pdfBox - 签名有效性复选标记在Acrobat阅读器中不可见 [英] pdfBox - Signature validity checkmark not visible in Acrobat reader

问题描述

我使用此作为参考向pdf添加视觉签名 - 第8页：

有效性仍显示在签名可视化中在文档中，但用于可视化状态的图形现在由Adobe Acrobat本身生成。仅对于兼容性，使用这些自定义外观继续显示具有其自身有效外观的旧文档。

在Adobe Acrobat版本9中，Adobe最终放弃使用文档内签名有效性可视化，参见 Adob​​e Acrobat 9数字签名，更改和改进第10页：

< img src =https://i.stack.imgur.com/h9ex3.png\"alt =摘录第10页>

因此，自从Acrobat 9 Adob​​e仅在签名面板中显示自己的图标，而不是文档本身，并且需要通过检查签名面板并相应地生成签名来评估业务用户的签名有效性。

仅出于兼容性原因，仍然会继续使用文档区域内的自定义外观显示具有自己的有效外观的旧文档。

关于ISO 32000-1的弃用

官方PDF规范ISO 32000-1日期为7月1日 ^st 2008不指定PDF可以为签名有效性提供可视化的任何方法。请查看 ISO 32000的副本 - 1由Adobe共享，不再提及那些图层 n1 ， n3 和 n4 。实际上根本没有提到这样的层，ISO规范期望通常的单一外观流没有变体。

关于PAdES的弃用

PAdES第6部分（ ETSI TS关于电子签名的可视化表示的102 778-6 V1.1.1 最终需要

符合标识的处理程序不会在页面内容中显示签名验证的结果。

（第6部分 - AdES签名验证的直观表示）

因此，通过将这些图层 n1 ， n3 和 n4 添加到PDF中的签名，强制Adobe Reader作为一个不符合PAdES的签名处理程序，根据您的特定安全环境，它可能是一个显示停止。

......并且根据ISO 32000- 2：2017：禁止

根据更新的PDF规范ISO 32000-2，甚至禁止签名有效性的文档内可视化：

PDF处理器不得将签名的验证状态（例如，传递的复选标记或失败的X）合并到签名字段的外观中。

（ISO 32000-2第12.7.5.5节 - 签名字段）

I am adding a visual signature to a pdf using this as reference - https://stackoverflow.com/a/27940667/7103795

I am able to print the details properly. But the pdf does not display a green tick when opened in Acrobat though it is written "Signed and all signatures are valid." in the signature panel.

This is an example of what I need:

How can I ensure that the validity sign show up?

I am using pdfBox version 2.0.1

解决方案

In-document visualisations of the signature validity have been deprecated nearly a decade ago. Adobe Reader supports them for backward compatibility reasons only but they have never been part of the iso pdf specification.

The OP in a comment asked for documentation on this; this answer focuses on that.

---

Deprecation in respect to Adobe Acrobat

In Adobe Acrobat version 6 Adobe moved away from creating PDFs with in-document signature validity visualizations provided by the PDF itself, cf. Digital Signature Appearances page 8:

The validity was still shown in the signature visualization in the document but the graphics for visualizing the state were now generated by Adobe Acrobat itself. Only for compatibility old documents with their own validity appearances continued to be displayed using those custom appearances.

In Adobe Acrobat version 9 Adobe eventually moved away from using in-document signature validity visualizations, cf. Adobe Acrobat 9 Digital Signatures, Changes and Improvements page 10:

Thus, since Acrobat 9 Adobe displays its own icons only in the signature panel, not the document itself, and requires evaluation of signature validity by business users by inspecting the signature panel and generates signatures accordingly.

Only for compatibility reasons old documents with their own validity appearances still continued to be displayed using those custom appearances inside the document area.

Deprecation in respect to ISO 32000-1

The official PDF specification ISO 32000-1 dated July 1^st 2008 does not specify any means by which a PDF can provide visualizations for signature validities. Have a look at the copy of ISO 32000-1 shared by Adobe, there is no mentioning of those "layers" n1, n3, and n4 anymore. Actually no such layers are mentioned at all, the ISO norm expects a usual single appearance stream without variants.

Deprecation in respect to PAdES

PAdES part 6 (ETSI TS 102 778-6 V1.1.1 on the "Visual Representations of Electronic Signatures") eventually requires

A conforming signature handler shall not display the result of the signature validation inside the page content.

(section 6 - The visual representation of AdES signature verification)

Thus, by adding those "layers" n1, n3, and n4 to a signature in a PDF, you force Adobe Reader to act as a not PAdES-conforming signature handler which might be a show stopper depending on your specific security environment.

... and according to ISO 32000-2:2017: Forbiddance

According to the updated PDF specification ISO 32000-2, in-document visualisations of the signature validity even are forbidden:

A PDF processor shall not incorporate the validation status of a signature (e.g. a checkmark for passed or an X for failed) into the appearance of the signature field.

(ISO 32000-2 section 12.7.5.5 — Signature fields)

这篇关于pdfBox - 签名有效性复选标记在Acrobat阅读器中不可见的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！