Adobe Acrobat

2008-10-16 14:01:46

cristiantm

Registered: Sep 11 2008

Posts: 11

Hi!

My name is Cristian, I'm a undergrad researcher from Brazil, and I'm studying digital signatures, and now taking an special look into PDF signatures. I've read a lot of documentation about it, have a good understanding about the "inside" of PDF signature and now I'm working on solutions for some "real world" problems we need to take care here.

Ok, let's go to the main one that we aren't managing to solve, maybe someone can give me some help:

I'm dealing with many documents (and I mean *really* many documents) signed using simple PDF signatures. But in some months or in a year the signer certificates are going to expire. But the signature MUST still be valid after that, they are important documents and should be verifiable for many years from now. Don't blame me for not using time stamps, I was not the one who signed this documents, I'm the one who needs to solve this problem ;)

The solution was pretty obvious: let's time stamp them all now... Time stamp is an unsigned PKCS#7 attribute, I can add it whenever I want. But then I found out another obvious problem: The space where I can put the modified PKCS#7 is fixed, defined by /ByteRange. Adobe and many other signers make a worse case calculation to define the /Contents size, and that means that in signed documents we have some space left for extra info, but in all this documents, it is less space than we need to add a time stamp.

So, the idea is not bad at all, I've validated it making my own signed PDFs with huge /Contents space and have demonstrated that I can add a time stamp later with no prejudice to signature validation. But unfortunately it will not help at all with the real world problem I'm dealing with.

For "judicial" purpose, I can just counter-sign all this document (none is certified, all are just signed) with incremental add of a new signature, and put a time stamp on this signatures. Theoretically, the second time stamp also ensures that the first signature was made on a valid period of time. But Adobe Reader does not see that :(

So, anyone can see a solution for that? What can we do, to keep using adobe reader as a validator? My best shot for now is use the counter-sign idea and implement a separate validator to deal with old signatures validation, using the second time stamp as a proof of existence of the first signature in a safe time.

[color=darkblue][b]Cristian Thiago Moecke[/b]
LabSEC - UFSC - Brazil[/color]

2008-11-03 21:43:39

plevy

Registered: Jul 8 2008

Posts: 80

I don't think there is a solution to this without a design change to PDF (which is being worked on).

2008-11-04 01:01:58

cristiantm

Registered: Sep 11 2008

Posts: 11

I agree that it looks there is no sollution using Adobe as it is. For all I've seen about PDF signatures, there is no workaround.

But what you mean by an PDF design change? How a design change in the standard would help, since my problem is not deal with new documents, but with old (legacy) ones? Or by "design change in PDF" you are talking about a Reader change?

I'm thinking about the following sollution: Add a new "counter-signature", using incremental change, that IS timestamped. And implement a plugin that would consider that a timestamp in a second signature can be trusted to validate time on the first. I'll need to check what RFCs and our law will say about this, but I think it should be ok, since the second counter-signature includes the first signature on its byterange.

The question is: Is that possible? Can I use information about one signature on the validation of the other? By the way, is there any good documentation about developing signature handlers? I've found many info about plugin development, but nothing in it about how to create a signature handler.

[color=darkblue][b]Cristian Thiago Moecke[/b]
LabSEC - UFSC - Brazil[/color]

These forums are now Read Only. If you have an Acrobat question, ask questions and get help from one of our experts.

Add timestamp to old signature - not enough space...