

Hello,

There seem to be a minor glitch in TElPDFDocument signer: I'm trying to sign a "minimal" PDF document but I get an error "Unexpected character" when I open it.

The document opens fine in Acrobat. I got it from there:

http://zagaeski.devio.us/0004.html

For context, I'm using eToken keys to stored my user's certificates and I need to add a "dummy" signature in my PDF signing app. That's because the users want to enter the certificate password BEFORE the PDF is generated (it's a scanned document). I thought that the simplest approach was to sign a very simple PDF document in memory.

Thanks
#20706
Posted: 07/02/2012 04:50:12
by Ken Ivanov (EldoS Corp.)

Stephane, thank you for contacting us.

The document contained at the link you provided doesn't comply to the PDF specification. Particularly, it contains a stream object that is not indirect:

Quote

/Contents [
<< /Length 105 >>
stream
BT
/F1 18 Tf
0 0 Td
(Hello world.) Tj
ET
endstream ]


However, the PDF standard explicitly states that stream objects should always be indirect:

Quote

All streams shall be indirect objects (see 7.3.10, "Indirect Objects") and the stream dictionary shall be a direct object. The keyword stream that follows the stream dictionary shall be followed by an end-of-line marker consisting of either a CARRIAGE RETURN and a LINE FEED or just a LINE FEED, and not by a CARRIAGE RETURN alone. The sequence of bytes that make up a stream lie between the end-of-line marker following the stream keyword and the endstream keyword; the stream dictionary specifies the exact number of bytes. There should be an end-of-line marker after the data and before endstream; this marker shall not be included in the stream length. There shall not be any extra bytes, other than white space, between endstream and endobj.


That's why SBB reports the document as invalid.
#20710
Posted: 07/02/2012 10:05:00
by Stephane Grobety (Priority Standard support level)
Joined: 04/18/2006
Posts: 170

Thank you for your reply, it explains the problem (in my document) quite clearly.

Do you think it would be possible to have a "non-strict" mode that doesn't actually do more validation that absolutely necessary ?

I'm asking because I'm going to start signing document coming from a number of sources and I'd like to avoid that kind of errors if possible (nothing urgent, really).
#20711
Posted: 07/02/2012 10:44:29
by Ken Ivanov (EldoS Corp.)

Well, in fact we are constantly 'polishing' the components to be tolerant to mistakes in documents coming from variety of generators, so you are unlikely to come across any problem when processing documents containing minor mistakes.

I am not sure whether we should create a workaround for the above stream problem, as, according to the description on the site, the document in problem was created manually, on purpose and with theory rather than practice in mind. The problem in the document is quite major; such documents will be rejected by the majority of PDF software, so I doubt you will ever see a similar issue in real-world documents.
#20714
Posted: 07/03/2012 01:51:32
by Stephane Grobety (Priority Standard support level)
Joined: 04/18/2006
Posts: 170

Fair enough.

I was just mentioning this since Reader can apparently read it without issue (I haven't tried it with Acrobat, though).

It's always hard to explain to a customer that his document is invalid but that the major application for that document type seems to be able to open it without trouble (I've had the issue with ZIP files).
#20715
Posted: 07/03/2012 05:12:42
by Ken Ivanov (EldoS Corp.)

I wouldn't say that Acrobat reads the document without issue. At least, the text that the author is supposing to be displayed on the page is not displayed. Besides, when trying to zoom in and out, it reports various errors for me.

I understand your concerns, still I'd like to ensure you that we will do our best not to leave you alone with an angry customer. We always aim to adjust the components so that they were tolerant to generators' mistakes. Even in an unhappy case where the components are unable to process a document, we try to prepare a workaround as soon as possible. Finally, most of the compatibility issues of widely used generators are already known and the corresponding workarounds implemented.

Please understand me correctly. You are extremely unlikely to come across any single real-world document exposing the direct stream object issue. Preparing a workaround for such a 'mistake' is not a trivial task, and spending more time on solving 'virtual' problems will result in spending less time on solving the real ones.
#20716
Posted: 07/03/2012 05:55:43
by Eugene Mayevski (EldoS Corp.)

Quote
Stephane Grobety wrote:
It's always hard to explain to a customer that his document is invalid but that the major application for that document type seems to be able to open it without trouble (I've had the issue with ZIP files).


When the person is i... alternatively-minded, it's hard to explain anything to him. And the world is full of i... alternatively-minded people. The reason is simple - some people just don't want to understand or to solve the problem, and their goal is to feel abused.

Unfortunately 100% user satisfaction is a myth that hurts the business in the long term.


Sincerely yours
Eugene Mayevski
Also by EldoS: Callback File System
Create virtual file systems and disks, expose and manage remote data as if they were files on the local disk.

Reply

Statistics

Topic viewed 885 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!