EldoS | Feel safer!

Software components for data protection, secure storage and transfer

PDF Signing + PDF Validation

Also by EldoS: BizCrypto
Components for BizTalk® and SQL Server® Integration Services that let you securely store and transfer information in your business automation solutions.
#29575
Posted: 05/26/2014 12:47:38
by Dmytro Bogatskyy (EldoS Corp.)

Hello,
Quote
I'm trying to validate first the signatures, skipping the certificate validations part for now.

Quote
I'm using the following C# code to validate the PDF signature (totally based on your PDF Processor Sample), but it always gets into "The selected signature is signed by certificate that is NOT VALID".

The signature validation for TElPDFPublicKeySecurityHandler class is done using Validate() method. According to your message the Validate() method returns true.
Quote
What am I doing wrong on the TElX509CertificateValidator properties?

What is a Reason returned by CertificateValidator.Validate() method?
#29577
Posted: 05/26/2014 12:59:51
by glinttgs sousa (Basic support level)
Joined: 02/27/2014
Posts: 51

It doesn't return true.. It always returns false:

"
else
{
Console.WriteLine("The selected signature is signed by certificate that is NOT VALID");
return false;
}
"

It always ends up on that part of the code.
With my PDF you'd see the error.. How can I send it to you?
#29578
Posted: 05/26/2014 14:12:14
by Dmytro Bogatskyy (EldoS Corp.)

Hello,
Quote
It doesn't return true.. It always returns false:

If it is false, you should see "The selected signature is NOT VALID" message.
Quote
Console.WriteLine("The selected signature is signed by certificate that is NOT VALID");

It is in the else block of "if (Validity == TSBCertificateValidity.cvSelfSigned)" statement.
Quote
With my PDF you'd see the error.. How can I send it to you?

You can pack it in archive and attach it here. If it is larger than 2 Mb, please put them to some file exchange place (Google Drive, Dropbox is fine) and post the link here.
#29581
Posted: 05/26/2014 23:05:22
by Eugene Mayevski (EldoS Corp.)

ZIPs should (and can't) be attached to the forum posts.

Also, as I said in previous messages, you have problems with *certificate* validation rather than signature validation. We do NOT help with "my certificate is not validated" questions within Basic support level - the user is expected to have some understanding of certificates and read the books and articles that we have (or recommend) on the site.


Sincerely yours
Eugene Mayevski
#29583
Posted: 05/27/2014 03:40:01
by glinttgs sousa (Basic support level)
Joined: 02/27/2014
Posts: 51

Here it goes my zipped PDF file.

https://feupload.fe.up.pt/get/MSd9EdsLPz2c64r

I have have some understanding of certificates. In fact, I have some deep knowledge concerning digital certificates.
I've already saw your links and articles of certificate validation, and I still don't understand why it considers this particular certificate, an invalid one.

Please, check the file and take your own conclusions.
#29585
Posted: 05/27/2014 03:52:07
by Eugene Mayevski (EldoS Corp.)

Please re-read the mini-FAQ on certificate validation and use it as a guide in diagnosing your problem. We will not do your job for you within basic support level. Helping you with particular certificate chains can be done as a custom service for a fee.


Sincerely yours
Eugene Mayevski
#29587
Posted: 05/27/2014 05:07:15
by glinttgs sousa (Basic support level)
Joined: 02/27/2014
Posts: 51

Just one question, before I try to diagnose that.

When I do

Code
for (int u = 0; u < doc.SignatureCount; u++)
            {
                TElPDFSignature sig = (TElPDFSignature)doc.get_Signatures(u);
                if (sig.Validate())
                {
                }
              }

the sig.Validate() is the method that validates the signature, right?
In your documentation it says: "The method checks that the signed data has not been altered"

The thing is, no matter how I alter the file, the sig.Validate() always returns true.. What can cause this?
#29588
Posted: 05/27/2014 05:19:21
by Eugene Mayevski (EldoS Corp.)

It is possible that the signature covers only a part of the file and you are making modifications outside of this part of the file.


Sincerely yours
Eugene Mayevski
#29589
Posted: 05/27/2014 05:25:23
by glinttgs sousa (Basic support level)
Joined: 02/27/2014
Posts: 51

How can I cover all the parts of the file?

My signature is based on your PDF samples.. It exists some property to cover all file?
#29590
Posted: 05/27/2014 05:56:05
by Eugene Mayevski (EldoS Corp.)

Let's put it differently - how exactly are you changing the file? It can happen that you change the bytes that define file structure or something similar, which is not file contents (and thus is not covered by the signature).


Sincerely yours
Eugene Mayevski
Also by EldoS: CallbackRegistry
A component to monitor and control Windows registry access and create virtual registry keys.

Reply

Statistics

Topic viewed 3250 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!