EldoS | Feel safer!

Software components for data protection, secure storage and transfer

After we make changes to PDF document, the signature is still valid. How it could happen?

The reason for such sort of problems is that PDF standard supports incremental updates. The general idea of incremental updates is that you can append new data to the end of an existing document without changing the original revision 'physically' (still, you can alter existing objects in the subsequent revision).

On the other hand, a signature is always bound to a particular document revision; in other words, it only covers the revision that was actual at the moment when the document was signed. That is, if you sign a document and then update it in the incremental way, the signature remains valid, still it only covers the original revision of the document (so the changes made through the incremental update are not covered).

That is, the results you are getting with the sample are consistent - the signature is indeed valid, however, it covers a previous revision of the document and not the most recent one.

In SecureBlackbox you can retrieve the revision that was is actually covered by the signature by calling the TElPDFSignature.GetSignedVersion() method. You might wish to compare the returned stream to the whole document you are processing to check whether the signed revision is the latest one (the returned revision will be equal to the entire document if it's the latest revision that was signed).

Return to the list


Back to top

As of July 15, 2016 EldoS business operates as a division of /n software, inc. For more information, please read the announcement.

Got it!