PDF document is modified by another revision?

StackOverflow https://stackoverflow.com/questions/19903884

Question

I use PDFbox in order to sign PDF. It works very well. I can add several signature to one document, and everything works well.

Now, someone sign me a document(she sign by another software), this signature was working too. but when I add another revision (by pdfbox) to his document now Adobe reader tells me that PDF was modified.

  1. that is original document: this

  2. this is signed document which was done by another software: link

  3. when I add another revision to the signed pdf, I get this document, which have problems: link

  4. If I add another revision to the PDF that was signed by my software, there is no problem link

Was it helpful?

Solution

In Short:

Your code applies unnecessary changes to existing PDF objects.

Some changes merely are structural, not changing the actual content. Acrobat Reader might or might not ignore those structural changes. But in the process you introduce rounding errors, and they definitively constitute a change.

The structural changes probably are caused by the quirk of PDFBox to force its preference of which kinds of objects should be direct or indirect onto existing objects it touches.

And the rounding errors while in practice hardly relevant are definitively a no-go when security features are concerned.

When you sign a document twice with PDFBox, the initial signing process already forces PDFBox' preferences into the document and, thus, the second signing process does not destroy anything by again forcing the same preferences into its result.

The Details:

The original from original-signed - old.pdf:

3 0 obj
<<
  /DefaultGray 11 0 R
  /Type/Catalog
  /DefaultRGB 12 0 R
  /AcroForm
  <<
    /Fields[15 0 R]
    /DR<</Font<</Helv 16 0 R/ZaDb 17 0 R>>>>
    /DA(/Helv 0 Tf 0 g )
    /SigFlags 3
  >>
  /Pages 5 0 R>>
endobj 
11 0 obj
[
  /CalGray
  <<
    /WhitePoint [0.9505 1 1.0891 ]
    /Gamma 0.2468
  >>
]
endobj
12 0 obj
[
  /CalRGB
  <<
    /WhitePoint [0.9505 1 1.0891 ]
    /Gamma [0.2468 0.2468 0.2468 ]
    /Matrix [0.4361 0.2225 0.0139 0.3851 0.7169 0.0971 0.1431 0.0606 0.7141 ]
  >>
]
endobj

Your re-signed original-signed-signed -old new.pdf

3 0 obj
<<
  /DefaultGray [/CalGray 18 0 R]
  /Type /Catalog
  /DefaultRGB [/CalRGB 19 0 R]
  /AcroForm
  <<
    /Fields [15 0 R 20 0 R]
    /DA (/Helv 0 Tf 0 g )
    /SigFlags 3
  >>
  /Pages 5 0 R
>>
endobj
18 0 obj
<<
  /WhitePoint [0.9505000114 1 1.0891000032]
  /Gamma 0.2468000054
>>
endobj
19 0 obj
<<
  /WhitePoint [0.9505000114 1 1.0891000032]
  /Gamma [0.2468000054 0.2468000054 0.2468000054]
  /Matrix [0.4361000061 0.2224999964 0.0138999997 0.3851000071 0.716899991 0.0970999971 0.1430999935 0.0606000014 0.7141000032]
>>
endobj

So in essence your code changed indirect arrays (objects 11 and 12) of direct dictionaries into direct arrays (in your new object 3) of indirect dictionaries (your new objects 18 and 19). This is unnecessary and, therefore, there is no need for Adobe Reader to accept it. But it probably would accept this (I don't know, one has to check) if the replacements were identical.

But they indeed are not identical! Your code introduces rounding errors in these color definitions. And, therefore, it changes the content.

Additionally your code also introduces structural changes to 

4 0 obj
<<
  /Parent 5 0 R
  /Contents 9 0 R
  /Type/Page
  /Resources<</ProcSet 2 0 R/Font<</F0 6 0 R/F1 7 0 R>>>>
  /MediaBox[0 0 612 792]
  /Annots[15 0 R]
>>
endobj
2 0 obj
[ /PDF /Text  ]
endobj

which you change to

4 0 obj
<<
  /Parent 5 0 R
  /Contents 9 0 R
  /Type /Page
  /Resources<</ProcSet [/PDF /Text] /Font 23 0 R >>
  /MediaBox [0 0 612 792]
  /Annots [15 0 R 20 0 R]
>>
endobj 
23 0 obj
<<
  /F0 6 0 R
  /F1 7 0 R
>>
endobj

Here you change an indirect array of names into a direct one and a direct dictionary into an indirect one.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top