Version : 11.2.0-9aa91ee6a2
Platform : Linux
Architecture : Arm
Filename : DigitalSignatureField.cpp
Function : AssertSigDict
Linenumber : 2005
Please give a brief summary of your issue:
Unable to create digital signatures
Please describe your issue and provide steps to reproduce it:
I’m trying to use approval signatures multiples times.
Our use cases includes users adding their handwritten signature as annotations anywhere on the page, the following snippet should take this annotation wrap it with additional content inside a signature widget/field and afterwards sign the field. However the given exceptions is thrown.
I had success with rendering the annotation to a seperate temprory page, in order to get an image of the XFDF annotation. At least this is usable with (widget.createSignatureAppearance) and successfully renders a signature widget with the original annotation, however still the final digital signature is invalid.
Is there any easy way to accomplish the above scenario ?
Exception:
Message: Either digital signature field or dictionary is invalid
Conditional expression: mp_field_dict_obj && mp_field_dict_obj->FindObj(SDF::e_V)
const run = async () => {
let doc = await PDFNet.PDFDoc.createFromBuffer(pdf);
await doc.initSecurityHandler();
const mergeOptions = new PDFNet.PDFDoc.MergeXFDFOptions();
mergeOptions.setForce(true);
for (const annotation of annotations) {
try {
await doc.mergeXFDFString(annotation.payload, mergeOptions);
const result = await this.findAnnotationById(doc, annotation.id);
if (!result) {
this.logger.error(`${annotation.id} not found`);
continue;
}
const { annotation: annot, page, tuid } = result;
const rect = await annot.getRect();
// Extract image from annotation
const appearance = await annot.getAppearance();
if (!appearance) {
this.logger.error(`no appearance found for annotation ${tuid}`);
continue;
}
const sigFieldName = `signature_${tuid}`;
const sigField = await doc.createDigitalSignatureField(sigFieldName);
const widget = await PDFNet.SignatureWidget.createWithDigitalSignatureField(
doc,
rect,
sigField
);
await sigField.setReason("Document signed.");
await sigField.setLocation("Office");
await sigField.setContactInfo("example.com");
await page.annotPushBack(widget);
await page.annotRemove(annot);
// Save and reload
const docbuf = await doc.saveMemoryBuffer(PDFNet.SDFDoc.SaveOptions.e_incremental);
doc = await PDFNet.PDFDoc.createFromBuffer(docbuf);
await doc.initSecurityHandler();
// Find the field again and create digsig field
const foundField = await doc.getField(sigFieldName);
const digSigField = await PDFNet.DigitalSignatureField.createFromField(foundField);
// Create widget from found field and set appearance
const foundWidget = await PDFNet.SignatureWidget.createFromObj(
await foundField.getSDFObj()
);
const img = await PDFNet.Image.createFromMemory2(doc, stamp);
await foundWidget.createSignatureAppearance(img);
// Sign the field
await digSigField.signOnNextSaveFromBuffer(
this.config.SIGNING_PKCS12,
this.config.SIGNING_KEY_PASSWORD
);
// Save incrementally and reload
// this is necessary due to signOnNextSave only works with a single signature per save
const buf = await doc.saveMemoryBuffer(PDFNet.SDFDoc.SaveOptions.e_incremental);
doc = await PDFNet.PDFDoc.createFromBuffer(buf);
await doc.initSecurityHandler();
} catch (error) {
this.logger.error(`Failed to process annotation ${annotation.id}`);
this.logger.error(error);
continue;
}
}
const buffer = await doc.saveMemoryBuffer(PDFNet.SDFDoc.SaveOptions.e_linearized);
return Buffer.from(buffer);
};
const pdfBuffer = await PDFNet.runWithCleanup(run, this.config.APRYSE_SERVER_LICENSE);
return pdfBuffer;
Hello, I’m AiRon, an automated tech support bot While you wait for one of our customer support representatives, I can help you with your question.
It seems like you’re encountering issues with creating digital signatures by merging XFDF annotations and applying digital signatures to them. The exception you mentioned indicates a problem with the digital signature field or dictionary setup. Here are some suggestions to resolve this issue:
Some things you can try:
Ensure that the XFDF annotation string being merged is correctly formatted and that the annotation can be found in the document.
Check that the digital signature field is properly created and associated with the signature widget.
Make sure the appearance is set correctly for the signature widget. The appearance should be a valid image or appearance stream.
Verify that the signing credentials (PKCS12 and password) are correct and accessible from your environment.
Ensure that the document is properly saved and reloaded after each operation, especially after signing the document.
Check for any errors in the console or logs that might provide additional clues about the failure points.
Here are some resources that might help you:
Digital Signatures Guide: This guide explains how to work with digital signatures using Apryse’s APIs.
Could you please provide some more information on your issue so I can better assist you moving forward?
Are you running any additional processing on the document before adding hte signature?
Did you receive this error from the first pass of the loop? If not, exactly which pass did the error throw on?
Would you be able to provide me with a sample of the PDF file you have experienced this issue with?
After providing the above information, I will be able to test this for you further to see if I can either replicate or pinpoint the cause of the exception.
Its a modified version of the nextjs 14 sample. No additional processing on the document was done (I used the demo pdf included in the repo)
The error appears in each iteration. The cert we use here is a self signed for development, im able to use it for the demos given in the apryse docs - so there doesn’t seem to be any problem with it.
Run the app and click on the top right Sign button and observe the error.
I’m pretty sure im doing something wrong with the signing API of the server sdk.
I have two questions here:
how do I correctly create, insert the handwritten signature and sign
is there any robust way to use the xfdf string and use it for the signature widget/field appereance ? right now im directly parsing xml and the annotations will be xfdf strings from the webviewer but im not sure if all will contain imagedata ?
I successfully rendered them on a temporary page, which seems hacky aswell, maybe the server sdk has some direct robust way of accomplishing this ?
Thanks for that information, I am continuing to investigate this at this time and will reach out to you as soon as I have more information available for you.
I’ll be taking over this request from Daniel. I appreciate the well-structured project you provided—it made testing much easier.
After reviewing your code, it looks like after creating the Digital Signature field, you need to set up the dictionary for the field using the createSigDictForCustomSigning function. You can find the documentation for the function here.
In my testing, I was able to get it working using my own certificate with the following call:
Keep in mind that the parameters may need adjustments to fit your specific use case. Let me know if you have any questions or if anything needs further clarification.
unfortunately this doesn’t change anything for me, same error. I tried different sub filters but from what I understand Adobe.PPKLite should work with the pkcs12 container. Keep in mind that I was able to use this same cert with the apryse demos for signing successfully.
I’m not sure on why this is necessary, does this happen on the webviewer usually when signing signature widgets ?
Could you share your working example ?
If it’s really just adding this call to my repro example, are you able to share the cert you used ?
thanks for providing the demo certificate. It seems that createSigDictForCustomCertification does not solve the problem, nor does the provided certificate.
The Error in this thread only resolved because a signing dict has to be created before things like setReason() can be called. This can be accomplished with signOnNextSaveFromBuffer aswell. As I understand it, the custom certification dict is more for HSM flows where another services will actually sign.
So the original Error is gone but no matter which certificate I use the resulting signature is broken. You can verify this in e.g. Acrobat Reader which shows for any signature created with the demo:
Error during signature verification.
Signature contains incorrect, unrecognized, corrupted or suspicious data.
Support Information: SigDict /Contents illegal data
Do you have any insights on whats the issue here ?
For anyone checking this thread and the example. The remaining problem is solved by using e_incremental save and not e_linearized in any save after signing. Any other save options seems to mess up the byterange in the signature dict.
So in summary:
use signOnNextSaveFromBuffer before any call to setReason or similar
use e_incremental saves between any signing
As I understand it createSigDictForCustomCertification is not necessary.
